ExamGecko
Search Search Login
Home Home / Isaca / CISA

Isaca CISA Practice Test - Questions Answers, Page 86

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Which of the following poses the GREATEST risk to the use of active RFID tags?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
The FIRST step in an incident response plan is to:
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?
Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?

Question 851

Report
Export
Collapse

The process of applying a hash function to a message and obtaining and ciphering a digest refers to:

A.
digital certificates.
A.
digital certificates.
Answers
B.
digital signatures.
B.
digital signatures.
Answers
C.
public key infrastructure (PKI).
C.
public key infrastructure (PKI).
Answers
D.
authentication.
D.
authentication.
Answers
Suggested answer: B

Question 852

Report
Export
Collapse

An IS auditor observes that a business-critical application does not currently have any level of fault tolerance. Which of the following is the GREATEST concern with this situation?

A.
Decreased mean time between failures (MTBF)
A.
Decreased mean time between failures (MTBF)
Answers
B.
Degradation of services
B.
Degradation of services
Answers
C.
Limited tolerance for damage
C.
Limited tolerance for damage
Answers
D.
Single point of failure
D.
Single point of failure
Answers
Suggested answer: D

Question 853

Report
Export
Collapse

An IS auditor is performing a follow-up audit for findings identified in an organization's user provisioning process. Which of the following is the MOST appropriate population to sample from when testing for remediation?

A.
All users provisioned after the final audit report was issued
A.
All users provisioned after the final audit report was issued
Answers
B.
All users who have followed user provisioning processes provided by management
B.
All users who have followed user provisioning processes provided by management
Answers
C.
All users provisioned after management resolved the audit issue
C.
All users provisioned after management resolved the audit issue
Answers
D.
All users provisioned after the finding was originally identified
D.
All users provisioned after the finding was originally identified
Answers
Suggested answer: C

Question 854

Report
Export
Collapse

An organization has both an IT strategy committee and an IT steering committee. When reviewing the minutes of the IT steering committee, an IS auditor would expect to find that the committee:

A.
assessed the contribution of IT to the business.
A.
assessed the contribution of IT to the business.
Answers
B.
acquired and assigned appropriate resources for projects.
B.
acquired and assigned appropriate resources for projects.
Answers
C.
compared the risk and return of IT investments.
C.
compared the risk and return of IT investments.
Answers
D.
reviewed the achievement of the strategic IT objective.
D.
reviewed the achievement of the strategic IT objective.
Answers
Suggested answer: B

Question 855

Report
Export
Collapse

An IS audit team is evaluating documentation of the most recent application user access review. It is determined that the user list was not system generated. Which of the following should be of

MOST concern?

A.
Confidentiality of the user list
A.
Confidentiality of the user list
Answers
B.
Timeliness of the user list review
B.
Timeliness of the user list review
Answers
C.
Completeness of the user list
C.
Completeness of the user list
Answers
D.
Availability of the user list
D.
Availability of the user list
Answers
Suggested answer: C

Question 856

Report
Export
Collapse

An incident response team has been notified of a virus outbreak in a network subnet. Which of the following should be the NEXT step?

A.
Focus on limiting the damage.
A.
Focus on limiting the damage.
Answers
B.
Remove and restore the affected systems.
B.
Remove and restore the affected systems.
Answers
C.
Verify that the compromised systems are fully functional.
C.
Verify that the compromised systems are fully functional.
Answers
D.
Document the incident.
D.
Document the incident.
Answers
Suggested answer: A

Question 857

Report
Export
Collapse

Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's job scheduling practices?

A.
Most jobs are run manually.
A.
Most jobs are run manually.
Answers
B.
Jobs are executed during working hours.
B.
Jobs are executed during working hours.
Answers
C.
Job dependencies are undefined.
C.
Job dependencies are undefined.
Answers
D.
Job processing procedures are missing.
D.
Job processing procedures are missing.
Answers
Suggested answer: C

Question 858

Report
Export
Collapse

Which of the following is the GREATEST impact as a result of the ongoing deterioration of a detective control?

A.
Decreased effectiveness of root cause analysis
A.
Decreased effectiveness of root cause analysis
Answers
B.
Decreased overall recovery time
B.
Decreased overall recovery time
Answers
C.
Increased number of false negatives in security logs
C.
Increased number of false negatives in security logs
Answers
D.
Increased demand for storage space for logs
D.
Increased demand for storage space for logs
Answers
Suggested answer: C

Question 859

Report
Export
Collapse

Which of the following is the BEST way to ensure a vendor complies with system security requirements?

A.
Require security training for vendor staff.
A.
Require security training for vendor staff.
Answers
B.
Review past incidents reported by the vendor.
B.
Review past incidents reported by the vendor.
Answers
C.
Review past audits on the vendor's security compliance.
C.
Review past audits on the vendor's security compliance.
Answers
D.
Require a compliance clause in the vendor contract.
D.
Require a compliance clause in the vendor contract.
Answers
Suggested answer: D

Question 860

Report
Export
Collapse

What is the PRIMARY reason to adopt a risk-based IS audit strategy?

A.
To achieve synergy between audit and other risk management functions
A.
To achieve synergy between audit and other risk management functions
Answers
B.
To prioritize available resources and focus on areas with significant risk
B.
To prioritize available resources and focus on areas with significant risk
Answers
C.
To reduce the time and effort needed to perform a full audit cycle
C.
To reduce the time and effort needed to perform a full audit cycle
Answers
D.
To identify key threats, risks, and controls for the organization
D.
To identify key threats, risks, and controls for the organization
Answers
Suggested answer: B
Total 1.198 questions
Go to page: of 120
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms