ExamGecko
Search Search Login
Home Home / Isaca / CISA

Isaca CISA Practice Test - Questions Answers, Page 87

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Which of the following poses the GREATEST risk to the use of active RFID tags?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
The FIRST step in an incident response plan is to:
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?
Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?

Question 861

Report
Export
Collapse

Management receives information indicating a high level of risk associated with potential flooding near the organization's data center within the next few years. As a result, a decision has been made to move data center operations to another facility on higher ground. Which approach has been adopted?

A.
Risk acceptance
A.
Risk acceptance
Answers
B.
Risk transfer
B.
Risk transfer
Answers
C.
Risk reduction
C.
Risk reduction
Answers
D.
Risk avoidance
D.
Risk avoidance
Answers
Suggested answer: D

Question 862

Report
Export
Collapse

Which of the following constitutes an effective detective control in a distributed processing environment?

A.
A log of privileged account use is reviewed.
A.
A log of privileged account use is reviewed.
Answers
B.
A disaster recovery plan (DRP)4% in place for the entire system.
B.
A disaster recovery plan (DRP)4% in place for the entire system.
Answers
C.
User IDs are suspended after three incorrect passwords have been entered.
C.
User IDs are suspended after three incorrect passwords have been entered.
Answers
D.
Users are required to request additional access via an electronic mail system.
D.
Users are required to request additional access via an electronic mail system.
Answers
Suggested answer: A

Question 863

Report
Export
Collapse

Which of the following is the BEST disposal method for flash drives that previously stored confidential data?

A.
Destruction
A.
Destruction
Answers
B.
Degaussing
B.
Degaussing
Answers
C.
Cryptographic erasure
C.
Cryptographic erasure
Answers
D.
Overwriting
D.
Overwriting
Answers
Suggested answer: A

Question 864

Report
Export
Collapse

During a follow-up engagement, an IS auditor confirms evidence of a problem that was not an issue in the original audit. Which of the following is the auditor's BEST course of action?

A.
Include the evidence as part of a future audit.
A.
Include the evidence as part of a future audit.
Answers
B.
Report only on the areas within the scope of the follow-up.
B.
Report only on the areas within the scope of the follow-up.
Answers
C.
Report the risk to management in the follow-up report.
C.
Report the risk to management in the follow-up report.
Answers
D.
Expand the follow-up scope to include examining the evidence.
D.
Expand the follow-up scope to include examining the evidence.
Answers
Suggested answer: C

Question 865

Report
Export
Collapse

What should be the PRIMARY focus during a review of a business process improvement project?

A.
Business project plan
A.
Business project plan
Answers
B.
Continuous monitoring plans
B.
Continuous monitoring plans
Answers
C.
The cost of new controls
C.
The cost of new controls
Answers
D.
Business impact
D.
Business impact
Answers
Suggested answer: D

Question 866

Report
Export
Collapse

Which of the following is MOST important to the effectiveness of smoke detectors installed in a data processing facility?

A.
Detectors trigger audible alarms when activated.
A.
Detectors trigger audible alarms when activated.
Answers
B.
Detectors have the correct industry certification.
B.
Detectors have the correct industry certification.
Answers
C.
Detectors are linked to dry pipe fire suppression systems.
C.
Detectors are linked to dry pipe fire suppression systems.
Answers
D.
Detectors are linked to wet pipe fire suppression systems.
D.
Detectors are linked to wet pipe fire suppression systems.
Answers
Suggested answer: A

Question 867

Report
Export
Collapse

Which of the following BEST indicates a need to review an organization's information security policy?

A.
High number of low-risk findings in the audit report
A.
High number of low-risk findings in the audit report
Answers
B.
Increasing exceptions approved by management
B.
Increasing exceptions approved by management
Answers
C.
Increasing complexity of business transactions
C.
Increasing complexity of business transactions
Answers
D.
Completion of annual IT risk assessment
D.
Completion of annual IT risk assessment
Answers
Suggested answer: B

Question 868

Report
Export
Collapse

An IS auditor is evaluating the log management system for an organization with devices and systems in multiple geographic locations. Which of the following is MOST important for the auditor to verify?

A.
Log files are reviewed in multiple locations.
A.
Log files are reviewed in multiple locations.
Answers
B.
Log files are concurrently updated.
B.
Log files are concurrently updated.
Answers
C.
Log files are encrypted and digitally signed.
C.
Log files are encrypted and digitally signed.
Answers
D.
Log files of the servers are synchronized.
D.
Log files of the servers are synchronized.
Answers
Suggested answer: C

Question 869

Report
Export
Collapse

An organization is ready to implement a new IT solution consisting of multiple modules. The last module updates the processed data into the database. Which of the following findings should be of MOST concern to the IS auditor?

A.
Absence of a formal change approval process
A.
Absence of a formal change approval process
Answers
B.
Lack of input validation
B.
Lack of input validation
Answers
C.
Use of weak encryption
C.
Use of weak encryption
Answers
D.
Lack of a data dictionary
D.
Lack of a data dictionary
Answers
Suggested answer: B

Question 870

Report
Export
Collapse

Which of the following observations regarding change management should be considered the MOST serious risk by an IS auditor?

A.
There is no software used to track change management.
A.
There is no software used to track change management.
Answers
B.
The change is not approved by the business owners.
B.
The change is not approved by the business owners.
Answers
C.
The change is deployed two weeks after approval.
C.
The change is deployed two weeks after approval.
Answers
D.
The development of the change is not cost-effective.
D.
The development of the change is not cost-effective.
Answers
Suggested answer: B
Total 1.198 questions
Go to page: of 120
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms