ExamGecko
Search Search Login
Home Home / Isaca / CISA

Isaca CISA Practice Test - Questions Answers, Page 88

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Which of the following poses the GREATEST risk to the use of active RFID tags?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
The FIRST step in an incident response plan is to:
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?
An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?

Question 871

Report
Export
Collapse

Which of the following is MOST important when creating a forensic image of a hard drive?

A.
Requiring an independent third party be present while imaging
A.
Requiring an independent third party be present while imaging
Answers
B.
Securing a backup copy of the hard drive
B.
Securing a backup copy of the hard drive
Answers
C.
Generating a content hash of the hard drive
C.
Generating a content hash of the hard drive
Answers
D.
Choosing an industry-leading forensics software tool
D.
Choosing an industry-leading forensics software tool
Answers
Suggested answer: C

Question 872

Report
Export
Collapse

Which of the following is the MOST efficient control to reduce the risk associated with a systems administrator having network administrator responsibilities?

A.
The administrator must obtain temporary access to make critical changes.
A.
The administrator must obtain temporary access to make critical changes.
Answers
B.
The administrator will need to request additional approval for critical changes.
B.
The administrator will need to request additional approval for critical changes.
Answers
C.
The administrator must sign a due diligence agreement.
C.
The administrator must sign a due diligence agreement.
Answers
D.
The administrator will be subject to unannounced audits.
D.
The administrator will be subject to unannounced audits.
Answers
Suggested answer: B

Question 873

Report
Export
Collapse

A web application is developed in-house by an organization. Which of the following would provide the BEST evidence to an IS auditor that the application is secure from external attack?

A.
Web application firewall (WAF) implementation
A.
Web application firewall (WAF) implementation
Answers
B.
Penetration test results
B.
Penetration test results
Answers
C.
Code review by a third party
C.
Code review by a third party
Answers
D.
Database application monitoring logs
D.
Database application monitoring logs
Answers
Suggested answer: B

Question 874

Report
Export
Collapse

Which of the following is the GREATEST benefit of adopting an Agile audit methodology?

A.
Better ability to address key risks
A.
Better ability to address key risks
Answers
B.
Less frequent client interaction
B.
Less frequent client interaction
Answers
C.
Annual cost savings
C.
Annual cost savings
Answers
D.
Reduced documentation requirements
D.
Reduced documentation requirements
Answers
Suggested answer: A

Question 875

Report
Export
Collapse

The PRIMARY objective of a follow-up audit is to:

A.
assess the appropriateness of recommendations.
A.
assess the appropriateness of recommendations.
Answers
B.
verify compliance with policies.
B.
verify compliance with policies.
Answers
C.
evaluate whether the risk profile has changed.
C.
evaluate whether the risk profile has changed.
Answers
D.
determine adequacy of actions taken on recommendations.
D.
determine adequacy of actions taken on recommendations.
Answers
Suggested answer: D

Question 876

Report
Export
Collapse

An IS auditor can BEST evaluate the business impact of system failures by:

A.
assessing user satisfaction levels.
A.
assessing user satisfaction levels.
Answers
B.
interviewing the security administrator.
B.
interviewing the security administrator.
Answers
C.
analyzing equipment maintenance logs.
C.
analyzing equipment maintenance logs.
Answers
D.
reviewing system-generated logs.
D.
reviewing system-generated logs.
Answers
Suggested answer: A

Question 877

Report
Export
Collapse

Which of the following is a threat to IS auditor independence?

A.
Internal auditors share the audit plan and control test plans with management prior to audit commencement.
A.
Internal auditors share the audit plan and control test plans with management prior to audit commencement.
Answers
B.
Internal auditors design remediation plans to address control gaps identified by internal audit.
B.
Internal auditors design remediation plans to address control gaps identified by internal audit.
Answers
C.
Internal auditors attend IT steering committee meetings.
C.
Internal auditors attend IT steering committee meetings.
Answers
D.
Internal auditors recommend appropriate controls for systems in development.
D.
Internal auditors recommend appropriate controls for systems in development.
Answers
Suggested answer: B

Question 878

Report
Export
Collapse

Which of the following findings related to segregation of duties should be of GREATEST concern to an IS auditor?

A.
The person who tests source code also approves changes.
A.
The person who tests source code also approves changes.
Answers
B.
The person who administers servers is also part of the infrastructure management team.
B.
The person who administers servers is also part of the infrastructure management team.
Answers
C.
The person who creates new user accounts also modifies user access levels.
C.
The person who creates new user accounts also modifies user access levels.
Answers
D.
The person who edits source code also has write access to production.
D.
The person who edits source code also has write access to production.
Answers
Suggested answer: D

Question 879

Report
Export
Collapse

When reviewing hard disk utilization reports, an IS auditor observes that utilization is routinely above 95%. Which of the following should be the GREATEST concern to the IS auditor?

A.
Availability
A.
Availability
Answers
B.
Consistency
B.
Consistency
Answers
C.
Denial of service (DoS) attacks
C.
Denial of service (DoS) attacks
Answers
D.
Data security
D.
Data security
Answers
Suggested answer: A

Question 880

Report
Export
Collapse

Which of the following would be of GREATEST concern to an IS auditor reviewing an IT-related customer service project?

A.
The project risk exceeds the organization's risk appetite.
A.
The project risk exceeds the organization's risk appetite.
Answers
B.
Executing the project will require additional investments.
B.
Executing the project will require additional investments.
Answers
C.
Expected business value is expressed in qualitative terms.
C.
Expected business value is expressed in qualitative terms.
Answers
D.
The organization will be the first to offer the proposed services.
D.
The organization will be the first to offer the proposed services.
Answers
Suggested answer: A
Total 1.198 questions
Go to page: of 120
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms