ExamGecko
Search Search Login
Home Home / Isaca / CISA

Isaca CISA Practice Test - Questions Answers, Page 96

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Which of the following poses the GREATEST risk to the use of active RFID tags?
The FIRST step in an incident response plan is to:
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?
Which of the following findings from a database security audit presents the GREATEST risk of critical security exposures?

Question 951

Report
Export
Collapse

Which of the following is the MOST important consideration when establishing operational log management?

A.
Types of data
A.
Types of data
Answers
B.
Log processing efficiency
B.
Log processing efficiency
Answers
C.
IT organizational structure
C.
IT organizational structure
Answers
D.
Log retention period
D.
Log retention period
Answers
Suggested answer: D

Question 952

Report
Export
Collapse

An IS auditor is reviewing a machine learning model that predicts the likelihood that a user will watch a certain movie. Which of the following would be of GREATEST concern to the auditor?

A.
When the model was tested with data drawn from a different population, the accuracy decreased.
A.
When the model was tested with data drawn from a different population, the accuracy decreased.
Answers
B.
The data set for training the model was obtained from an unreliable source.
B.
The data set for training the model was obtained from an unreliable source.
Answers
C.
An open-source programming language was used to develop the model.
C.
An open-source programming language was used to develop the model.
Answers
D.
The model was tested with data drawn from the same population as the training data.
D.
The model was tested with data drawn from the same population as the training data.
Answers
Suggested answer: B

Question 953

Report
Export
Collapse

Which of the following poses the GREATEST risk to the use of active RFID tags?

A.
Session hijacking
A.
Session hijacking
Answers
B.
Eavesdropping
B.
Eavesdropping
Answers
C.
Piggybacking
C.
Piggybacking
Answers
D.
Phishing attacks
D.
Phishing attacks
Answers
Suggested answer: B

Question 954

Report
Export
Collapse

Which of the following should be of MOST concern to an IS auditor reviewing an organization's operational log management?

A.
Log file size has grown year over year.
A.
Log file size has grown year over year.
Answers
B.
Critical events are being logged to immutable log files.
B.
Critical events are being logged to immutable log files.
Answers
C.
Applications are logging events into multiple log files.
C.
Applications are logging events into multiple log files.
Answers
D.
Data formats have not been standardized across all logs.
D.
Data formats have not been standardized across all logs.
Answers
Suggested answer: D

Question 955

Report
Export
Collapse

An IS auditor is reviewing a medical device that is attached to a patient's body, which automatically takes and uploads measurements to a cloud server. Treatment may be updated based on the measurements. Which of the following should be the auditor's PRIMARY focus?

A.
Physical access controls on the device
A.
Physical access controls on the device
Answers
B.
Security and quality certification of the device
B.
Security and quality certification of the device
Answers
C.
Device identification and authentication
C.
Device identification and authentication
Answers
D.
Confirmation that the device is regularly updated
D.
Confirmation that the device is regularly updated
Answers
Suggested answer: B

Question 956

Report
Export
Collapse

An organization offers an e-commerce platform that allows consumer-to-consumer transactions. The platform now uses blockchain technology to ensure the parties are unable to deny the transactions. Which of the following attributes BEST describes the risk element that this technology is addressing?

A.
Integrity
A.
Integrity
Answers
B.
Nonrepudiation
B.
Nonrepudiation
Answers
C.
Confidentiality
C.
Confidentiality
Answers
D.
Availability
D.
Availability
Answers
Suggested answer: B

Question 957

Report
Export
Collapse

Which of the following should be an IS auditor's PRIMARY focus when auditing the implementation of a new IT operations performance monitoring system?

A.
Reviewing whether all changes have been implemented
A.
Reviewing whether all changes have been implemented
Answers
B.
Validating whether baselines have been established
B.
Validating whether baselines have been established
Answers
C.
Confirming whether multi-factor authentication (MFA) is deployed as part of the operational enhancements
C.
Confirming whether multi-factor authentication (MFA) is deployed as part of the operational enhancements
Answers
D.
Determining whether there is a process for annual review of the maintenance manual
D.
Determining whether there is a process for annual review of the maintenance manual
Answers
Suggested answer: B

Question 958

Report
Export
Collapse

A startup organization wants to develop a data loss prevention (DLP) program. The FIRST step should be to implement:

A.
Security awareness training
A.
Security awareness training
Answers
B.
Data encryption
B.
Data encryption
Answers
C.
Data classification
C.
Data classification
Answers
D.
Access controls
D.
Access controls
Answers
Suggested answer: C

Question 959

Report
Export
Collapse

Which of the following controls is the BEST recommendation to prevent the skimming of debit or credit card data in point of sale (POS) systems?

A.
Encryption
A.
Encryption
Answers
B.
Chip and PIN
B.
Chip and PIN
Answers
C.
Hashing
C.
Hashing
Answers
D.
Biometric authentication
D.
Biometric authentication
Answers
Suggested answer: B

Question 960

Report
Export
Collapse

Which of the following is the PRIMARY benefit of monitoring IT operational logs?

A.
Detecting processing errors in a timely manner
A.
Detecting processing errors in a timely manner
Answers
B.
Identifying configuration flaws in operating systems
B.
Identifying configuration flaws in operating systems
Answers
C.
Managing the usability and capacity of IT resources
C.
Managing the usability and capacity of IT resources
Answers
D.
Generating exception reports to assess security compliance
D.
Generating exception reports to assess security compliance
Answers
Suggested answer: A
Total 1.198 questions
Go to page: of 120
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms