ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part3

IIA IIA-CIA-Part3 Practice Test - Questions Answers, Page 15

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When executive compensation is based on the organization's financial results, which of the following situations is most likely to arise?
Which of the following contract concepts is typically given in exchange for the execution of a promise?
An internal auditor is reviewing key phases of a software development project. Which of the following would; the auditor most likely use to measure the project team's performance related to how project tasks are completed?
Which of the following statements is true regarding a project life cycle?
An internal auditor observed that the organization's disaster recovery solution will make use of a cold site in a town several miles away. Which of the following is likely to be a characteristic of this disaster recover/ solution?
An organization is considering outsourcing its IT services, and the internal auditor as assessing the related risks. The auditor grouped the related risks into three categories; - Risks specific to the organization itself. - Risks specific to the service provider. - Risks shared by both the organization and the service provider Which of the following risks should the auditor classify as specific to the service provider?
A newly appointed board member received an email that appeared to be from the company's CEO. The email stated: "Good morning. As you remember, the closure of projects is our top priority. Kindly organize prompt payment of the attached invoice for our new solar energy partners." The board member quickly replied to the email and asked under which project the expense should be accounted. Only then did he realize that the sender 's mail domain was different from the company's. Which of the following cybersecurity risks nearly occurred in the situation described?
An employee was promoted within the organization and relocated to a new office in a different building. A few months later, security personnel discovered that the employee's smart card was being used to access the building where she previously worked. Which of the following security controls could prevent such an incident from occurring?
Which of the following best describes the use of predictive analytics?
Which of the following characteristics applies to an organization that adopts a flat structure?

Question 141

Report
Export
Collapse

Which of the following should be included in a data privacy poky?

A.
Stipulations for deleting certain data after a specified period of time.
A.
Stipulations for deleting certain data after a specified period of time.
Answers
B.
Guidance on acceptable methods for collecting personal data.
B.
Guidance on acceptable methods for collecting personal data.
Answers
C.
A requirement to retain personal data indefinitely to ensure a complete audit trail, 4. A description of what constitutes appropriate use of personal data.
C.
A requirement to retain personal data indefinitely to ensure a complete audit trail, 4. A description of what constitutes appropriate use of personal data.
Answers
D.
1 and 2 only
D.
1 and 2 only
Answers
E.
2 and 3 only
E.
2 and 3 only
Answers
F.
1, 2 and 4 only
F.
1, 2 and 4 only
Answers
G.
2, 3, and 4 only
G.
2, 3, and 4 only
Answers
Suggested answer: C

Question 142

Report
Export
Collapse

The head of the research arid development department at a manufacturing organization believes that his team lacks expertise in some areas, and he decides to hire more experienced researchers to assist in the development of a new product. Which of the following variances are likely to occur as the result of this decision?

A.
Favorable labor efficiency variance.
A.
Favorable labor efficiency variance.
Answers
B.
Adverse labor rate variance.
B.
Adverse labor rate variance.
Answers
C.
Adverse labor efficiency variance.
C.
Adverse labor efficiency variance.
Answers
D.
Favorable labor rate variance.
D.
Favorable labor rate variance.
Answers
E.
1 and 2
E.
1 and 2
Answers
F.
1 and 4
F.
1 and 4
Answers
G.
3 and A
G.
3 and A
Answers
H.
2 and 3
H.
2 and 3
Answers
Suggested answer: A

Question 143

Report
Export
Collapse

Which of the following IT-related activities is most commonly performed by the second line of defense?

A.
Block unauthorized traffic.
A.
Block unauthorized traffic.
Answers
B.
Encrypt data.
B.
Encrypt data.
Answers
C.
Review disaster recovery test results.
C.
Review disaster recovery test results.
Answers
D.
Provide independent assessment of IT security.
D.
Provide independent assessment of IT security.
Answers
Suggested answer: C

Question 144

Report
Export
Collapse

With regard to project management, which of the following statements about project crashing Is true?

A.
It leads to an increase in risk and often results in rework.
A.
It leads to an increase in risk and often results in rework.
Answers
B.
It is an optimization technique where activities are performed in parallel rather than sequentially.
B.
It is an optimization technique where activities are performed in parallel rather than sequentially.
Answers
C.
It involves a revaluation of project requirements and/or scope.
C.
It involves a revaluation of project requirements and/or scope.
Answers
D.
It is a compression technique in which resources are added so the project.
D.
It is a compression technique in which resources are added so the project.
Answers
Suggested answer: D

Question 145

Report
Export
Collapse

An organization uses the management-by-objectives method whereby employee performance is based on defined goals. Which of the following statements is true regarding this approach?

A.
It is particularly helpful to management when the organization is facing rapid change.
A.
It is particularly helpful to management when the organization is facing rapid change.
Answers
B.
It is a more successful approach when adopted by mechanistic organizations.
B.
It is a more successful approach when adopted by mechanistic organizations.
Answers
C.
It is mere successful when goal setting is performed not only by management, but by all team members, including lower-level staff.
C.
It is mere successful when goal setting is performed not only by management, but by all team members, including lower-level staff.
Answers
D.
It is particularly successful in environments that are prone to having poor employer-employee relations.
D.
It is particularly successful in environments that are prone to having poor employer-employee relations.
Answers
Suggested answer: C

Question 146

Report
Export
Collapse

According to IIA guidance, which of the following would be the best first stop to manage risk when a third party is overseeing the organization's network and data?

A.
Creating a comprehensive reporting system for vendors to demonstrate their ongoing due diligence in network operations.
A.
Creating a comprehensive reporting system for vendors to demonstrate their ongoing due diligence in network operations.
Answers
B.
Drafting a strong contract that requires regular vendor control reports end a right-to-audit clause.
B.
Drafting a strong contract that requires regular vendor control reports end a right-to-audit clause.
Answers
C.
Applying administrative privileges to ensure right to access controls are appropriate.
C.
Applying administrative privileges to ensure right to access controls are appropriate.
Answers
D.
Creating a standing cyber-security committee to identify and manage risks related to data security
D.
Creating a standing cyber-security committee to identify and manage risks related to data security
Answers
Suggested answer: B

Question 147

Report
Export
Collapse

A new manager received computations of the internal fate of return regarding the project proposal.

What should the manager compare the computation results to in order to determine whether the project is potentially acceptable?

A.
Compare to the annual cost of capital
A.
Compare to the annual cost of capital
Answers
B.
Compare to the annual interest data.
B.
Compare to the annual interest data.
Answers
C.
Compare to the required rate of return.
C.
Compare to the required rate of return.
Answers
D.
Compare to the net present value.
D.
Compare to the net present value.
Answers
Suggested answer: A

Question 148

Report
Export
Collapse

Which of the following risks would Involve individuals attacking an oil company's IT system as a sign of solidarity against drilling in a local area?

A.
Tampering
A.
Tampering
Answers
B.
Hacking
B.
Hacking
Answers
C.
Phishing
C.
Phishing
Answers
D.
Piracy
D.
Piracy
Answers
Suggested answer: B

Question 149

Report
Export
Collapse

An organization has 10,000 units of a defect item in stock, per unit, market price is $10$; production cost is $4; and defect selling price is $5. What is the carrying amount (inventory value) of defects at your end?

A.
$0
A.
$0
Answers
B.
$4,000
B.
$4,000
Answers
C.
$5,000
C.
$5,000
Answers
D.
$10,000
D.
$10,000
Answers
Suggested answer: C

Question 150

Report
Export
Collapse

According to IIA guidance on IT, which of the following best describes a situation where data backup plans exist to ensure that critical data can be restored at some point in the future, but recovery and restore processes have not been defined?

A.
Hot recovery plan
A.
Hot recovery plan
Answers
B.
Warm recovery plan
B.
Warm recovery plan
Answers
C.
Cold recovery plan
C.
Cold recovery plan
Answers
D.
Absence of recovery plan
D.
Absence of recovery plan
Answers
Suggested answer: D
Total 340 questions
Go to page: of 34
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms