ExamGecko
Search Search Login
Home Home / IIA / IIA-CIA-Part3

IIA IIA-CIA-Part3 Practice Test - Questions Answers, Page 31

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

When executive compensation is based on the organization's financial results, which of the following situations is most likely to arise?
Which of the following contract concepts is typically given in exchange for the execution of a promise?
An internal auditor is reviewing key phases of a software development project. Which of the following would; the auditor most likely use to measure the project team's performance related to how project tasks are completed?
Which of the following statements is true regarding a project life cycle?
An internal auditor observed that the organization's disaster recovery solution will make use of a cold site in a town several miles away. Which of the following is likely to be a characteristic of this disaster recover/ solution?
An organization is considering outsourcing its IT services, and the internal auditor as assessing the related risks. The auditor grouped the related risks into three categories; - Risks specific to the organization itself. - Risks specific to the service provider. - Risks shared by both the organization and the service provider Which of the following risks should the auditor classify as specific to the service provider?
A newly appointed board member received an email that appeared to be from the company's CEO. The email stated: "Good morning. As you remember, the closure of projects is our top priority. Kindly organize prompt payment of the attached invoice for our new solar energy partners." The board member quickly replied to the email and asked under which project the expense should be accounted. Only then did he realize that the sender 's mail domain was different from the company's. Which of the following cybersecurity risks nearly occurred in the situation described?
An employee was promoted within the organization and relocated to a new office in a different building. A few months later, security personnel discovered that the employee's smart card was being used to access the building where she previously worked. Which of the following security controls could prevent such an incident from occurring?
Which of the following best describes the use of predictive analytics?
Which of the following characteristics applies to an organization that adopts a flat structure?

Question 301

Report
Export
Collapse

Which of the following would be the strongest control to prevent unauthorized wireless network access?

A.
Allowing access to the organization's network only through a virtual private network.
A.
Allowing access to the organization's network only through a virtual private network.
Answers
B.
Logging devices that access the network, including the date. time, and identity of the user.
B.
Logging devices that access the network, including the date. time, and identity of the user.
Answers
C.
Tracking all mobile device physical locations and banning access from non-designated areas.
C.
Tracking all mobile device physical locations and banning access from non-designated areas.
Answers
D.
Permitting only authorized IT personnel to have administrative control of mobile devices.
D.
Permitting only authorized IT personnel to have administrative control of mobile devices.
Answers
Suggested answer: D

Question 302

Report
Export
Collapse

A chief audit executive wants to implement an enterprisewide resource planning software. Which of the following internal audit assessments could provide overall assurance on the likelihood of the software implementation's success?

A.
Readiness assessment.
A.
Readiness assessment.
Answers
B.
Project risk assessment.
B.
Project risk assessment.
Answers
C.
Post-implementation review.
C.
Post-implementation review.
Answers
D.
Key phase review.
D.
Key phase review.
Answers
Suggested answer: C

Question 303

Report
Export
Collapse

Which of the following is an example of two-factor authentication?

A.
The user's facial geometry and voice recognition.
A.
The user's facial geometry and voice recognition.
Answers
B.
The user's password and a separate passphrase.
B.
The user's password and a separate passphrase.
Answers
C.
The user's key fob and a smart card.
C.
The user's key fob and a smart card.
Answers
D.
The user's fingerprint and a personal Identification number.
D.
The user's fingerprint and a personal Identification number.
Answers
Suggested answer: D

Question 304

Report
Export
Collapse

The internal audit activity has identified accounting errors that resulted in the organization overstating its net income for the fiscal year. Which of the following is the most likely cause of this overstatement?

A.
Beginning inventory was overstated for the year.
A.
Beginning inventory was overstated for the year.
Answers
B.
Cost of goods sold was understated for the year.
B.
Cost of goods sold was understated for the year.
Answers
C.
Ending inventory was understated for the year.
C.
Ending inventory was understated for the year.
Answers
D.
Cost of goods sold was overstated for the year.
D.
Cost of goods sold was overstated for the year.
Answers
Suggested answer: B

Question 305

Report
Export
Collapse

Which of the following is considered a physical security control?

A.
Transaction logs are maintained to capture a history of system processing.
A.
Transaction logs are maintained to capture a history of system processing.
Answers
B.
System security settings require the use of strong passwords and access controls.
B.
System security settings require the use of strong passwords and access controls.
Answers
C.
Failed system login attempts are recorded and analyzed to identify potential security incidents.
C.
Failed system login attempts are recorded and analyzed to identify potential security incidents.
Answers
D.
System servers are secured by locking mechanisms with access granted to specific individuals.
D.
System servers are secured by locking mechanisms with access granted to specific individuals.
Answers
Suggested answer: D

Question 306

Report
Export
Collapse

Which of the following business practices promotes a culture of high performance?

A.
Reiterating the importance of compliance with established policies and procedures.
A.
Reiterating the importance of compliance with established policies and procedures.
Answers
B.
Celebrating employees' individual excellence.
B.
Celebrating employees' individual excellence.
Answers
C.
Periodically rotating operational managers.
C.
Periodically rotating operational managers.
Answers
D.
Avoiding status differences among employees.
D.
Avoiding status differences among employees.
Answers
Suggested answer: D

Question 307

Report
Export
Collapse

An internal auditor has requested the organizational chart in order to evaluate the control environment of an organization. Which of the following is a disadvantage of using the organizational chart?

A.
The organizational chart shows only formal relationships.
A.
The organizational chart shows only formal relationships.
Answers
B.
The organizational chart shows only the line of authority.
B.
The organizational chart shows only the line of authority.
Answers
C.
The organizational chart shows only the senior management positions.
C.
The organizational chart shows only the senior management positions.
Answers
D.
The organizational chart is irrelevant when testing the control environment.
D.
The organizational chart is irrelevant when testing the control environment.
Answers
Suggested answer: A

Question 308

Report
Export
Collapse

A financial institution receives frequent and varied email requests from customers for funds to be wired out of their accounts. Which verification activity would best help the institution avoid falling victim to phishing?

A.
Reviewing the customer's wire activity to determine whether the request is typical.
A.
Reviewing the customer's wire activity to determine whether the request is typical.
Answers
B.
Calling the customer at the phone number on record to validate the request.
B.
Calling the customer at the phone number on record to validate the request.
Answers
C.
Replying to the customer via email to validate the sender and request.
C.
Replying to the customer via email to validate the sender and request.
Answers
D.
Reviewing the customer record to verify whether the customer has authorized wire requests from that email address.
D.
Reviewing the customer record to verify whether the customer has authorized wire requests from that email address.
Answers
Suggested answer: B

Question 309

Report
Export
Collapse

Internal auditors want to increase the likelihood of identifying very small control and transaction anomalies in their testing that could potentially be exploited to cause material breaches. Which of the following techniques would best meet this objective?

A.
Analysis of the full population of existing data.
A.
Analysis of the full population of existing data.
Answers
B.
Verification of the completeness and integrity of existing data.
B.
Verification of the completeness and integrity of existing data.
Answers
C.
Continuous monitoring on a repetitive basis.
C.
Continuous monitoring on a repetitive basis.
Answers
D.
Analysis of the databases of partners, such as suppliers.
D.
Analysis of the databases of partners, such as suppliers.
Answers
Suggested answer: A

Question 310

Report
Export
Collapse

An internal auditor discusses user-defined default passwords with the database administrator. Such passwords will be reset as soon as the user logs in for the first time, but the initial value of the password is set as "123456." Which of the following are the auditor and the database administrator most likely discussing in this situation?

A.
Whether it would be more secure to replace numeric values with characters.
A.
Whether it would be more secure to replace numeric values with characters.
Answers
B.
What happens in the situations where users continue using the initial password.
B.
What happens in the situations where users continue using the initial password.
Answers
C.
What happens in the period between the creation of the account and the password change.
C.
What happens in the period between the creation of the account and the password change.
Answers
D.
Whether users should be trained on password management features and requirements.
D.
Whether users should be trained on password management features and requirements.
Answers
Suggested answer: B
Total 340 questions
Go to page: of 34
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms