- All Exams Instant Download
Which of the following should be an IS auditor's PRIMARY focus when developing a risk-based IS audit program?
Which of the following should be an IS auditor's PRIMARY focus when developing a risk-based IS audit program?A . Portfolio management B. Business plans C. Business processes D. IT strategic plansView AnswerAnswer: D
Which of the following strategies would provide the GREATEST assurance of system quality at implementation?
A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?A . Implement overtime pay and bonuses for all development staff. B. Utilize new system development tools to improve productivity. C. Recruit IS staff...
Which of the following should the auditor recommend be performed FIRST?
An IS auditor notes that several employees are spending an excessive amount of time using social media sites for personal reasons. Which of the following should the auditor recommend be performed FIRST?A . Implement a process to actively monitor postings on social networking sites. B. Adjust budget for network usage...
What is the BEST control to address SQL injection vulnerabilities?
What is the BEST control to address SQL injection vulnerabilities?A . Unicode translation B. Secure Sockets Layer (SSL) encryption C. Input validation D. Digital signaturesView AnswerAnswer: C
Which of the following is the BEST data integrity check?
Which of the following is the BEST data integrity check?A . Counting the transactions processed per day B. Performing a sequence check C. Tracing data back to the point of origin D. Preparing and running test dataView AnswerAnswer: C
Which of the following is the BEST way to determine whether a test of a disaster recovery plan (DRP) was successful?
Which of the following is the BEST way to determine whether a test of a disaster recovery plan (DRP) was successful?A . Analyze whether predetermined test objectives were met. B. Perform testing at the backup data center. C. Evaluate participation by key personnel. D. Test offsite backup files.View AnswerAnswer: A
From an IS auditor's perspective, which of the following would be the GREATEST risk associated with an incomplete inventory of deployed software in an organization?
From an IS auditor's perspective, which of the following would be the GREATEST risk associated with an incomplete inventory of deployed software in an organization?A . Inability to close unused ports on critical servers B. Inability to identify unused licenses within the organization C. Inability to deploy updated security patches...
Which audit approach is MOST helpful in optimizing the use of IS audit resources?
Which audit approach is MOST helpful in optimizing the use of IS audit resources?A . Agile auditing B. Continuous auditing C. Outsourced auditing D. Risk-based auditingView AnswerAnswer: D
Which of the following BEST guards against the risk of attack by hackers?
Which of the following BEST guards against the risk of attack by hackers?A . Tunneling B. Encryption C. Message validation D. FirewallsView AnswerAnswer: B
What is the auditor's BEST course of action?
During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?A . Notify the chair of the audit committee. B. Notify...
