While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed with the audit function. In order to resolve the situation, the IS auditor's BEST course of action would be to:
While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed with the audit function. In order to resolve the situation, the IS auditor's BEST course of action would be to:A . re-prioritize the original issue as...
Which of the following is the BEST way to mitigate the impact of ransomware attacks?
Which of the following is the BEST way to mitigate the impact of ransomware attacks?A . Invoking the disaster recovery plan (DRP) B. Backing up data frequently C. Paying the ransom D. Requiring password changes for administrative accountsView AnswerAnswer: B
When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:
When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:A . the Internet. B. the demilitarized zone (DMZ). C. the organization's web server. D. the organization's network.View...
Which of the following is the auditor's BEST action?
During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective. Which of the following is the auditor's BEST action?A . Explain to IT management that the new control...
When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?
When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?A . Implementation plan B. Project budget provisions C. Requirements analysis D. Project planView AnswerAnswer: C
Which of the following strategies BEST optimizes data storage without compromising data retention practices?
Which of the following strategies BEST optimizes data storage without compromising data retention practices?A . Limiting the size of file attachments being sent via email B. Automatically deleting emails older than one year C. Moving emails to a virtual email vault after 30 days D. Allowing employees to store large...
Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?
Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?A . Periodic vendor reviews B. Dual control C. Independent reconciliation D. Re-keying of monetary amounts E. Engage an external security incident response expert for incident handling.View AnswerAnswer: B
Which of the following should be the FIRST course of action?
A data breach has occurred due lo malware. Which of the following should be the FIRST course of action?A . Notify the cyber insurance company. B. Shut down the affected systems. C. Quarantine the impacted systems. D. Notify customers of the breach.View AnswerAnswer: C
Which of the following strategies would provide the GREATEST assurance of system quality at implementation?
A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?A . Implement overtime pay and bonuses for all development staff. B. Utilize new system development tools to improve productivity. C. Recruit IS staff...
During an audit of a reciprocal disaster recovery agreement between two companies, the
During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:A . allocation of resources during an emergency. B. frequency of system testing. C. differences in IS policies and procedures. D. maintenance of hardware and software compatibility.View AnswerAnswer: D