- All Exams Instant Download
When evaluating the design of controls related to network monitoring, which of the following is MOST important for an IS auditor to review?
When evaluating the design of controls related to network monitoring, which of the following is MOST important for an IS auditor to review?A . Incident monitoring togs B. The ISP service level agreement C. Reports of network traffic analysis D. Network topology diagramsView AnswerAnswer: D
Which of the following is the BEST way to mitigate the impact of ransomware attacks?
Which of the following is the BEST way to mitigate the impact of ransomware attacks?A . Invoking the disaster recovery plan (DRP) B. Backing up data frequently C. Paying the ransom D. Requiring password changes for administrative accountsView AnswerAnswer: B
Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:
Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:A . business impact analysis (BIA). B. threat and risk assessment. C. business continuity plan (BCP). D. disaster recovery plan (DRP).View AnswerAnswer: C
Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?
Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?A . Write access to production program libraries B. Write access to development data libraries C. Execute access to production program libraries D. Execute access to development program librariesView AnswerAnswer:...
During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures.
During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures. The auditor's NEXT step should be to:A . note the noncompliance in the audit working papers. B. issue an audit memorandum identifying the noncompliance. C. include the noncompliance...
Which of the following MOST effectively minimizes downtime during system conversions?
Which of the following MOST effectively minimizes downtime during system conversions?A . Phased approach B. Direct cutover C. Pilot study D. Parallel runView AnswerAnswer: D
What should the auditor recommend be done FIRST?
An IS auditor finds that a key Internet-facing system is vulnerable to attack and that patches are not available. What should the auditor recommend be done FIRST?A . Implement a new system that can be patched. B. Implement additional firewalls to protect the system. C. Decommission the server. D. Evaluate...
Which of the following strategies BEST optimizes data storage without compromising data retention practices?
Which of the following strategies BEST optimizes data storage without compromising data retention practices?A . Limiting the size of file attachments being sent via email B. Automatically deleting emails older than one year C. Moving emails to a virtual email vault after 30 days D. Allowing employees to store large...
Which of the following would be the BEST way to prevent accepting bad data?
An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?A . Obtain error codes indicating failed data feeds. B. Appoint data quality champions across the organization. C....
Which of the following would be to MOST concern when determine if information assets are adequately safequately safeguarded during transport and disposal?
Which of the following would be to MOST concern when determine if information assets are adequately safequately safeguarded during transport and disposal?A . Lack of appropriate labelling B. Lack of recent awareness training. C. Lack of password protection D. Lack of appropriate data classificationView AnswerAnswer: D
