- All Exams Instant Download
In a data center audit, an IS auditor finds that the humidity level is very low. The IS auditor would be MOST concerned because of an expected increase in:
In a data center audit, an IS auditor finds that the humidity level is very low. The IS auditor would be MOST concerned because of an expected increase in:A . employee discomfortB . risk of fireC . static electricity problemsD . backup tape failuresView AnswerAnswer: C
An audit of the quality management system (QMS) begins with an evaluation of the:
An audit of the quality management system (QMS) begins with an evaluation of the:A . organization’s QMS policyB . sequence and interaction of QMS processesC . QMS processes and their applicationD . QMS document control proceduresView AnswerAnswer: A
Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?
Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?A . Perform a system penetration testB . Test compliance with operating proceduresC . Review access rightsD . Review router configuration tablesView AnswerAnswer: A
Which of the following findings should be given the HIGHEST priority?
An IS auditor has completed an audit on the organization’s IT strategic planning process. Which of the following findings should be given the HIGHEST priority?A . The IT strategic plan was completed prior to the formulation of the business strategic planB . Assumptions in the IT strategic plan have not...
The GREATEST risk when performing data normalization is:
The GREATEST risk when performing data normalization is:A . the increased complexity of the data modelB . duplication of audit logsC . reduced data redundancyD . decreased performanceView AnswerAnswer: A
Which of the following would be the BEST way to address the risk of exposing customer data?
An organization is considering outsourcing the processing of customer insurance claims. An IS auditor notes that customer data will be sent offshore for processing. Which of the following would be the BEST way to address the risk of exposing customer data?A . Require background checks on all service provider personnel...
Which of the following is NOT an example of preventive control?
Which of the following is NOT an example of preventive control?A . Physical access control like locks and doorB . User login screen which allows only authorize user to access websiteC . Encrypt the data so that only authorize user can view the sameD . Duplicate checking of a calculationsView...
Which of the following findings would be of MOST concern to an IS auditor performing a review of an end-user developed application that generates financial statements?
Which of the following findings would be of MOST concern to an IS auditor performing a review of an end-user developed application that generates financial statements?A . The application is not sufficiently supported by the IT departmentB . There is not adequate training in the use of the applicationC ....
Which of the following should be the GREATEST concern?
An IS audit team is evaluating the documentation related to the most recent application user-access review performed by IT and business management. It is determined the user list was not system-generated. Which of the following should be the GREATEST concern?A . Source of the user list reviewedB . Availability of...
An organization performs nightly backups but does not have a formal policy. An IS auditor should FIRST:
An organization performs nightly backups but does not have a formal policy. An IS auditor should FIRST:A . evaluate current backup proceduresB . escalate to senior managementC . document a policy for the organizationD . recommend automated backupView AnswerAnswer: A
