A financial group recently implemented new technologies and processes, Which type of IS audit would provide the GREATEST level of assurance that the department's objectives have been met? A. Integrated audit B. Cyber audit C. Performance audit D. Financial audit An IS auditor concludes that an organization has a quality security policy. Which of the following is MOST important to determine next? The policy must be: A. well understand by all employees. B. updated frequently. C. developed by process owners. D. based on industry standards. Which of the following would BEST demonstrate that an effective disaster recovery plan (DRP) is in place? A. Annual walk-through testing B. Periodic risk assessment C. Frequent testing of backups D. Full operational test During an external review, an IS auditor observes an inconsistent
approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality? A. Maximum allowable downtime (MAD) B. Recovery point objective (RPO) C. Key performance indicators (KPIs) D. Mean time to restore (MTTR)
Which of the following is the BEST way to verify the effectiveness of a data restoration process? A. Validating off ne backups using software utilities B. Performing periodic reviews of physical access to backup media C. Reviewing and updating data restoration policies annually D. Performing periodic complete data restorations Which of the following should an IS auditor be MOST concerned with during a post-implementation review? A. The system contains several minor defects. B. The system deployment was delayed by three weeks. C. The system does not have a maintenance plan. D. The system was over budget by 15%. Which of the following is the MOST appropriate and effective fire suppression method for an unstaffed computer room? A. Water sprinkler B. Fire extinguishers C. Carbon dioxide (CO2) D. Dry pipe After the merger of two organizations, which of the following is the MOST important task for
an IS auditor to perform? A. Verifying that access privileges have been reviewed B. Updating the continuity plan for critical resources C. Updating the security policy D. investigating access rights for expiration dates An organizations audit charier PRIMARILY: A. documents
the audit process and reporting standards. B. formally records the annual and quarterly audit plans. C. describes the auditors' authority to conduct audits. D. defines the auditors' code of conduct.
Which of the following Is the BEST way to ensure payment transaction data is restricted to the appropriate users?
A. Implementing two-factor authentication B. Using a single menu tor sensitive application transactions C. implementing role-based access at the application level D. Restricting access to transactions using network security software
During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?
A. Retest the control. B. Close the audit finding. C. Notify the audit manager. D. Notify the chair of the audit committee.
An IS auditor discovers that an IT organization serving several business units assigns equal priority to all initiatives, creating a risk of delays in securing project funding Which of the following would be MOST helpful in matching demand for projects and services with available resources in a way that supports business objectives?
A. IT governance framework B. Portfolio management C. Project management D. Risk assessment results
Which of the following fire suppression systems needs to be combined with an automatic switch to shut down the electricity supply in the event of activation?
A. Carbon dioxide B. Halon C. FM-200 D. Dry pipe
An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported The auditee has stated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?
A. Monitor network traffic attempting to reach the outdated software system. B. Close all unused ports on the outdated software system. C. Verify all patches have been applied to the software system's outdated version D. Segregate the outdated software system from the main network.
An IS auditor discovers an option in a database that allows the administrator to directly modify any table. This option is necessary to overcome bugs in the software, but is rarely used. Changes to tables are automatically logged. The IS auditor's FIRST action should be to:
A. determine whether the log of changes to the tables is backed up. B. recommend that the system require two persons to be involved in modifying the database. C. recommend that the option to directly modify the database be removed immediately. D. determine whether the audit trail is secured and reviewed.
Which of the following would be of MOST concern for an IS auditor evaluating the design of an organization's incident management processes?
A. Service management standards are not followed. B. Expected time to resolve incidents is not specified. C. Metrics are not reported to senior management. D. Prioritization criteria are not defined.
An organization's software developers need access to personally identifiable information (Pll) stored in a particular data format. Which of the following is the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?
A. Data tokenization B. Data abstraction C. Data encryption D. Data masking
A review of an organization's IT portfolio revealed several applications that are not in use. The BEST way to prevent this situation from recurring would be to implement.
A. Asset life cycle management. B. A formal request for proposal (RFP) process C. An information asset acquisition policy D. Business case development procedures
Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organization's information security policy?
A. Alignment with the IT tactical plan B. Compliance with industry best practice C. Business objectives D. IT steering committee minutes
Which of the following is MOST important to ensure that electronic evidence collected during a forensic investigation will be admissible in future legal proceedings?
A. Documenting evidence handling by personnel throughout the forensic investigation B. Performing investigative procedures on the original hard drives rather than images of the hard drives C. Engaging an independent third party to perform the forensic investigation D. Restricting evidence access to professionally certified forensic investigators
An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that
A. a detailed business case was formally approved prior to the purchase. B. security parameters are set in accordance with the organization's policies. C. the procurement project invited lenders from at least three different suppliers. D. security parameters are set in accordance with the manufacturer s standards.
Which of the following provides a new IS auditor with the MOST useful information to evaluate overall IT performance?
A. IT balanced scorecard B. Vulnerability assessment report C. IT value analysis D. Prior audit reports
The IS auditor has recommended that management test a new system before using it in production mode. The BEST approach for management in developing a test plan is to use processing parameters that are:
A. provided by the vendor of the application. B. randomly selected by a test generator. C. randomly selected by the user. D. simulated by production entities and customers.
Which of the following is the MOST important reason to implement version control for an end-user computing (EUC) application?
A. To ensure that only the latest approved version of the application is used B. To ensure that only authorized users can access the application C. To ensure that older versions are availability for reference D. To ensure compatibility different versions of the application
An IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer payments. The IS auditor should FIRST
A. identify compensating controls. B. review security incident reports. C. document the exception in an audit report. D. notify the audit committee.
The implementation of an IT governance framework requires that the board of directors of an organization:
A. Approve the IT strategy. B. Be informed of all IT initiatives. C. Have an IT strategy committee. D. Address technical IT issues.
Which of the following should an IS auditor consider FIRST when evaluating firewall rules?
A. The organization's security policy B. The number of remote nodes C. The firewalls' default settings D. The physical location of the firewalls
Which of the following is the PRIMARY role of the IS auditor m an organization's information classification process?
A. Securing information assets in accordance with the classification assigned B. Ensuring classification levels align with regulatory guidelines C. Defining classification levels for information assets within the organization D. Validating that assets are protected according to assigned classification
An IS auditor notes that the previous year's disaster recovery test was not completed within the scheduled time frame due to insufficient hardware allocated by a third-party vendor. Which of the following provides the BEST evidence that adequate resources are now allocated to successfully recover the systems?
A. Hardware change management policy B. An up-to-date RACI chart C. Vendor memo indicating problem correction D. Service level agreement (SLA)
Which of the following is MOST important for an IS auditor to review when evaluating the accuracy of a spreadsheet that contains several macros?
A. Reconciliation of key calculations B. Version history C. Formulas within macros D. Encryption of the spreadsheet
Which of the following is MOST important to consider when scheduling follow-up audits?
A. Controls and detection risks related to the observations B. The efforts required for independent verification with new auditors C. The amount of time the auditee has agreed to spend with auditors D. The impact if corrective actions are not taken
Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS audit has been asked to conduct a control assessment. the auditor's BEST course of action would be to determine if:
A. The logs were monitored. B. The network traffic was being monitored. C. The domain controller was classified for high availability. D. the patches were updated.
Which of the following would be an appropriate rote of internal audit in helping to establish an organization's privacy program?
A. Designing controls to protect personal data B. Defining roles within the organization related to privacy C. Analyzing risks posed by new regulations D. Developing procedures to monitor the use of personal data
When testing the adequacy of tape backup procedures, which step BEST verifies that regularly scheduled Backups are timely and run to completion?
A. Evaluating the backup policies and procedures B. Reviewing a sample of system-generated backup logs C. Observing the execution of a daily backup run D. Interviewing key personnel evolved In the backup process
Which of the following security measures will reduce the risk of propagation when a cyberattack occurs?
A. Perimeter firewall B. Web application firewall C. Data loss prevention (DLP) system D. Network segmentation
Which of the following attack techniques will succeed because of an inherent security weakness in an Internet firewall?
A. Flooding the site with an excessive number of packets B. Using a dictionary attack of encrypted passwords C. Intercepting packets and viewing passwords D. Phishing