Question1: Which of the following MOST efficiently protects computer equipment against short-term reductions in electrical power?
Question2: An IS auditor is evaluating the access controls at a multinational company with a shared network infrastructure. Which of the following is MOST important?
Question3: When reviewing a newly implemented quality management system (QMS), which of the following should be the IS auditor's PRIMARY concern?
Question4: An organization has implemented a distributed security administration system to replace the previous centralized one. The IS auditor's GREATEST concern should be that:
Question5: An organization using instant messaging to communicate with customers can prevent legitimate customers from being impersonated by:
Question6: Which of the following is the MOST important reason to use statistical sampling?
Question7: Which of the following is MOST influential when defining disaster recovery strategies?
Question8: An IS auditor has completed a service level management audit related to order management services provided by a third party Which of the following is the MOST significant finding?
Question9: The demilitarized zone (DMZ) is the part of a network where servers that are placed are:
Question10: What is the MOST important role of a certificate authority (CA) when a private key becomes compromised?
Question11: When developing a risk-based IS audit plan, the PRIMARY focus should be on functions:
Question12: Which of the following is the BEST physical security solution for granting and restricting access to individuals based on their unique access needs?
Question13: Which of the following is the BEST indication that an information security program is effective?
Question14: Which of the following sampling techniques is commonly used in fraud detection when the expected occurrence rate is small and the specific controls are critical?
Question15: A retailer normally uses a scanner to read product labels and input product codes and prices. The unit is not functioning and staff are keying information manually. With respect to the accuracy of the input, it is likely that:
Question16: The use of the Transport Layer Security (TLS) protocol enables the client in a network to be:
Question17: Which of the following should be an IS auditor's PRIMARY focus when developing a risk-banned IS audit program?
Question18: An organization has outsourced its data leakage monitoring to an Internet service provider (ISP). Which of the following is the BEST way for an IS auditor to determine the effectiveness of this service?
Question19: Which of the following will enable a customer to authenticate an online Internet vendor?
Question20: The prioritization of incident response actions should be PRIMARILY based on which of the following?
Question21: A CIO has asked an IS auditor to implement several security controls for an organization s IT processes and systems. The auditor should:
Question22: Following a security breach, in which a hacker exploited a well-known vulnerability in the domain controller, an IS auditor has been asked to conduct a control assessment. The auditor's BEST course of action would be to determine it:
Question23: The performance of an order-processing system can be measured MOST reliably by monitoring:
Question24: Which of the following is the PRIMARY reason for an IS auditor to use computer-assisted audit techniques (CAATs)?
Question25: Which of the following is the FIRST step when conducting a business impact analysis?
Question26: A database administrator (DBA) extracts a user listing for an auditor as testing evidence. Which of the following will provide the GREATEST assurance that the user listing is reliable'
Question27: Management has agreed to perform multiple remediation actions in response to an audit issue, including the implementation of a new control. Which of the following is the BEST time for an IS auditor to perform an audit follow-up of this issue?
Question28: Which of the following should an IS auditor review FIRST when evaluating incident management procedures?
Question29: Of the following, who should authorize a project management team's request to take a mission-critical application offline to implement a new release and configuration?
Question30: Which of the following is the BEST development methodology to help manage project requirements in a rapidly changing environment?
Question31: Which of the following key performance indicators (KPIs) provides the BEST indication of a security awareness campaign's effectiveness?
Question32: During a software acquision review, an IS auditor should recommend that there be a software escrow agreement when:
Question33: Which of the following provides the MOST assurance that a newly developed web application does not have IT security issues?
Question34: An employee transfers from an organization's risk management department to become the lead IS auditor.
While in the risk management department, the employee helped developed the key performance indicators (KPIs) now used by the organization. Which of the following would pose the GREATEST threat to the independence of this auditor?
Question35: Which of the following would be the MOST appropriate reason for an organization to purchase fault-tolerant hardware?
Question36: What is the MOST difficult aspect of access control in a multiplatfotm, multiple-site client/server environment?
Question37: An e-commerce enterprise's disaster recovery (DR) site has 30% less processing capability than the primary site. Based on this information, which of the following presents the GREATEST risk?
Question38: Which of the following should an IS auditor verify when auditing the effectiveness of virus protection?
Question39: An IS auditor notes that several users have not logged into an application for more than one year. Which of the following would be the BEST audit recommendation?
Question40: Which of the following is an example of a data analytics use case during the fieldwork phase of an IS audit?
Question41: When designing metrics for information security, the MOST important consideration is that the metrics:
Question42: Which of the following would be of GREATEST concern to an IS auditor when auditing a small organization's purchasing department?
Question43: To preserve chain-of-custody following an internal server compromise, which of the following should be the FIRST step?
Question44: An organization globally distributes a free phone application that includes a module to gather and report user information. The application includes a privacy notice altering users to the data gathering. Which of the following presents the GREATEST risk?
Question45: An organization using development operations (DevOps) processes has deployed tools to provide automated configuration management functionality. Which of the following is the BEST way to ensure changes to system configuration do not inadvertently introduce security vulnerabilities into production platforms?
Question46: Which of the following test approaches would utilize data analytics to test a dual approval payment control?
Question47: An organization is running servers with critical business application that are in an area subject to frequent but brief power outages. Knowledge of which of the following would allow the organization's management to monitor the ongoing adequacy of the uninterruptable power supply (UPS)?
Question48: An organization uses two data centers. Which of the following would BEST address the organization's need for high resiliency?
Question49: Which of the following is the MOST effective control to restrict the use of instant messaging (IM) within an organization?
Question50: An IS auditor is performing a routine procedure to test for the possible existence of fraudulent transactions.
Given there is no reason to suspect the existence of fraudulent transactions, which of the following data analytics techniques should be employed?
Question51: To achieve desired objectives, which of the following is MOST important to review when identifying potential areas of improvement in IT processes?
Question52: Which of the following is MOST important to include in an organization's incident response plan to help prevent similar incidents from happening in the future?
Question53: Prior to the migration of acquired software into production, it is MOST important that the IS auditor review the:
Question54: Which of the following should be an IS auditor's FIRST activity when planning an audit?
Question55: Which of the following are BEST suited for continuous auditing?
Question56: An IS auditor finds that a mortgage origination team receives customer mortgage applications via a shared repository. Which of the following test procedures is the BEST way to assess whether there are adequate privacy controls over this process?
Question57: Electrical surge protectors BEST
Question58: Which of the following is the MOST important reason for updating and retesting a business continuity plan (BCP)7
Question59: When removing a financial application system from production, which of the following is MOST important?
D18912E1457D5D1DDCBD40AB3BF70D5D
Question60: internal IS auditor recommends that incoming accounts payable payment files be encrypted. Which type of control is the auditor recommending?
Question61: An IS auditor conducts a review of a third-party vendor's reporting of key performance indicators (KPI).
Which of the following findings should be of MOST concern to the audition?
Question62: Which of the following tasks should be performed during an organization's business continuity plan (BCP) test?
Question63: An advantage of object-oriented system development is that it:
Question64: Which of the following would provide the BEST evidence for use in a forensic investigation of an employee's hard drive?
Question65: When reviewing a database supported by a third-party service provider, an IS auditor found minor control deficiencies. The auditor should FIRST
Question66: The maturity level of an organization s problem management support function is optimized when the function
Question67: An IT management group has developed a standardized security control checklist and distributed it to the control self-assessors in each organizational unit. Which of the following would be the GREATEST risk m this approach?
Question68: During an audit of a payroll system, an IS auditor identifies that two employees share the same bank account.
The auditor is concerned they may be ghost employees. Which of the following should the auditor do NEXT?
Question69: During a help desk review, an IS auditor determines the call abandonment rate exceeds agreed-upon service levels. What conclusion can be drawn from this finding?
Question70: Which of the following should be the PRIMARY basis for planning and prioritizing IT infrastructure security audits?
Question71: Which of the following would be MOST important to update once a decision has been made to outsource a critical application to a cloud service provider?
Question72: Which of the following is the PRIMARY advantage of single sign-on (SSO)?
Question73: Which of the following would provide the useful input to IS audit management when developing an action plan for improving internal audit's performance?
Question74: An IS auditor is conducting a pre-implementation review to determine a new system's production readiness.
The auditor's PRIMARY concern should be whether:
Question75: A region where an organization conducts business has announced changes in privacy legislation. Which of the following should an IS auditor do FIRST to prepare for the changes?
Question76: Which of the following audit procedures would BEST assist an IS auditor in determining the effectiveness of a business continuity plan (BCP)?
Question77: When replacing a critical software application, which of the following provides for the LOWEST risk of interruption to business processes?
Question78: During the planning stage of compliance audit, an IS auditor discovers that the bank's inventory of compliance requirements does not include recent regulatory changes related to managing data risk. What would the auditor do FIRST?
Question79: Which of the following BEST provides audit management with a view of potential performance improvements within the organizations IS audit function?
Question80: Which of the following is an indication of possible hacker activity involving voice communications?
Question81: During a disaster recovery audit, an IS auditor finds that a business impact analysis (BIA) has not been performed The auditor should FIRST.
Question82: Which of the following should be of GREATEST concern to an IS auditor reviewing the controls for a continuous software release process?
Question83: An IS auditor finds that a company is using a payroll provider hosted in a foreign country Of the following the MOST important audit consideration is whether the provider s operations;
Question84: An organization offers an online information security awareness program to employees on an annual basis.
Which of the following findings from an audit of the program should be the IS auditor's GREATEST concern?
Question85: An organization wants to classify database tables according to its data classification scheme. From an IS Auditor's perspective, the tables should be classified based on the:
Question86: Which of the following factors will BEST promote effective information security management?
Question87: Which of the following is MOST important for an IS auditor to consider when evaluating a Software as a Service (SaaS) arrangement?
Question88: Which of the following would BEST detect logic bombs in new programs?
Question89: Which of the following is MOST likely to be spoofed in an email transmission?
Question90: Which of the following should be an IS auditor's PRIMARY consideration when reviewing a project to outsource data center hosting services?
Question91: A security administrator should have read-only access for which of the following?
Question92: Which of the following is the MOST effective control to mitigate unintentional misuse of authorised access?
Question93: At which stage of the software development life cycle should an organization identity privacy considerations?
Question94: Which of the following is the BEST source for describing the objectives of an organization s information systems?
Question95: Which of the following would help to ensure the completeness of batch file transfers?
Question96: Which of the following could be determined by an entity-relationship diagram?
Question97: An IS auditor reviewing a recently implemented virtual environment notices discrepancies among similar machine setups. Which of the following should the auditor recommend to minimize configuration risks?
Question98: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?
Question99: In the IT department where segregation of duties is not feasible due to a limited number of resources, a team member is performing the functions of computer operator and reviewer of application logs. Which of the following would be the IS auditor's BEST recommendation?
Question100: In an organization that has a staff-rotation policy, the MOST appropriate access control model is:
Question101: Which of the following is the MOST effective mechanism for ensuring that critical IT operational problems are reported to executive management in a timely manner?
Question102: When preparing to evaluate the effectiveness of an organizations IT strategy, an IS auditor should FIRST review;
Question103: Which of the following should an IS auditor recommend as MOST critical to an effective performance improvement process for IT services?
Question104: Which of the following is the BEST approach for performing a business impact analysis (BIA) of a supply-chain management application?
Question105: Which of the following is MOST important to include in a business continuity plan (BCP)?
Question106: Privileged account access is require to start an ad hoc batch job. Which of the following would MOST effectively detect unauthorized job execution?
Question107: An IS auditor finds ad hoc vulnerability scanning is in place with no clear alignment to the organization's wider security threat and vulnerability management program. Which of the following would BEST enable the organization to work toward improvement in this area?
Question108: During a follow-up audit for a finding related to change management, an IS auditor notes that one of the changes sampled was an emergency change, which follows a different process. Which of the following is the auditor's BEST course of action?
Question109: A post-implementation review of a system implementation has identified that the defined objectives were changed several times without the approval of the project board. What would the IS auditor do NEXT?
Question110: When implementing a software product (middleware) to pass data between local area network (LAN) servers and the mainframe, the MOST critical control consideration is:
Question111: Which of ihe following should be done FIRST to effectively define the IT audit universe for an entity with multiple business lines?
Question112: Which of the following should be an IS auditor's PRIMARY consideration when evaluating the development and design of a privacy program?
Question113: Which of the following should be of GREATEST concern to an IS auditor reviewing actions taken during a forensic investigation?
Question114: The MOST efficient way to confirm that an ERP system being implemented satisfies business expectations is to utilize which of the following types of testing?
Question115: Two organizations will share ownership of a new enterprise resource management (ERM) system To help ensure the successful implementation of the system, it k MOST important to define:
Question116: To test the integrity of the data in the accounts receivable master file, an IS auditor particularly interested in reviewing customers with balances over $400.000. the selection technique the IS auditor would use to obtain such a sample is called:
Question117: To create a digital signature in a message using asymmetric encryption, it is necessary to:
Question118: Which of the following is the GREATEST benefit of implementing an incident management process?
Question119: Which of the following is MOST important when an incident may lead to prosecution?
Question120: Which of the following would be MOST important for an IS auditor to review during an audit of an automated continuous monitoring process being used by the finance department.
Question121: Which of the following is MOST helpful when establishing the authenticity of digital evidence collected from a hard disk?
Question122: Which of the following would BEST deter the theft of corporate information from a laptop?
Question123: Which of the following is the MOST important benefit of involving IS audit when implementing governance of enterprise IT?
Question124: An internal audit has revealed a large number of incidents for which root cause analysis has not been performed. Which of the following is MOST important for the IS auditor to verify to determine whether there is an audit issue?
Question125: An IS auditor is evaluating the log management system for an organization with devices and systems in multiple geographic locations. Which of the following is MOST important for e auditor to verify?
Question126: Which of the following is the BEST key performance indicator (KPI) for determining how well the IT policy is aligned to the business requirements?
Question127: Which of the following is the GREATEST risk associated with instant messaging?
Question128: An organization is moving its on-site application servers to a service provider that operates a virtualized environment shared by multiple customers. Which of the following is the MOST significant risk to the organization?
Question129: One advantage of monetary unit sampling is the fact that:
Question130: Which of the following is the PRIMARY reason for database optimization in an environment with a high volume of transactions?
Question131: The PRIMARY objective of parallel testing an application is to confirm that:
Question132: When auditing the security architecture of an e-commerce environment, an IS auditor should FIRST review the:
Question133: The CIO of an organization is concerned that the information security policies may not be comprehensive.
Which of the following should an IS auditor recommend be performed FIRST?
Question134: Which of the following procedures should an IS auditor complete FIRST when evaluating the adequacy of IT key performance indicators (KPIs)?
Question135: An IS auditor is performing a post-implementation review of a system deployed two years ago. Which of the following findings should be of MOST concern to the auditor?
Question136: In an environment where most IT services have been outsourced, continuity planning is BEST controlled by:
Question137: An IS auditor is conducting a review of an organization s information systems and discovers data that is no longer needed by business applications. Which of the following would b IS auditor's BEST recommendation?
Question138: An IS auditor is planning on utilizing attribute sampling to determine the error rate for health care claims processed. Which of the following factors will cause the sample size to decrease?
Question139: Based on the Guidance of internal audit, an IT steering committee is considering the use of a balanced scorecard to evaluate its project management process. Which of the following is the GREATEST advantage to using this approach?
Question140: During a post-implementation review, a step in determining whether a project met user requirements is to review the:
Question141: Which of the following should be restricted from a network administrator's privileges in an adequately segregated H" environment?
Question142: Following an acquisition, it was decided that legacy applications subject to compliance requirements will continue to be used until they can be phased out. The IS auditor needs to determine where there are control redundancies and where gaps may exist. Which of the following activities would be MOST helpful in making this determination?
Question143: The quality assurance (QA) function should be prevented from
Question144: Which of the following is MOST important for successful incident response?
Question145: An organization uses electronic funds transfer (EFT) to pay its vendors. Which of the following should be an IS auditor s MAIN focus while reviewing controls in the accounts payable Application?
Question146: Which of the following will BEST help to ensure that an in-house application in the production environment is current?
Question147: A PRIMARY benefit derived by an organization employing control self-assessment (CSA) techniques s that CSA.
Question148: While auditing an IT department s cloud service provider, the IS auditor found that privileged access monitoring is not being performed as required by the contract. The provider disagrees with this issue and notes that compensating controls are in place. The IS auditor's NEXT course of action should be to:
Question149: Which of the following should an IS auditor recommend to reduce the likelihood of potential intruders using social engineering?
Question150: Which of the following findings should be of MOST concern to an IS auditor when evaluating information security governance within an organization?
Question151: An IS auditor is assessing an organization's data loss prevention (DLP) solution for protecting intellectual property from insider theft. Which of the following would the auditor consider MOST important for effective data protection?
Question152: A company laptop has been stolen and all photos on the laptop have been published on social media. Which of the following is the IS auditor's BEST course of action?
Question153: While following up on a prior audit report, an IS auditor determines that a number of recommendations to address critical findings have not been implemented as agreed. What is the BEST course of action for the auditor?
Question154: ..control that MOST effectively addresses the risk of piggybackingAailgating into a restricted area without a dead-man door is:
Question155: Which of the following is the MOST significant risk associated with the use of visualization?
Question156: An IS auditor previously worked in an organization s IT department and was involved with the design of the business continuity plan (BCP). The IS auditor has now been asked to review this same BCP. The auditor should FIRST.
Question157: Which of the following is MOST important for an IS auditor to verify when reviewing an organization's information security practices following the adoption of a bring your own device (8YOD) program?
Question158: Which function in the purchasing module of an enterprise resource planning (ERP) system ensures payments are not issued for incorrect invoices'
Question159: An IS auditor is using data analytics in an audit and has obtained the data to be used for testing. Which of the following is the MOST important task before testing begins?
Question160: Spreadsheets are used to calculate project cost estimates Totals for each cost category are then keyed into the job-costing system. What is the BIST control to ensure that data are accurately entered into the system?
Question161: An IS auditor has discovered that unauthorized customer management software was installed on a workstation.
The auditor determines the software has been uploading customer ita to an external party. Which of the following is the IS auditor's BEST course of action?
Question162: Which of the following would be considered the BEST compensating control to use when an emergency process, rather than the established control procedures, is used for database changes?
Question163: Which of the following procedures would BEST contribute to the reliability of information in a data warehouse?
Question164: Software quality assurance (QA) reviews are planned as part of system development. At which stage in the development process should the first review be initiated?
Question165: An IS auditor can BEST help management fulfill risk management responsibilities by:
Question166: Which of the following would be the MOST effective method to identify high risk areas in the business to be included in the audit plan?
Question167: Which combination of access controls provides the BEST physical protection for a server room?
Question168: A manufacturing company is implementing application software for its sales and distribution system. Which of the following is the MOST important reason for the company to choose a centralized online database?
Question169: Which of the following types of controls would BEST facilitate a root cause analysis for an information security incident?
Question170: Which of the following controls will MOST effectively detect inconsistent records resulting from the lack of referential integrity in a database management system?
Question171: During an audit, it is discovered that several suppliers with standing orders have been deleted from the supplier master file Which of the following controls would have BEST evented such an occurrence?
Question172: Which of the following a recent internal data breach, an IS auditor was asked to evaluate information security practices within the organization. Which of the following findings would be MOST important to report to senior management?
Question173: An IS auditor attempts to sample for variables in a population of items with wide differences in values but determines that an unreasonably large number of sample items must be selected to produce the desired confidence level. In this situation, which of the following is the audit decision?
D18912E1457D5D1DDCBD40AB3BF70D5D
Question174: An IS audit manager finds that data manipulation logic developed by the audit analytics team leads to incorrect conclusions This inaccurate logic is MOST likely an indication of lich of the following?
Question175: An IS auditor is assigned to review the IS department's quality procedures. Upon contacting the IS manager, the auditor finds that there is an informal unwritten set of standards. Which of the following should be the auditor's NEXT action?
Question176: A design company has multiple name and address files for its customers in several of its independent systems.
Which of the following is the BEST control to ensure that the customer name and address agree across all files?
Question177: The scheduling of audit follow-ups should be based PRIMARILY on
Question178: While evaluating an organization's program for tracking system interfaces and data transfers, the IS auditor notices the program does not record some of the ad hoc transfers that occur. Which of the following is the GREATEST potential risk?
Question179: maturity model is useful in the assessment of IT service management because it:
Question180: Which of the following would be of MOST concern during an audit of an end-user computing system containing sensitive information?
Question181: Which of the following is the GREATEST concern when an organization allows personal devices to connect to its network?
Question182: Which of the following is MOST important for an IS auditor to consider when auditing a vulnerability scanning software solution?
Question183: Buffer overflow in an Internet environment is of particular concern to the IS auditor because it can:
Question184: An organization that has suffered a cyber attack is performing a forensic analysis of the affected users' computers Which of the following should be of GREATEST concern for the IS editor reviewing this process?
Question185: Which of the following procedures should be implemented prior to disposing of surplus computer equipment to employees?
Question186: Which of the following would BEST facilitate the successful implementation of an [T-related framework?
Question187: The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure:
Question188: Which of the following helps to ensure the integrity of data for an interface between a new billing system and an accounts receivable system?
Question189: When planning an application audit, it is MOST important to evaluate risk factors by interviewing:
Question190: When reviewing user access to an application containing sensitive company data, which of the following should be the GREATEST concern with regard to segregation of duties?
Question191: Which of the following is the BEST indication that an organization has achieved legal and regulatory compliance?
Question192: Which of ihe following is the BEST way to control scope creep during application system development?
Question193: An organization's IT security policy requires annual security awareness training for all employees. Which of the following would provide the BEST evidence of the training's effectiveness?
Question194: At what point in software development should the user acceptance test plan be prepared?
Question195: When reviewing an organization s IT governance processes, which of the following provides the BEST indication that information security expectations are being met at all levels?
Question196: Which of the following is the BEST indication that an organization's vulnerability identification capability has achieved a high level of maturity?
Question197: An organization is replacing its financial processing system. To help ensure that transactions in the new system are processed accurately, which of the following is MOST appropriate?
Question198: To ensure confidentiality through the use of asymmetric encryption, a message is encrypted with which of the following?
Question199: Which of the following activities would allow an IS auditor to maintain independence while facilitating a control self-assessment (CSA)?
Question200: An audit report notes that terminated employees have been retaining their access rights after their departure.
Which of the following strategies would BEST ensure that obsolete access rights are identified in a timely manner?
Question201: Assessments of critical information systems are based on a cyclical audit plan that has not been updated for several years. Which of the following should the IS auditor recommend to BEST address this situation?
Question202: Internal audit reports should be PRIMARILY written for and communicated to:
Question203: To protect information assets, which of the following should be done FIRST?
Question204: Which of the following would BEST indicate the effectiveness of a security awareness training program?
Question205: An audit committee is reviewing an annual IT risk assessment Which of the following is the BEST justification for the audits selected?
Question206: The operations team of an organization has reported an IS security attack. Which of the following should be the NEXT step for the security incident response team?
Question207: An organization has software that is not compliant with data protection requirements. To help ensure that appropriate and relevant data protection controls are implemented in the future, the auditor s BEST course of action would be to:
Question208: Which of the following BEST enables an IS auditor to identify gaps between the current state and future state of an organization's IT infrastructure?
Question209: Which of the following is the BEST way to facilitate proper follow-up for audit finding?
Question210: An IS auditor has completed a service level management audit related to order management services provided by a third party Which of the following is the MOST significant finding?
Question211: An IS auditor plans to review all access attempts to a video-monitored and proximity card-controlled communications room. Which of the following would be MOST useful to the auditor?
Question212: Adopting a service-oriented architecture would MOST likely:
Question213: Which of the following is MOST important in the audit quality assurance process?
Question214: An organization has implemented application whitelisting in response to the discovery of a large amount of unapproved software. Which type of control has been deployed?
Question215: In an IS auditor's review of an organization s configuration management practices for software, which of the following is MOST important?
Question216: An IS auditor has observed gaps in the data available to the organization for detecting incidents. Which of the following would be the BEST recommendation to improve the organization's security incident response capability?
Question217: When reviewing an organization's data protection practices, an IS auditor should be MOST concerned with a lack of:
Question218: While reviewing a hot site, the IS auditor discovers that one type of hardware platform is not installed. The IS auditor should FIRST
Question219: The business owner's approval of software changes being moved into production is PRIMARILY necessary to:
Question220: An organization is currently replacing its accounting system. Which of the following strategies will BEST minimize risk associated with the loss of data integrity from the upgrade?
Question221: Which of the following is the BEST way to address ongoing concerns with the quality and accuracy of internal audits?
Question222: While reviewing similar issues in an organization s help desk system, an IS auditor finds that they were analyzed independently and resolved differently This situation MOST likely indicates a deficiency in:
Question223: Which of the following will provide the GREATEST assurance to IT management that a quality management system (QMS) is effective?
Question224: An IS auditor is unable to directly test privacy controls for a client cloud based applications. The MOST effective alternative to direct testing is to review
Question225: Which of the following would an IS auditor consider to be the MOST significant risk associated with a project to reengineer a business process?
Question226: Which of the following is a reason for implementing a decentralized IT governance model?
Question227: Which of the following is a substantive test procedure?
Question228: Which of the following is the BEST approach to identify whether a vulnerability is actively being exploited?
Question229: Which of the following is the BEST reason for an organization to develop a business continuity plan?
Question230: Which of the following is the PRIMARY responsibility of an organizations information security function?
Question231: An enterprise receiving email should have procedures to control:
Question232: Which of the following controls should be implemented to BEST minimize system downtime for maintenance?
Question233: Which of the following methodologies is MOST appropriate to use for developing software with incomplete requirements?
Question234: Which of the following would provide the MOST important input during the planning phase for an audit on the implementation of a bring your own device (BYOD) program?
Question235: What is an IS auditor's BEST recommendation for management if a network vulnerability assessment confirms that critical patches have not been applied since the last assessment?
Question236: An IS auditor performs a follow-up audit and learns the approach taken by the auditee to fix the findings differs from the agreed-upon approach confirmed during the last audit. Which of the following should be the auditor's NEXT course of action?
Question237: During an audit of the organization's data privacy policy, the IS auditor identified that only some IT application databases have encryption in place. What should be the auditors FIRST action?
Question238: Which of the following controls can BEST detect accidental corruption during transmission of data across a network?
Question239: Which of the following is MOST important with regard to an application development acceptance test?
Question240: Which type of risk would MOST influence the selection of a sampling methodology?
Question241: An IS auditor s role in privacy and security is to:
Question242: A typical network architecture used for e-commerce, a load balancer is normally found between the:
Question243: Which of the following would be an appropriate role of internal audit in helping to establish an organization's privacy program?
Question244: Which of the following should be an IS auditor's PRIMARY concern when evaluating an organization's information security policies, procedures, and controls for third-party vendors?
Question245: As part of business continuity planning. Which of the following is MOST important to include in a business impact analyst (BIA)?
Question246: Which of the following is MOST important for an organization to review before sharing data with an external business partner via an application programming interface (API)?
Question247: Which of the following is the MOST efficient solution for a multi-location healthcare organization that wants to be able to access patient data wherever patients present themselves for care?
Question248: An IS auditor has assessed a payroll service provider's security policy and finds significant topics are missing.
Which of the following is the auditor's BEST course of action?
Question249: Which of the following is MOST likely to be prevented by a firewall connected to the Internet?
Question250: When using a wireless device, which of the following BEST ensures confidential access to email via web mail?
Question251: The PRIMARY purpose for an IS auditor to review previous audit reports during the planning phase of a current audit is to:
Question252: Which of the following is the MOST important step in the development of an effective IT governance action plan?
Question253: An IS auditor finds multiple situations where the help desk resolved security incidents without notifying IT security as required by policy. Which of the following is the BEST audit recommendation?
Question254: An IS auditor has discovered that a cloud-based application was not included in an application inventory that was used to confirm the scope of an audit. The business process owner explained that the application will be audited by a third party in the next year. The auditor's NEXT step should be to:
Question255: Which of the following access fights presents the GREATEST risk when granted to a new member of the system development staff?
Question256: In a small organization, an IS auditor finds that security administration and system analysis functions are performed by the same employee. Which of the following is the MOST significant finding?
Question257: Which of the following would be the MOST effective control to mitigate unintentional misuse of authorized access?
Question258: An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor s NEXT course of action?
Question259: An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner Which of the following is the auditor s BEST recommendation?
Question260: During a review of system access, an IS auditor notes that an employee who has recently changed roles within the organization still has previous access rights. The auditor s NEXT step should be to:
Question261: An organization's IT security policy states that user ID's must uniquely identify individual's and that user should not disclose their passwords. An IS auditor discovers that several generic user ID's are being used.
Which of the following is the MOST appropriate course of action for the auditor/
Question262: Audit management has just completed the annual audit plan for the upcoming year, which consists entirely of high-risk processor. However it is determined that there are insufficient resources to execute the plan. What should be done NEXT?
Question263: A database is denormalized in order to:
Question264: Which of the following access control situations represents the MOST serious control weakness?
Question265: Which of the following BEST determines if a batch update job was completed?
Question266: Following an IT audit, management has decided to accept the risk highlighted in the audit report. Which of the following would provide the MOST assurance to the IS auditor that management is adequately balancing the needs of the business with the need to manage risk?
Question267: An internal audit department recently established a quality assurance (QA) program as part of its overall audit program. Which of the following activities is MOST important to rlude as part of the QA program requirements?
Question268: What should be an IS auditor s NEXT course of action when a review of an IT organizational structure reveals IT staff members have duties in other departments?
Question269: Which of the following mechanisms for process improvement involves examination of industry best practice?
Question270: An IS auditor is following upon a finding that determined elevated administrator accounts for servers were not being properly checked out and then back in after each use. Which of the following is the MOST appropriate sampling technique to determine the scope of the problem?
Question271: During an external assessment of network vulnerability which of the following activities should be performed FIRST
Question272: Which of the following is the GREATEST cause for concern when an organization is planning to migrate business-critical applications to the cloud using a Platform as a Service (PaaS) model?
Question273: Which of the following should be of MOST concern to an IS auditor during the review of a quality management system?
Question274: The BEST reason for implementing a virtual private network (VPN) is that it:
Question275: During a vulnerability assessment, an IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer orders via credit card. The IS auditor could FIRST:
Question276: An organization's current end-user computing practices include the use of a spreadsheet for financial statements. Which of the following is the GREATEST concern?
Question277: Which of the following is the MOST effective control to ensure electronic records beyond their retention periods are deleted from IT systems?
Question278: Which of the following findings should hr of GREATEST concern for an IS auditor when auditing the effectiveness of a phishing simulation test administered for staff members?
Question279: Which of the following is an advantage of decentralized security administration?
Question280: The risk that the IS auditor will not find an error that has occurred is identified by which of the following terms?
Question281: Which of the following ensures components of an IT system are identified and baselined, and that changes to them are implemented in a controlled manner?
Question282: An organization was recently notified by its regulatory body of significant discrepancies in its reporting data.
A preliminary investigation revealed that the discrepancies were caused problems with the organization's data quality. Management has directed the data quality team to enhance their program. The audit committee has asked internal audit to be visors to the process. After the data quality team identifies the system data at fault which of the following should internal audit recommend as the NEXT step m the process?
Question283: An IT service desk has recorded several incidents related to server downtime following the failure of a network time protocol (NTP) server. Which of the following is the BEST methodology to help identify the root cause?
Question284: Which of the following should be an IS auditor's GREATEST concern when evaluating a cybersecurity incident response plan?
Question285: Which of the following should MOST concern an IS auditor reviewing an intrusion detection system (IDS)?
Question286: An IS auditor is a member of an application development team that is selecting software. Which of the following would impair the auditor's independence?
Question287: A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?
Question288: Which of the following is the MOST effective way to minimize the risk of a SQL injection attack?
Question289: To BEST determine if a project is successfully addressing business requirements while managing the associated risk, which of the following should an IS auditor expect to find at each significant milestone?
Question290: Which of the following BEST ensures that only authorized software is moved into a production environment?
Question291: An IS auditor is reviewing standards and compliance requirements related to an upcoming systems audit. The auditor notes that the industry standards are less stringent than local regulatory standards. How should the auditor proceed?
Question292: Which of the following is the BEST indicator that an application system's agreed-upon level of service has been met?
Question293: Which of the following stakeholders should be PRIMARILY responsible for developing, implementing, and monitoring metrics for security activities?
Question294: Which of the following is MOST important for the successful completion of a new application system?
Question295: An audit report that specifies responsibility for the closure of noncompliance issues is BEST enhanced by including:
Question296: Reviewing which of the following would be MOST helpful in assessing whether an organization s IT performance measures are comparable to other organizations in the same industry?
Question297: Which of the following activities is MOST important to consider when conducting IS audit planning?
Question298: Using swipe cards to limit employee access to restricted areas requires implementing which additional control?
Question299: Which of the following is MOST important when planning a network audit?
Question300: Since data storage of a critical business application is on a redundant array of inexpensive disks (RAID).
Backup are not considered essential. The IS auditor should recommend proper backup because RAID:
Question301: What should be the PRIMARY basis for scheduling a follow-up audit?
Question302: During audit planning, an IS auditor walked through the design of controls related to a new data loss prevention tool. It was noted that the tool will be configured to alert. IT management when large files are sent outside of the organization via email. What type of control will be tested?
Question303: An IS auditor is examining a front-end sub ledger and a main ledger Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?
Question304: A maturity model can be used to aid the implementation of IT governance by identifying:
Question305: Which of the following metrics would BEST measure the agility of an organization's IT function?
Question306: A company has implemented an IT segregation of duties policy In a role-based environment, which of the following roles may be assigned to an application developer?
Question307: Which of the following is MOST important for an IS auditor to confirm when reviewing the effectiveness of an incident response program?
Question308: Which of the following factors constitutes a strength in regard to the use of a disaster recovery planning reciprocal agreement?
Question309: Which audit technique provides the GREATEST assurance that incident management procedures are effective?
Question310: The risk that is created if a single sign-on is implemented for all systems is that a/an:
Question311: An IS auditor has completed a service level management audit related to order management services provided by a third party Which of the following is the MOST significant finding?
Question312: A review of Internet security disclosed that users have individual user accounts with Internet service providers (ISPs) and use these accounts for downloading business data. The organization wants to ensure that only the corporate network is used. The organization should FIRST:
Question313: Which of the following findings would be of MOST concern to an IS auditor performing a review of an end-user developed application that generates financial statements?
Question314: Communicating which of the following would BEST encourage management to initiate appropriate actions following the receipt of report findings?
Question315: Which of the following is MOST important to include in a contract to outsource data processing that involves customer personally identifiable information (Pit)?
Question316: Which of the following should an IS auditor do FIRST when determining whether to employ data analytics in an audit?
Question317: An organization plans to launch a social media presence as part of a new customer service campaign. Which of the following is the MOST significant risk from the perspective of potential litigation?
Question318: Which the following is MOST critical for the effective implementation of IT governance?
Question319: Which of the following is the MOST significant concerns when backup tapes are encrypted?
Question320: Which of the following BEST supports an organization's planning efforts for investments in IT initiatives?
Question321: An IS auditor finds that periodic reviews of read-only users for a reporting system are not being performed.
Which of the following should be the IS auditor's NEXT course of action?
Question322: An IS auditor is reviewing the upgrading of an operating system. Which of the following would be the GREATEST audit concern?
Question323: Which of the following is the BEST guidance from an IS auditor to an organization planning an initiative to improve the effectiveness of its IT processes?
Question324: Which of the following provides the BEST evidence that network filters are functioning?
D18912E1457D5D1DDCBD40AB3BF70D5D
Question325: An IS auditor is assigned to review the development of a specific application. Which of the following would be the MOST significant step following the feasibility study?
Question326: A user of a telephone banking system has forgotten his personal identification number (PIN), after the user has been authenticated, the BEST method of issuing a new pin is to have:
Question327: An organization has purchased a replacement mainframe computer to cope with the demands of increased business. Which of the following should be the PRIMARY concern of an IS auditor?
Question328: Which of the following projects would be MOST important to review in an audit of an organizations financial statements?
Question329: When an intrusion into an organizations network is detected, which of the foflomng should be performed FIRST?
Question330: During an audit of an organization's financial statements, an IS auditor finds that the IT general controls are deficient. What should the IS auditor recommend?
Question331: Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?
Question332: Which of the following is the MOST important reason to periodically review data that has already been classified?
Question333: Which of ihe following BEST indicates a need to review an organization's information security policy?
Question334: Which of the following is the BEST control to protect an organization's sensitive data when using a publicly available cloud storage service?
Question335: Which of the following is the BEST sampling method to use when estimating the rate of occurrence of a specific quality in a population?
Question336: While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed the audit function. In order to resolve the situation, the IS auditor/, BEST course of action would be to:
Question337: Stress testing should ideally be carried out under a:
Question338: During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:
Question339: Which of the following should be performed FIRST when preparing to deploy a major upgrade to a critical online application?
Question340: Which of the following would BEST detect that a distributed-denial-of-service attack (DDoS) is occurring?
Question341: An IS Auditor is performing a business continuity plan (BCP) audit and identifies that the plan has not been tested for five years, however, the plan was successfully activated during a recent extended power outage.
Which of the following is the 15 auditor's BEST count of action?
Question342: Which of the following is a detective control that can be used to uncover unauthorized access to information systems?
Question343: Which of the following IT processes is likely to have the inherent regulatory risk?
Question344: A development team has designed a new application and incorporated best practices for secure coding. Prior to launch, which of the following is the IS auditor's BEST recommendation to mitigate the associated security risk?
Question345: An advantage of installing a thin client architecture in a local area network (LAN) is that this would:
Question346: Which of the following would provide the BEST evidence of successfully completed batch uploads?
Question347: An IS auditor has performed an agreed-upon procedures engagement for the organization's IT steering committee. Which of the following would be the MOST important element to include in the report?
Question348: Within a payroll department, which of the following responsibilities should be assigned to two or more individuals to avoid a segregation of duties conflict?
Question349: Which of the following is MOST important for an IS auditor to determine when evaluating a database for privacy-related risks?
Question350: An organization was recently notified by its regulatory body of significant discrepancies in its reporting data.
A preliminary investigation revealed that the discrepancies were caused by problems with the organization's data quality. Management has directed the data quality team to enhance their program The audit committee has asked internal audit to be advisors to the process. To ensure that management concerns are addressed, which data set should internal audit recommend be reviewed FIRST?
Question351: Which of the following is the PRIMARY concern if a business continuity plan (BCP) is not based on a business impact analysis (BIA)?
Question352: An organization wants to reuse company-provided smartphones collected from staff leaving the organization.
Which of the following would be the BEST recommendation?
Question353: Due to cost restraints, a company defers the replacement of hardware supporting core applications. Which of the following represents the GREATEST risk?
Question354: An intruder accesses an application server and makes changes to the system log. Which of the following would enable the identification of the changes?
Question355: Which of the following should be of GREATEST concern to an IS auditor when evaluating a new system's production readiness?
Question356: Which of the following is an IS auditor's BEST recommendation for mitigating risk associated with rapid expansion of hosts within a virtual environment?
Question357: Management decided to accept the residual risk of an audit finding and not take the recommended actions. The internal. Audit team believes the acceptance is inappropriate and has discussed the situation with executive management. After this discussion, there is still disagreement regarding the decision. Which of the following is the BEST course of action by internal audit.
Question358: Which of the following control? MOST efficiently ensures that orders transmitted from a sales office to a production warehouse are received accurately and completely?
Question359: Which of the following areas are the MOST likely cause of an application producing several erroneous reports?
Question360: When connecting to an organization's intranet from the Internet, security against unauthorized access is BEST achieved by using:
Question361: An auditor is creating an audit program in which the objective is to establish the adequacy of personal data privacy controls in a payroll process. Which of the following would be MOST important to include?
Question362: An IT steering committee assists the board of directors to fulfill IT governance duties by: