EMT Practice Test

1. Question Content...


Question List

Question1: An IS auditor is assigned to review the IS department's quality procedures. Upon contacting the IS manager, the auditor finds that there is an informal unwritten set of standards. Which of the following should be the auditor's NEXT action?

Question2: An enterprise receiving email should have procedures to control:

Question3: Which of the following provides for the GREATEST cost reduction in a large data center?

Question4: Which of the following is the GREATEST benefit of implementing an IT governance strategy within an organization?

Question5: mission-critical applications with a low recovery time objective (RTO). which of the following is the BEST backup strategy?

Question6: Of the following procedures for testing a disaster recovery plan (DRP), which should be used MOST frequently?

Question7: During a review of an application system, an IS auditor identifies automated controls designed to prevent the entry of duplicate transactions. What is the BEST way to verify that the controls work as designed?

Question8: Which of the following should be of GREATEST concern to an IS auditor reviewing the controls for a continuous software release process?

Question9: Which of the following is the BEST guidance from an IS auditor to an organization planning an initiative to improve the effectiveness of its IT processes?

Question10: During the evaluation of a firm's newly established whistleblower system, an auditor notes several findings.
Which of the following should be the
auditor's GREATEST concern?

Question11: During the procurement process which of the following would be the BEST indication that prospective vendors will meet the organization's needs?

Question12: To confirm integrity for a hashed message, the receiver should use

Question13: An IS auditor should ensure that an application's audit trail:

Question14: An operations manager has recently moved to internal audit Which of the following would be of GREATEST concern when assigning audit projects to this individual?

Question15: An IS auditor has been asked to advise on the design and implementation of IT management best practices Which of the following actions would impair the auditor's independence?

Question16: An IS auditor is following upon a finding that determined elevated administrator accounts for servers were not being properly checked out and then back in after each use. Which of the following is the MOST appropriate sampling technique to determine the scope of the problem?

Question17: Which of the following methodologies is MOST appropriate to use for developing software with incomplete requirements?

Question18: An IS auditor discovered that a firewall has more services than needed The IS auditor's FIRST recommendation should be to:

Question19: Which of the following would provide the MOST assurance that an application will work in a live environment?

Question20: Which of the following should be restricted from a network administrator's privileges in an adequately segregated H" environment?

Question21: Which of the following would BEST enable effective IT resource management?

Question22: Which of the following BEST indicates the effectiveness of an organization's risk management program?

Question23: An IS auditor notes that several of a client's servers are vulnerable to attack due to open unused ports and protocols. The auditor recommends management implement minimum security requirements. Which type of control has been recommended?

Question24: When developing a business continuity plan (BCP), which of the following steps should be completed FIRST?

Question25: Which of the following would be an auditor's GREATEST concern when reviewing data inputs from spreadsheets into the core finance system?

Question26: During a review of an insurance company s claims system, the IS auditor learns that claims for specific medical procedures are acceptable only from females This is an example of a:

Question27: The PRIMARY objective of parallel testing an application is to confirm that:

Question28: In a RAO model, which of the following roles must be assigned to only one individual?

Question29: The purpose of data migration testing is to validate data:

Question30: Which of the following is an IS auditor's BEST course of action upon learning that preventive controls have been replaced with detective and corrective controls'

Question31: To maintain the confidentiality of information moved between office and home on removable media, which of the following is the MOST effective control?

Question32: A risk analysis is MOST useful when applied during which phase of the system development process?

Question33: An IS auditor notes that help desk personnel are required to make critical decisions during major service disruptions. Which of the following is the auditor's BEST recommendation to address this situation?

Question34: Which of the following would represent an acceptable test of an organization s business continuity plan?

Question35: During a post-incident review of a security breach, what type of analysis should an IS auditor expect to be performed by the organization's information security team?

Question36: Which of the following should be the MOST important consideration when establishing data classification standards?

Question37: Which of the following is the MOST effective way to assess whether an outsourcer's controls are following the service level agreement (SLA)?

Question38: An IS auditor is assessing an organization's implementation of a virtual network. Which of the following observations should be considered the MOST significant risk?

Question39: What is the PRIMARY advantage of prototyping as part of systems development?

Question40: Which of the following is the MOST important reason to classify a disaster recovery plan (DRP) as confidential?

Question41: An organization is developing data classification standards and has asked internal audit for advice on aligning the standards with best practices. Internal audit would MOST likely recommend the standards should be:

Question42: To test the integrity of the data in the accounts receivable master file, an IS auditor particularly interested in reviewing customers with balances over $400.000. the selection technique the IS auditor would use to obtain such a sample is called:

Question43: The GREATEST risk of database renormalization is:

Question44: Which of the following should be an IS auditor's FIRST action when assessing the risk associated with unstructured data?

Question45: Which of the following is the BEST source for describing the objectives of an organization s information systems?

Question46: The PRIMARY purpose of an internal audit department's quality assurance improvement program is to evaluate which of the following?

Question47: Which of the following is the BEST indication that an information security program is effective?

Question48: An IS auditor is planning on utilizing attribute sampling to determine the error rate for health care claims processed. Which of the following factors will cause the sample size to decrease?

Question49: An IS auditor determines that a business continuity plan has not been reviewed and approved by management.
Which of the following is the MOST significant risk associated with this situation?

Question50: An IS auditor discovers that management has created a system interface to receive financial data and store it in a data warehouse. Which of the following provides the BEST assurance that data in the data warehouse is accurate?

Question51: Which of the following is the MAIN purpose of implementing an incident response process?

Question52: Which of the following is the BEST detective control for a job scheduling process involving data transmission?

Question53: Which of the following is the BEST way to help ensure new IT implementations align with enterprise architecture principles and requirements?

Question54: Which of the following BEST ensures that only authorized software is moved into a production environment?

Question55: An audit group is conducting a risk assessment as part of a risk-based audit strategy. To help ensure the risk assessment results are relevant to the organization, it is MOST important to:

Question56: Which of the following will BEST protect the confidentiality of data stored on the hard drive of a laptop computer?

Question57: Which of the following observations noted during a review of the organization s social media practices should be of MOST concern to the IS auditor?

Question58: Which of the following is the GREATEST cause for concern when an organization is planning to migrate business-critical applications to the cloud using a Platform as a Service (PaaS) model?

Question59: An IS auditor finds ad hoc vulnerability scanning is in place with no clear alignment to the organization's wider security threat and vulnerability management program. Which of the following would BEST enable the organization to work toward improvement in this area?

Question60: An IS auditor notes that several users have not logged into an application for more than one year. Which of the following would be the BEST audit recommendation?

Question61: When initiating an IT project, which of the following should be completed FIRST:'

Question62: Which of the following control? MOST efficiently ensures that orders transmitted from a sales office to a production warehouse are received accurately and completely?

Question63: Which of the following is an advantage of using electronic data interchange (EDI)?

Question64: An IS auditor is observing transaction processing and notes that a high-priority update job ran out of sequence.
What is the MOST significant risk from this observation'

Question65: Which of the following is MOST likely to be spoofed in an email transmission?

Question66: An IS auditor would MOST likely recommend that IT management use a balanced scorecard to:

Question67: An IS auditor reviewing a new application for compliance with information privacy principles should be MOST concerned with:

Question68: An organization has implemented an automated match between purchase orders, goods receipts, and invoices.
Which of the following risks will this control BEST mitigate?

Question69: An IS auditor is evaluating a virtual server environment and learns that the production server, development server, and management console are housed in the same physical host. What should be the auditor's PRIMARY concern?

Question70: Which of the following is the MOST important reason for updating and retesting a business continuity plan (BCP)7

Question71: An IS auditor conducting audit follow-up activities learns that some previously agreed-upon corrective actions have not been taken and that the associated risk has been accepted by senior management. If the auditor disagrees with management s decision what is the BEST way to address the situation?

Question72: Following a security breach, in which a hacker exploited a well-known vulnerability in the domain controller, an IS auditor has been asked to conduct a control assessment. The auditor's BEST course of action would be to determine it:

Question73: While planning a security audit, an IS auditor is made aware of a security review carried out by external consultants. It is MOST implement for the auditor to:

Question74: During a help desk review, an IS auditor determines the call abandonment rate exceeds agreed-upon service levels. What conclusion can be drawn from this finding?

Question75: An IS auditor is evaluating the risks and controls associated with a virtualized environment. Which of the following observations should be of GREATEST concern?

Question76: Which of the following should be reviewed FIRST when planning an IS audit?

Question77: The MOST efficient way to confirm that an ERP system being implemented satisfies business expectations is to utilize which of the following types of testing?

Question78: An organization has recently acquired and implemented intelligent-agent software for granting loans to customers. During the post implementation review, which of the following would be the KEY procedure for the IS auditor to perform?

Question79: Which of the following is the PRIMARY reason for an IS auditor to map out the narrative of a business process?

Question80: While reviewing similar issues in an organization s help desk system, an IS auditor finds that they were analyzed independently and resolved differently This situation MOST likely indicates a deficiency in:

Question81: The grants management system is used to calculate grant payments. Once per day, a batch interface extracts grant amounts and payee details from this system for import into the once system so payments can be made overnight Which of the following controls provides the GREATEST assurance of the accuracy and completeness of the imported payment

Question82: Which of the following should be an IS auditor's FIRST activity when planning an audit?

Question83: Which of the following it BEST enabled by following a configuration management process for new applications?

Question84: What should an IS auditor do when informed that some recommendations cannot be implemented due to financial constraints?

Question85: Which of the following should MOST concern an IS auditor reviewing an intrusion detection system (IDS)?

Question86: Loading of illegal software packages onto a network by an employee is MOST effectively detected by:

Question87: Which of the following is the MOST effective control to mitigate unintentional misuse of authorised access?

Question88: At a project steering committee meeting, it is stated that adding controls to business processes undergoing re-engineering is an unnecessary cost. The IS auditor's BEST response is that the actual control overhead for a business process is:

Question89: When developing metrics to measure the contribution of IT to the achievement of business goals, the MOST

Question90: An existing system is being replaced with a new application package. User acceptance testing (UAT) should ensure that:

Question91: Management decided to accept the residual risk of an audit finding and not take the recommended actions. The internal. Audit team believes the acceptance is inappropriate and has discussed the situation with executive management. After this discussion, there is still disagreement regarding the decision. Which of the following is the BEST course of action by internal audit.

Question92: During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:

Question93: An IS auditor observed that most users do not comply with physical access controls. The business manager has explained that the control design is inefficient. What is the auditor's BEST course of action?

Question94: The demilitarized zone (DMZ) is the part of a network where servers that are placed are:

Question95: Which of the following should be an IS auditor's GREATEST consideration when scheduling follow-up activities for agreed-upon management responses to remediate audit observations?

Question96: An IS auditor is conducting a review of an organization s information systems and discovers data that is no longer needed by business applications. Which of the following would b IS auditor's BEST recommendation?

Question97: Which of the following will enable a customer to authenticate an online Internet vendor?

Question98: A start-up company acquiring for its order-taking system is unable to predict the volume of transactions.
Which of the following is MOST important for the company to consider?

Question99: Which of the following is MOST important for the IS auditor to verify when reviewing the development process of a security policy?

Question100: Which of the following should be performed FIRST when preparing to deploy a major upgrade to a critical online application?

Question101: A configuration management audit identified that predefined automated procedures are used when deploying and configuring application infrastructure in a cloud-based environment. Which of the following is MOST important for the IS auditor to review?

Question102: Which of the following is the BEST indication of an effective incident management process?

Question103: When connecting to an organization's intranet from the Internet, security against unauthorized access is BEST achieved by using:

Question104: What is the BEST population to select from when testing that programs are migrated to production with proper approval?

Question105: What should be the PRIMARY basis for scheduling a follow-up audit?

Question106: Which of the following is the BEST time for an IS auditor to perform a post-implementation review?

Question107: Which of the following is MOST important to helping incident response managers quickly and accurately estimate the overall business impact of security incidents?

Question108: Which of the following poses the GREATEST risk to the enforceability of networking policies in a virtualized environment?

Question109: An IS auditor observes that an organization s critical IT systems nave experienced several failures throughout the year. Which of the following is the BEST recommendation?

Question110: Which of the following presents the GREATEST security risk in a virtualized computing environment?

Question111: Which of the following is an IS auditor's recommendation for mitigating risk associated with rapid expansion of hosts within a virtual environment?

Question112: An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor s NEXT course of action?

Question113: Which of the following is the PRIMARY objective of the IS audit function?

Question114: In an IS auditor's review of an organization s configuration management practices for software, which of the following is MOST important?

Question115: A company has located its computer center on a moderate earthquake fault. Which of the following is the MOST important consideration in establishing a contingency plan and an alternate processing site?

Question116: Which of the following would BEST enable an IS auditor to perform an audit that requires testing the full population of data?

Question117: Which of the following are BEST suited for continuous auditing?

Question118: Which of the following is the PRIMARY benefit of using an integrated audit approach?

Question119: Which of the following is the BEST way to help ensure the security of privacy-related data stored by an organization?

Question120: Which of the following is the PRIMARY advantage of single sign-on (SSO)?

Question121: When evaluating the recent implementation of an intrusion detection system (IDS), an IS auditor should be MOST concerned with inappropriate:

Question122: Which of the following is the BEST method for uncovering shadow IT within an organization?

Question123: Which of the following BEST helps to identify errors during data transfer?

Question124: Based on the Guidance of internal audit, an IT steering committee is considering the use of a balanced scorecard to evaluate its project management process. Which of the following is the GREATEST advantage to using this approach?

Question125: Which of the following controls is MOST appropriate against brute force attacks at login?

Question126: An IS auditor identifies key controls that have been overridden by management. The next step the IS auditor should take is to

Question127: A vendor service level agreement (SLA) requires backup to be physically secured. An IS audit of the backup system revealed a number of the backup media were missing. Which of the following should be the auditor's NEXT step?

Question128: When reviewing a disaster recovery plan (DRP) an IS auditor should examine the:

Question129: To protect information assets, which of the following should be done FIRST?

Question130: Which of the following is the MOST appropriate document for granting authority to an external IS auditor in an audit engagement with a client organization?

Question131: The information security function in a large organization is MOST effective when:

Question132: Which of the following is the BEST type of backup to minimize the associated time and media?

Question133: Which of the following would provide management with the MOST reasonable assurance that a new data warehouse will meet the needs of the organization?

Question134: Which of the following control checks would utilize data analytics?

Question135: Which of the following is the MOST important activity to undertake to avoid rework later in a project?

Question136: Which of the following should be of GREATEST concern to an organization's board when reviewing the internal audit department's quality assurance and improvement program?

Question137: Both statistical and nonstatistical sampling techniques:

Question138: Which of the following is the BEST IS audit strategy?

Question139: Which of the following is the MOST important difference between end-user computing (EUC) applications and traditional applications?

Question140: When an organization outsources a payroll system to a cloud service provider, the IS auditor's PRIMARY concern should be the:

Question141: An IS auditor learns that after each scheduled batch process runs, management performs a reconciliation between upstream and downstream data. Which of the following is MOST important for the auditor to investigate?

Question142: What is an IS auditor's BEST recommendation for management if a network vulnerability assessment confirms that critical patches have not been applied since the last assessment?

Question143: The quality assurance (QA) function should be prevented from

Question144: When planning for the implementation of a new system, an organization will opt for a parallel run PRIMARILY to:

Question145: An IS auditor finds that a mortgage origination team receives customer mortgage applications via a shared repository. Which of the following test procedures is the BEST way to assess whether there are adequate privacy controls over this process?

Question146: Which of the following is the BCST way to determine the effectiveness of a recently installed intrusion detection system (IDS)?

Question147: Which of the following access rights in the production environment should be granted to a developer to maintain segregation of duties?

Question148: An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?

Question149: Which of the following is the BEST way to reduce the risk of vulnerabilities during the rapid deployment of container-based applications to a hybrid cloud?

Question150: Which of the following should be of GREATEST concern to an IS auditor conducting an audit of incident response procedures?

Question151: During an audit, it is discovered that several suppliers with standing orders have been deleted from the supplier master file Which of the following controls would have BEST evented such an occurrence?

Question152: Stress testing should ideally be carried out under a:

Question153: Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?

Question154: Which of the following is a directive control?

Question155: Which of the following would be considered the BEST compensating control to use when an emergency process, rather than the established control procedures, is used for database changes?

Question156: While reviewing the project plan for a new system prior to go-live, an IS auditor notes that the project team has not documented a fallback plan. Which of the following would be the BEST go-live approach in this situation?

Question157: An audit report notes that terminated employees have been retaining their access rights after their departure.
Which of the following strategies would BEST ensure that obsolete access rights are identified in a timely manner?

Question158: Before concluding that internal controls can be relied upon, the IS auditor should:

Question159: Which of the following is the BEST sampling method to use when estimating the rate of occurrence of a specific quality in a population?

Question160: While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed the audit function. In order to resolve the situation, the IS auditor/, BEST course of action would be to:

Question161: An IS auditor performs a follow-up audit and learns the approach taken by the auditee to fix the findings differs from the agreed-upon approach confirmed during the last audit. Which of the following should be the auditor's NEXT course of action?

Question162: Which of the following is the MOST efficient solution for a multi-location healthcare organization that wants to be able to access patient data wherever patients present themselves for care?

Question163: .. Implementing which of the following would BEST address issues relating to the aging of IT systems?

Question164: Which of the following factors will BEST promote effective information security management?

Question165: An IS auditor is planning to audit an organization's infrastructure for access, patching, and change management. Which of the following is the BEST way to prioritize the systems?

Question166: A recent audit identified duplicate software licenses and technologies Which of the following would be MOST helpful to prevent this type of duplication in the future?

Question167: Which of the following audit procedures would assist an IS auditor in determining the effectiveness of a business continuity plan (BCP)?

Question168: The drives of a tile server are backed up at a hot site. Which of the following is the BEST way to duplicate the files stored on the server for forensic analysis?

Question169: While reviewing a hot site, the IS auditor discovers that one type of hardware platform is not installed. The IS auditor should FIRST

Question170: Which of the following should an IS auditor expect to find in an organization s information security policies?

Question171: An IS auditor finds that periodic reviews of read-only users for a reporting system are not being performed.
Which of the following should be the IS auditor's NEXT course of action?

Question172: Which of the following BEST demonstrates to an IS auditor that an organization has implemented effective risk management processes?

Question173: An organization using instant messaging to communicate with customers can prevent legitimate customers from being impersonated by:

Question174: An IS auditor auditing the effectiveness of utilizing a hot site will MOST likely:

Question175: Which of the following is the MOST important benefit of involving IS audit when implementing governance of enterprise IT?

Question176: Which of the following would BEST detect that a distributed-denial-of-service attack (DDoS) is occurring?

Question177: Which the following is MOST critical for the effective implementation of IT governance?

Question178: When an intrusion into an organizations network is detected, which of the foflomng should be performed FIRST?

Question179: Which of the following should be performed immediately after a computer security incident has been detected and analyzed by an incident response team?

Question180: An IS auditor has discovered that unauthorized customer management software was installed on a workstation.
The auditor determines the software has been uploading customer ita to an external party. Which of the following is the IS auditor's BEST course of action?

Question181: Which of the following is the PRIMARY reason for database optimization in an environment with a high volume of transactions?

Question182: The BEST data backup strategy for mobile users is to:

Question183: Which of the following will BEST help to ensure that an in-house application in the production environment is current?

Question184: An organization was recently notified by its regulatory body of significant discrepancies in its reporting data.
A preliminary investigation revealed that the discrepancies were caused problems with the organization's data quality. Management has directed the data quality team to enhance their program. The audit committee has asked internal audit to be visors to the process. After the data quality team identifies the system data at fault which of the following should internal audit recommend as the NEXT step m the process?

Question185: An organization allows employees to use personally owned mobile devices to access customer's personal information. An IS auditor's GREATEST concern should be whether

Question186: An IS auditor reviewing a recently implemented virtual environment notices discrepancies among similar machine setups. Which of the following should the auditor recommend to minimize configuration risks?

Question187: Which of the following should be reviewed as part of a data integrity test?

Question188: During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures-The auditor's NEXT step should be to:

Question189: An IS auditor is reviewing the results of a business process improvement project. Which of the following should be performed FIRST?

Question190: When auditing the effectiveness of a biometric system, which of the following indicators would be MOST important to review?

Question191: Which of the following sampling techniques is commonly used in fraud detection when the expected occurrence rate is small and the specific controls are critical?

Question192: An IS auditor is evaluating the access controls at a multinational company with a shared network infrastructure. Which of the following is MOST important?

Question193: Which of the following is the BEST way for an IT forensics investigator to detect evidence of steganography?

Question194: Which of the following is the MOST important reason to periodically review data that has already been classified?

Question195: An organization's audit charter should:

Question196: Which of the following is the MOST important consideration for building resilient systems?

Question197: Which of the following is a detective control?

Question198: An IS audit manager finds that data manipulation logic developed by the audit analytics team leads to incorrect conclusions This inaccurate logic is MOST likely an indication of lich of the following?

Question199: Which of the following requires a consensus by key stakeholders on IT strategic goals and objectives?

Question200: A previously agreed-upon recommendation was not implemented because the auditee no longer agrees with the original finding. The IS auditor's FIRST course of action should be to:

Question201: Which of the following types of controls would BEST facilitate a root cause analysis for an information security incident?

Question202: When auditing the IT governance of an organization planning to outsource a critical financial application to a cloud vendor, the MOST important consideration for the auditor should be:

Question203: A security administrator should have read-only access for which of the following?

Question204: An IS auditor has performed an agreed-upon procedures engagement for the organization's IT steering committee. Which of the following would be the MOST important element to include in the report?

Question205: During a post-implementation review, a step in determining whether a project met user requirements is to review the:

Question206: An IS auditor has been asked to audit the proposed acquisition of new computer hardware. The auditor's PRIMARY concern is that:

Question207: During a review of information security procedures for disabling user accounts, an IS auditor discovers that IT is only disabling network access for terminated employees IT management maintains if terminated users cannot access the network, they will not be able to access any applications Which of the following is the GREATEST risk associated with application access?

Question208: When reviewing user access to an application containing sensitive company data, which of the following should be the GREATEST concern with regard to segregation of duties?

Question209: Audit software designed to detect invalid data, extreme values, or linear correlations between data elements can be classified as which type of data analytics tool?

Question210: Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?

Question211: A large insurance company is about to replace a major financial application. Which of the following is the IS auditor's PRIMARY focus when conducting the pre-implementation review?

Question212: A new regulation in one country of a global organization has recently prohibited cross-border transfer of personal data. An IS auditor has been asked to determine the organization's level of exposure in the affected country. Which of the following would be MOST helpful in making this assessment?

Question213: After an external IS audit, which of the following should be IT management's MAIN consideration when determining the prioritization of follow-up activities?

Question214: Which of the following BEST facilitates the ability to efficiently allocate time, effort, and resources to address security incidents?

Question215: When preparing to evaluate the effectiveness of an organizations IT strategy, an IS auditor should FIRST review;

Question216: Which of the following reports can MOST effectively be used to analyze a systems performance problem?

Question217: Which of the following validation techniques would BEST prevent duplicate electronic vouchers?

Question218: Which of the following is the BEST point in time to conduct a post-implementation review (PIR)?

Question219: Which of the following tools is MOST helpful in estimating budgets for tasks within a large IT business application project?

Question220: Which of the following is MOST important for an IS auditor to verify when reviewing a critical business application that requires high availability?

Question221: Which of the following should be of GREATEST concern when conducting an audit of software inventory management?

Question222: An IS auditor is mapping controls to risk for an accounts payable system What is the BEST control to detect errors in the system?

Question223: During an audit of an organization s incident management process, an IS auditor teams that the security operations team includes detailed reports of recent attacks in its communications to employees. Which of the following is the GREATEST concern with this situation?

Question224: As part of a post-implementation review, the BEST way to assess the realization of outcomes is by:

Question225: A recent audit concluded that an organization's information security system was weak and that monitoring would likely fail to detect penetration. Which of the following would be the MOST appropriate recommendation?

Question226: An organization migrated most of its physical servers to virtual ones in its own data center. Which of the following should be of GREATEST concern to an IS auditor reviewing the virtual environment?

Question227: An advantage of installing a thin client architecture in a local area network (LAN) is that this would:

Question228: A manufacturing company is implementing application software for its sales and distribution system. Which of the following is the MOST important reason for the company to choose a centralized online database?

Question229: Which of the following is MOST important for an IS auditor to consider when determining an appropriate sample size in situations where selecting the entire population is not feasible?

Question230: What would be an IS auditors GREATEST concern when using a test environment for an application audit?

Question231: Which of the following controls is MOST effective in detecting spam?

Question232: A PRIMARY benefit derived by an organization employing control self-assessment (CSA) techniques s that CSA.

Question233: Which of the following is the BEST way to transmit documents classified as confidential over the Internet?

Question234: The recovery time objective (RTO) is normally determined on the basis of the:

Question235: Which of the following would BEST deter the theft of corporate information from a laptop?

Question236: Which of the following is a distinguishing feature at the highest level of a maturity model?
D18912E1457D5D1DDCBD40AB3BF70D5D

Question237: A typical network architecture used for e-commerce, a load balancer is normally found between the:

Question238: Which of the following is the MOST important determining factor when establishing appropriate timeframes for follow-up activities related to audit findings?

Question239: Which of the following poses the GREATEST risk to data security and integrity in a cloud environment?

Question240: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's initiative to adopt an enterprise governance framework?

Question241: Which of the following would be the MOST effective control to mitigate unintentional misuse of authorized access?

Question242: Which of the following is the MOST effective control for a utility program?

Question243: Following an IT audit, management has decided to accept the risk highlighted in the audit report. Which of the following would provide the MOST assurance to the IS auditor that management is adequately balancing the needs of the business with the need to manage risk?

Question244: Which of ihe following BEST indicates a need to review an organization's information security policy?

Question245: Which of the following would be the MOST likely reason for an intrusion prevention system (IPS) being unable to block an ongoing web attack?

Question246: An IS auditor performing an application development review attends development team meetings. The IS auditor's independence will be compromised if the IS auditor:

Question247: In attribute sampling, what is the relationship between expected error rate and sample size?

Question248: Which of the following activities provides an IS auditor with the insight regarding potential single person dependencies that might exist withing the organization?

Question249: Prior to the migration of acquired software into production, it is MOST important that the IS auditor review the:

Question250: Which of the following is MOST likely to be included in a post-implementation review?

Question251: When introducing a maturity model to the IT management process, it is BEST to align the maturity level to a point that reflects which of the following?

Question252: An IS auditor notes that the anticipated benefits from an ongoing infrastructure projects have changed due to recent organizational restructuring. Which of the following is the IS auditor's BEST recommendation?

Question253: The MOST important reason for documenting all aspects of a digital forensic investigation is that documentation:

Question254: During an audit of information security procedures of a large retailer s online store, an IS auditor notes that operating system (OS) patches are automatically deployed upon -. Which of the following should be of GREATEST concern to the auditor?

Question255: What is an IS auditor's BEST course of action if informed by a business unit's representatives that they are too busy to cooperate with a scheduled audit?

Question256: An IS auditor is reviewing an organization's method to transport sensitive data between offices. Which of the following would cause the auditor MOST concern?

Question257: Which of the following is the BEST recommendation for the establishment of an information security policy?

Question258: During a vulnerability assessment, an IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer orders via credit card. The IS auditor could FIRST:

Question259: The risk that the IS auditor will not find an error that has occurred is identified by which of the following terms?

Question260: An IT steering committee assists the board of directors to fulfill IT governance duties by:

Question261: When reviewing backup policies, an IS auditor MUST verify that backup intervals of critical systems do not exceed which of the following?

Question262: The BEST reason for implementing a virtual private network (VPN) is that it:

Question263: An organization plans to launch a social media presence as part of a new customer service campaign. Which of the following is the MOST significant risk from the perspective of potential litigation?

Question264: Internal audit reports should be PRIMARILY written for and communicated to:

Question265: The risk that is created if a single sign-on is implemented for all systems is that a/an:

Question266: Which of the following is the MOST important consideration when developing an online business architecture and recovery strategy?

Question267: When creating a new risk management program, it is CRITICAL to consider

Question268: Which of the following would be of GREATEST concern to an IS auditor when auditing a small organization's purchasing department?

Question269: Which of the following is the BEST reason for an organization to develop a business continuity plan?

Question270: In an online application, which of the following would provide the information about the transaction audit trail?

Question271: Which of the following would be the MOST effective method to identify high risk areas in the business to be included in the audit plan?

Question272: An IS auditor discovers that validation controls in a web application have been moved from the server side into the browser to boost performance. This would MOST likely increase the risk of a successful attack by:

Question273: An auditor is creating an audit program in which the objective is to establish the adequacy of personal data privacy controls in a payroll process. Which of the following would be MOST important to include?

Question274: Following an acquisition, it was decided that legacy applications subject to compliance requirements will continue to be used until they can be phased out. The IS auditor needs to determine where there are control redundancies and where gaps may exist. Which of the following activities would be MOST helpful in making this determination?

Question275: Which of the following is the MOST important consideration when planning a penetration test for a financial management system?

Question276: On a daily basis, an in-house development team moves duplicate copies of production data containing personally identifiable information (Pll) to the test environment Which of the following is the BEST way to mitigate the privacy risk involved?

Question277: An IS auditor is conducting a review of a healthcare organization's IT policies for handling medical records.
Which of the following is MOST important to verify?

Question278: After the release of an application system, an IS auditor wants to verify that the system is providing value to the organization. The auditor's BEST course of action would be to:

Question279: Which of the following communication modes should be of GREATEST concern to an IS auditor evaluating end user networking?

Question280: The BEST way to assure an organization's board of directors that IT strategies support business objectives is to:

Question281: Which of the following roles combined with the role of a database administrator (DBA) will create a segregation of duties conflict?

Question282: Which of the following is the MOST effective means of helping management and the IT strategy committee to monitor IT performance?

Question283: Which of the following is MOST important to ensure when planning a black box penetration test?

Question284: Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:

Question285: Privileged account access is require to start an ad hoc batch job. Which of the following would MOST effectively detect unauthorized job execution?

Question286: An IS auditor s role in privacy and security is to:

Question287: internal IS auditor recommends that incoming accounts payable payment files be encrypted. Which type of control is the auditor recommending?

Question288: What is the BEST indicator of successful implementation of an organization s information security policy?

Question289: To help ensure the organization s information assets are adequately protected, which of the following considerations is MOST important when developing an information classification and handling policy?

Question290: Which of the following provides an IS auditor the MOST assurance that an organization is compliant with legal and regulatory requirements?

Question291: An organization uses two data centers. Which of the following would BEST address the organization's need for high resiliency?

Question292: A stockbroker accepts orders over the Internet. Which of the following is the MOST appropriate control to ensure confidentiality of the orders?

Question293: Which of the following should an IS auditor recommend to facilitate the management of baseline requirements for hardening of firewalls?

Question294: The MAIN objective of incident management is to:

Question295: An internal audit has revealed a large number of incidents for which root cause analysis has not been performed. Which of the following is MOST important for the IS auditor to verify to determine whether there is an audit issue?

Question296: Outsourcing the development of business systems is MOST likely to result in the loss of:

Question297: The business owner's approval of software changes being moved into production is PRIMARILY necessary to:

Question298: Which of the following is the GREATEST risk associated with in-house program development and customization?

Question299: Which of the following should be the PRIMARY consideration when developing an IT strategy?

Question300: An IS auditor is reviewing an organization's implementation of a bring your own device (BYOD) program.
Which of the following would be the BEST recommendation to help ensure sensitive data is protected if a device is in the possession of an unauthorized individual?

Question301: Which of the following would be the MOST appropriate reason for an organization to purchase fault-tolerant hardware?

Question302: Which of the following is the MOST likely cause of a successful firewall penetration?

Question303: Which of the following would be the MOST effective method to address software license violations on employee workstations?

Question304: Which of the following sampling methods is the BEST approach for drawing conclusions based on frequency of occurrence?

Question305: Which of the following would provide the BEST evidence for use in a forensic investigation of an employee's hard drive?

Question306: Which of the following would be considered a corrective control when designing the security of a data center?

Question307: Which of the following is the FIRST consideration when developing a data retention policy?

Question308: An IS auditor is analysing a sample of assesses recorded on the system log of an application. The auditor intends to launch an intensive investigation if one exception is found. Which sampling method would be appropriate?

Question309: Which of the following is a benefit of requiring management to issue a report to stakeholders regarding the internal controls over IT?

Question310: An IS auditor plans to review all access attempts to a video-monitored and proximity card-controlled communications room. Which of the following would be MOST useful to the auditor?

Question311: The prioritization of incident response actions should be PRIMARILY based on which of the following?

Question312: An organization with high security requirements is evaluating the effectiveness of biometric systems. Which of the following performance indicators is MOST important?

Question313: When using a wireless device, which of the following BEST ensures confidential access to email via web mail?

Question314: A post-implementation review of a system implementation has identified that the defined objectives were changed several times without the approval of the project board. What would the IS auditor do NEXT?

Question315: An IS auditor finds that a company is using a payroll provider hosted in a foreign country Of the following the MOST important audit consideration is whether the provider s operations;

Question316: Capacity management enables organizations to:

Question317: As part of business continuity planning. Which of the following is MOST important to include in a business impact analyst (BIA)?

Question318: While reviewing the project plan for a new system prior to go-live, an IS auditor notes that the project team has not documented a fallback plan. Which of the following would be the BEST go-live approach in this situation?

Question319: An IS audit report highlighting inadequate network internal controls is challenged because no serious incident has ever occurred. Which of the following actions performed during the audit would have BEST supported the findings?

Question320: A technology service organization has recently acquired a new subsidiary. What should be the IS auditor's NEXT course of action when considering the impact on the development of the IT audit plan?

Question321: An IT governance body wants to determine whether IT service delivery is based on consistently efficient and effective processes. Which of the following would be the BEST approach?

Question322: Which of the following controls will MOST effectively detect inconsistent records resulting from the lack of referential integrity in a database management system?

Question323: When conducting a requirements analysis for a project, the BEST approach would be to:

Question324: Which of the following is an effective way to ensure the integrity of file transfers in a peer-to-peer (P2P) computing environment?

Question325: Which of the following MOST efficiently protects computer equipment against short-term reductions in electrical power?

Question326: Which of the following is MOST likely to improve the portability of an application connected to a database?

Question327: When planning an application audit, it is MOST important to evaluate risk factors by interviewing:

Question328: A review of Internet security disclosed that users have individual user accounts with Internet service providers (ISPs) and use these accounts for downloading business data. The organization wants to ensure that only the corporate network is used. The organization should FIRST:

Question329: Which of the following could be determined by an entity-relationship diagram?

Question330: An organization has outsourced its data processing function to a service provider. Which of the following would BEST determine whether the service provider continues to meet the organization s objectives?

Question331: What is the FIRST step an auditor should take when beginning a follow-up audit?

Question332: An IT service desk has recorded several incidents related to server downtime following the failure of a network time protocol (NTP) server. Which of the following is the BEST methodology to help identify the root cause?

Question333: Which of the following is MOST helpful in preventing a systems failure from occurring when an application is replaced using the abrupt changeover technique?

Question334: An organization with high availability resource requirements is selecting a provider for cloud computing.
Which of the following would cause the GREATEST concern to an IS auditor? The provider:

Question335: In a typical SDLC, which group is PRIMARILY responsible for confirming compliance with requirements?

Question336: To create a digital signature in a message using asymmetric encryption, it is necessary to:

Question337: Which of the following is the MOST effective way to identify anomalous transactions when performing a payroll fraud audit?

Question338: Which of the following is the BEST approach to help ensure evidence from a computer forensics investigation is legally admissible?

Question339: Which of the following provides the GREATEST assurance that any confidential information on a disk is no longer accessible but the device is still usable by the other internal users?

Question340: Which of the following is an example of audit risk?

Question341: Which of the following would be MOST important for an IS auditor to review during an audit of an automated continuous monitoring process being used by the finance department.

Question342: An IS auditor is performing a post-implementation review of a system deployed two years ago. Which of the following findings should be of MOST concern to the auditor?

Question343: Which of the following is the BEST physical security solution for granting and restricting access to individuals based on their unique access needs?

Question344: Which of the following is the BEST reason to utilize blockchain technology to record accounting transactions?

Question345: An organization is replacing a mission-critical system. Which of the following is the BEST implementation strategy to mitigate and reduce the risk of system failure?

Question346: Which of the following is the GREATEST risk associated with instant messaging?

Question347: Which of the following controls MOST effectively reduces the risk associated with use of instant messaging (IM) in the workplace?

Question348: Which of the following is the PRIMARY advantage of using virtualization technology for corporate applications?

Question349: An organization has agreed to perform remediation related to high-risk audit findings. The remediation process involves a complex reorganization of user roles as well as the Implementation of several compensating controls that may not be completed within the next audit cycle Which of the following is the BEST way for an IS auditor to follow up on their activities?

Question350: Due to the small size of the payroll department, an organization is unable to segregate the employee setup and payroll processing functions. Which of the following would be the BEST compensating control for the lack of segregation of duties?

Question351: Which of the following would provide the important input during the planning phase for an audit on the implementation of a bring your own device (BYOD) program?

Question352: Which of the following would an IS auditor recommend as the MOST effective preventive control to reduce the risk of data leakage'

Question353: Due to cost restraints, a company defers the replacement of hardware supporting core applications. Which of the following represents the GREATEST risk?

Question354: A new regulatory standard for data privacy requires an organization to protect personally identifiable information (Pll). Which of the following is MOST important to include in the audit engagement plan to assess compliance with the new standard?

Question355: Which of the following is the MOST effective mechanism for ensuring that critical IT operational problems are reported to executive management in a timely manner?

Question356: An IS auditor would be concerned if the quality assurance (QA) function were found to be performing which of the following roles?

Question357: At which stage of the software development life cycle should an organization identity privacy considerations?

Question358: Which of the following is the BEST method to assess the adequacy of security awareness in an organization?

Question359: What is the purpose of a hypervisor?

Question360: The PRIMARY reason an IS department should analyze past incidents and problems is to:

Question361: An IS auditor reviewing security incident processes realizes incidents are resolved and dosed, but root causes are not investigated Which of the following should be the MAJOR concern with this situation?

Question362: Which of the following would MOST effectively minimize the risk of unauthorized online banking customer transactions due to phishing?

Question363: Which of the following should an IS auditor do FIRST when determining whether to employ data analytics in an audit?