EMT Practice Test

1. Question Content...


Question List

Question1: An IS auditor performing an application development review attends development team meetings. The IS auditor's independence will be compromised if the IS auditor:

Question2: The BEST way to preserve data integrity through all phases of application containerization is to ensure which of the following?

Question3: End users have been demanding the ability to use their own devices for work, but want to keep personal information out of corporate control. Which of the following would be MOST effective at reducing the risk of security incidents while satisfying end user requirements?

Question4: An organization's IT security policy states that user ID's must uniquely identify individual's and that user should not disclose their passwords. An IS auditor discovers that several generic user ID's are being used.
Which of the following is the MOST appropriate course of action for the auditor?

Question5: Which of the following is MOST important for an IS auditor to review when evaluating the effectiveness of an organization's incident response process?

Question6: The PRIMARY purpose of running a new system In parallel is to:

Question7: What is the MOST important business concern when an organization is about to migrate a mission-critical application to a virtual environment?

Question8: The PRIMARY reason an IS department should analyze past incidents and problems is to:

Question9: Which of the following should an IS auditor recommend to reduce the likelihood of potential intruders using social engineering?

Question10: Prior to the of acquired software into production, it is MOST important that the IS auditor review the:

Question11: Which of the following metrics is MOST useful to an IS auditor when evaluating whether IT investments are meeting business objectives?

Question12: Which of the following observations noted during a review of the organization s social media practices should be of MOST concern to the IS auditor?

Question13: Which of the following MOST effectively mitigates the risk of disclosure of sensitive data stored on company-owned smartphones?

Question14: An internal audit department reports directly to the chief financial officer (CFO) of an organization This MOST likely leads to

Question15: Which of the following is the BEST way to minimize the impact of a ransomware attack?

Question16: After an employee termination, a network account was removed, but the application account remained active.
To keep this issue from recurring, which of the following is the BEST recommendation?

Question17: An organization is developing a web portal using some external components. Which of the following should be of MOST concern to an IS auditor?

Question18: What is the MOST difficult aspect of access control in a multiplatform, multiple-site client/server environment?

Question19: When developing a business continuity plan (BCP), which of the following should be performed FIRST?

Question20: Which of the following is the BEST source of information for an IS auditor to use as a baseline to assess the adequacy of an organization's privacy policy?

Question21: The GREATEST benefit of using a prototyping approach in software development is that it helps to:

Question22: Which of the following provides the MOST comprehensive understanding of an organizations information security posture?

Question23: An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application The audit manager Is the only one in the audit department with IT project management experience. What is the BEST course of action?

Question24: Which of the following is the BEST way for an IS auditor to ensure the completeness of data collected for advanced analytics during an audit?

Question25: After an external IS audit, which of the following should be IT management's MAIN consideration when determining the prioritization of follow-up activities?

Question26: Which of the following should an IS auditor expect to see in a network vulnerability assessment?

Question27: As part of business continuity planning, which of the following is MOST important to assess when conducting a business impact analysis (BIA)?

Question28: Which of the following is the BEST preventive control to ensure the integrity of server operating systems?

Question29: While conducting a review of project plans related to a new software development, an IS auditor finds the project initiation document (PID) is incomplete. What is the BEST way for the auditor to proceed?

Question30: An IS audit manager finds that data manipulation logic developed by the audit analytics team leads to incorrect conclusions This inaccurate logic is MOST likely an indication of lich of the following?

Question31: An IS auditor is reviewing a banking mobile application that allows end users to perform financial transactions. Which of the following poses a security risk to the organization?

Question32: Which of the following are examples of detective controls?

Question33: Which of the following would be the MOST significant factor when choosing among several backup system alternatives with different restoration speeds?

Question34: Which of the following is MOST important for an IS auditor to test when reviewing market data received from external providers?

Question35: An IS auditor is executing a risk-based IS audit strategy to ensure that key areas are audited Which of the following should be of GREATEST concern to the auditor?

Question36: Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?

Question37: Which of the following is the BEST indicator of the effectiveness of signature-based intrusion detection systems (IDSs)?

Question38: A large insurance company is about to replace a major financial application. Which of the following is the IS auditor's PRIMARY focus when conducting the pre-implementation review?

Question39: To develop a robust data security program, the FIRST course of action should be to:

Question40: Which of the following would BEST demonstrate that an effective disaster recovery plan (DRP) is in place?

Question41: An IS auditor has assessed a payroll service provider's security policy and finds significant topics are missing.
Which of the following is the auditor's BEST course of action?

Question42: Which of the following provides an IS auditor with the BEST evidence that a system has been assessed for known exploits?

Question43: Which of the following should an IS auditor review FIRST when planning a customer data privacy audit?

Question44: Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of Network latency?

Question45: Which of the following BEST facilitates the management of assets during the implementation of an information system?

Question46: Which of the following is MOST important to review when evaluating the performance of a critical web application?

Question47: Which of the following is a characteristic of a single mirrored data center used for disaster recovery?

Question48: Which of the following is an example of a preventive control?

Question49: Which of the following should be an IS auditor's GREATEST concern when a security audit reveals the organization's vulnerability assessment approach is limited to running a vulnerability scanner on its network?

Question50: Within the context of an IT-related governance framework, which type of organization would be considered MOST mature?

Question51: An employee transfers from an organization's risk management department to become the lead IS auditor.
While in the risk management department, the employee helped developed the key performance indicators (KPIs) now used by the organization. Which of the following would pose the GREATEST threat to the independence of this auditor?

Question52: Which of the following is the PRIMARY purpose of using data analytics when auditing an enterprise resource planning (ERP) system for a large organization?

Question53: Which of the following provides the MOST assurance that new information systems are ready for migration to the production environment?

Question54: Which of the following should be reviewed FIRST when assessing the effectiveness of an organization's network security procedures and controls?

Question55: During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:

Question56: An organization's security policy mandates that all new employees must receive appropriate security awareness training. Which of the following metrics would BEST assure compliance with this policy?

Question57: Which of the following should be done by an IS auditor during a post-implementation review of a critical application that has been operational for six months''

Question58: Which of the following is MOST important to include within a business continuity plan (BCP) so that backup and replication is configured in a way that ensures data availability?

Question59: An organization's software developers need access to personally identifiable information (Pll) stored in a particular data format. Which of the following is the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?

Question60: Which of the following is the MOST important determining factor when establishing appropriate timeframes for follow-up activities related to audit findings?

Question61: An IS auditor finds that terminated users have access to financial applications. Which of the following is the auditor's MOST important course of action when assessing the impact?

Question62: Which of the following would BEST enable an IS auditor to perform an audit that requires testing the full population of data?

Question63: Which of the following is the BEST way to loster continuous improvement of IS audit processes and practices?

Question64: Which of the following is an objective of data transfer controls?

Question65: During a systems development project, participation in which of the following activities would compromise the IS auditor's independence?

Question66: Which of the following would BEST manage the risk of changes in requirements after the analysis phase of a business application development project?

Question67: An internal audit department recently established a quality assurance (QA) program as part of its overall audit program. Which of the following activities is MOST important to rlude as part of the QA program requirements?

Question68: Following a breach, what is the BEST source 10 determine the maximum amount of time before customers must be notified that their personal information may have been compromised?

Question69: An IS auditor notes that help desk personnel are required to make critical decisions during major service disruptions. Which of the following is the auditor's BEST recommendation to address this situation?

Question70: When removing a financial application system from production, which of the following is MOST important?2E1457D5D1DDCBD40AB3BF70D5D

Question71: During a review, an IS auditor discovers that corporate users are able to access cloud-based applications and data (rom any Internet-connected web browser. Which of the following is the auditor's BEST recommendation to help prevent unauthorized access?

Question72: Which of the following should be the PRIMARY concern of an IS auditor during a review of an external IT service level agreement (SLA) for computer operations?

Question73: Which of the following analytical methods would be MOST useful when trying to identify groups with similar behavior or characteristics in a large population?

Question74: During a review of the IT strategic plan, an IS auditor finds several IT initiatives focused on delivering new systems and technology are not aligned with the organization's strategy. Which of the following would be the IS auditor's BEST recommendation?

Question75: A company laptop has been stolen and all photos on the laptop have been published on social media. Which of the following is the IS auditor's BEST course of action?

Question76: Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization's data loss prevention (DLP) controls?

Question77: Which of the following is the PRIMARY objective of implementing privacy-related controls within an organization"?

Question78: An IS auditor is reviewing security controls related to collaboration to unit responsible for intellectual property and patents. Which of the following observations should be of MOST concern to the auditor?

Question79: Which of the following is the BEST way to mitigate the impact of ransomware attacks?

Question80: When aligning IT projects with organizational objectives, it is MOST important to ensure that the:

Question81: An IS auditor is reviewing the change management process in a large IT service organization. Which of the following observations would be the GREATEST concern?

Question82: Which of the following situations would impair the independence of an IS auditor involved in a software development project?

Question83: An organization is acquiring a new customer relationship management (CRM) system In which of the following would the IS auditor find the MOST relevant information on projected cost savings?

Question84: Which of the following recommendations by an IS auditor is the BEST control to protect an organization's corporate network from the guest wireless network?

Question85: In a situation where the recovery point objective (RPO) is 0 for an online transaction processing system, which of the following is MOST important for an IS auditor to verify?

Question86: An IS auditor is reviewing a data conversion project Which of the following is the auditor's BEST recommendation prior to golive?

Question87: An IS auditor has discovered that unauthorized customer management software was installed on a workstation.
The auditor determines the software has been uploading customer data to an external party Which of the following is the IS auditor's BEST course of action?

Question88: Which of the following is the BEST way to mitigate the risk associated with a document storage application that has a syncing feature that could allow malware to spread to other machines in the network?

Question89: In an IT organization where many responsibilities are shared, which of the following would be the BEST control for detecting unauthorized data changes?

Question90: Which of the following would be MOST helpful in ensuring security procedures are followed by employees in a multinational organization?

Question91: An organization allows employees to retain confidential data on personal mobile devices Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?

Question92: Which of the following metrics would BEST measure the agility of an organization's IT function?

Question93: Which of the following provides an IS auditor the MOST assurance that an organization is compliant with legal and regulatory requirements?

Question94: Which of the following is the MAIN risk associated with adding a new system functionality during the development phase without following a project change management process?

Question95: A sales representative is reviewing the organization's feedback blog and gets redirected to a site that sells illegal prescription drugs. The blog site is MOST likely susceptible to which of the following types of attacks?

Question96: An internal audit department recently established a quality assurance (QA) program as part of its overall audit program. Which of the following activities is MOST important to include as part of the QA program requirements?

Question97: During a business process re-engineering (BPR) program, IT can assist with:

Question98: After the release of an application system, an IS auditor wants to verify that the system is providing value to the organization. The auditor's BEST course of action would be to:

Question99: During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures. The auditor's NEXT step should be to:

Question100: What is the PRIMARY purpose of performing a parallel run of a new system?

Question101: After discussing findings with an auditee, an IS auditor is required to obtain approval of the report from the CEO before issuing it to the audit committee. This requirement PRIMARILY affects the IS auditor's:

Question102: When deciding whether a third party can be used in resolving a suspected security breach, which of the following should be the MOST important consideration for IT management?

Question103: Which of the following would BEST determine whether a post implementation review (PIR) performed by the project management office (PMO) was effective?

Question104: Which of the following should be of GREATEST concern to an IS auditor planning to employ data analytics in an upcoming audit?

Question105: Which of the following BEST ensures the confidentiality of sensitive data during transmission?

Question106: Which of the following is the MOST important factor when an organization is developing information security policies and procedures?

Question107: An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that

Question108: Which of the following is the PRIMARY reason an IS auditor should use an IT-related framework as a basis for scoping and structuring an audit?

Question109: Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organizations information security policy?

Question110: A data Breach has occurred due to malware. Which of the following should be the FIRST course of action?

Question111: An IS auditor is evaluating a virtual server environment and teams that the production server, development server and management console are housed in the same physical host. What

Question112: Which of the following MUST be completed before selecting and deploying a biometric system that uses facial recognition software?

Question113: Which of the following is the BEST incident of an effective problem management process?

Question114: During a database security audit, an IS auditor is reviewing the process used to upload source data Which of the following is the MOST significant risk area for the auditor to focus on?

Question115: Which of the following key performance indicators (KPIs) provide stakeholders with the MOST useful information about whether information security risk is being managed?

Question116: During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?

Question117: An IS auditor finds that periodic reviews of read-only users for a reporting system are not being performed.
Which of the following should be the IS auditor's NEXT course of action?

Question118: The PRIMARY benefit of information asset classification is that it:

Question119: The IS auditor has recommended that management test a new system before using it in production mode The BEST approach for management in developing a test plan is to use processing parameters that are

Question120: In a 24/7 processing environment, a database contains several privileged application accounts with passwords set to "never expire.' Which of the following recommendations would BEST address the risk with minimal disruption to the business?

Question121: When evaluating information security governance within an organization which of the following findings should be of MOST concern to an IS auditor?

Question122: Data anonymizabon helps to prevent which types of attacks in a big data environment?

Question123: The operations team of an organization has reported an IS security attack. Which of the following should be the FIRST step for the security incident response team?

Question124: Which of the following would be of MOST concern during an audit of an end-user computing (EUC) system containing sensitive information?

Question125: A maturity model can be used to aid the implementation of IT governance by identifying:

Question126: Which of the following is the BEST reason to utilize blockchain technology to record accounting transactions?

Question127: Which of the following poses the GREATEST risk to a company that allows employees to use personally owned devices to access customer files on the company's network?

Question128: Which of the following is the BEST way to mitigate risk to an organization's network associated with devices permitted under a bring your own device (BYOD) policy?

Question129: An organization has installed blade server technology in its data center. To determine whether higher cooling demands are maintained, which of the following should the IS auditor review?

Question130: An emergency power-off switch should:

Question131: What is the PRIMARY benefit of prototyping as a method of system development?

Question132: Due to a global pandemic, a health organization has instructed its employees to work from home as much as possible. The employees communicate using instant messaging Which of the following is the GREATEST risk in this situation?

Question133: Which of the following is an IS auditor's BEST recommendation to help an organization increase the efficiency of computing resources?

Question134: A financial institution is launching a mobile banking service utilizing multi-factor authentication. This access control is an example of which of the following?

Question135: Which of the following is an IS auditor s GREATEST concern when an organization does not regularly update software on individual workstations in the internal environment?

Question136: Which of the following would provide an IS auditor with the MOST assurance when auditing the implementation of a new application system?

Question137: What is the BEST justification for allocating more funds to implement a control for an IT asset than the actual cost of the IT asset?

Question138: Which of the following is the BEST way to detect system security breaches?

Question139: Which of the following is the MAIN purpose of an information security management system?

Question140: An organization that has suffered a cyber attack is performing a forensic analysis of the affected users' computers Which of the following should be of GREATEST concern for the IS editor reviewing this process?

Question141: A software development organization with offshore personnel has implemented a third-party virtual workspace to allow the teams to collaborate. Which of the following should be of GREATEST concern?

Question142: The PRIMARY benefit of using secure shell (SSH) to access a server on a network is that it:

Question143: Which of the following must be in place before an IS auditor initiates audit follow-up activities?

Question144: While reviewing similar issues in an organization s help desk system, an IS auditor finds that they were analyzed independently and resolved differently This situation MOST likely indicates a deficiency in:

Question145: During an audit, the client learns that the IS auditor has recently completed a similar security review at a competitor. The client inquires about the competitor's audit results. What is the BEST way for the auditor to address this inquiry?

Question146: Which type of control is being implemented when a biometric access device is installed at the entrance to a facility?

Question147: Which control type would provide the MOST useful input to a root cause analysis?

Question148: Which of the following is MOST important lo have in place for he continuous improvement of process maturity within a large IT support function?

Question149: Which of the following should be of GREATEST concern to an IS auditor reviewing on-site preventive maintenance for an organization's business critical server hardware?

Question150: Which of the following is MOST important for an IS auditor to verify during a disaster recovery audit?

Question151: Which of the following issues identified during a postmortem analysis of the IT security incident response process should be of GREATEST concern?

Question152: An IS auditor is reviewing the business requirements 'or the deployment of a new website Which of the following cryptographic systems would provide the BEST evidence of secure communications on the internet?

Question153: To address issues related to privileged users identified in an IS audit, management implemented a security information and event management (SIEM) system. Which type of control is in place?

Question154: Which of the following practices BEST ensures that archived electronic information of permanent importance is accessible over time?

Question155: An IS auditor reviewing the use of encryption finds that the symmetric key is sent by an email message between the parties. Which of the following audit responses is correct in this situation?

Question156: Which of the following BEST measures project progress?

Question157: Which of the following is the MOST important feature of access control software?

Question158: Which of the following is a directive control?

Question159: Which of the following is the PRIMARY benefit of continuous auditing?

Question160: Which of the following is the MAIN risk associated with adding a new system functionality during the development phase without following a project change management process?

Question161: Which of the following is necessary for effective risk management in IT governance?

Question162: Which of the following is the GREATEST risk associated with the use of instant messaging (IM)?

Question163: An internal audit department recently established a quality assurance (QA) program. Which of the following activities is MOST important to include as part of the OA program requirements?

Question164: Reviewing project plans and status reports throughout the development life cycle will:

Question165: After delivering an audit report, the audit manager discovers that evidence was overlooked during the audit This evidence indicates that a procedural control may have failed and could contradict a conclusion of the audit. Which of the following risks is MOST affected by the oversight?

Question166: Which of the following would BEST protect the confidentiality of sensitive data in transit between multiple offices?

Question167: A company uses a standard form to document and approve all changes in production programs. To ensure that the forms are properly authorized, which of the following is the MOST effective sampling method?

Question168: When an organization introduces virtualization into its architecture, which of the following should be an IS auditor's PRIMARY area of focus to verify adequate protection?

Question169: Which of the following is MOST important for an IS auditor to review when assessing the integrity of encryption controls for data at rest?

Question170: The BEST way to validate whether a malicious act has actually occurred in an application is to review.

Question171: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?

Question172: Which of the following is MOST important for an IS auditor to verify when reviewing a critical business application that requires high availability?

Question173: Following an IS audit, which of the following types of risk would be MOST critical to communicate to key stakeholders?

Question174: What is the BEST population to select from when testing that programs are migrated to production with proper approval?

Question175: Which of the following would be MOST important to update once a decision has been made to outsource a critical application to a cloud service provider?

Question176: Which of the following should be the FIRST step to help ensure the necessary regulatory requirements are addressed in an organization's cross-border data protection policy?

Question177: When reviewing a project to replace multiple manual data entry systems with an artificial intelligence (Al) system, the IS auditor should be MOST concerned with the impact At will have on:

Question178: Which of the following system conversion strategies provides the GREATEST redundancy?

Question179: An IS auditor finds that a recently deployed application has a number of developers with inappropriate update access left over from the testing environment Which of the following would have BEST prevented the update access from being migrated?

Question180: Which of the following should be defined in an audit chatter?

Question181: A review of IT interface controls finds an organization does not have a process to identify and correct records that do not get transferred to the receiving system. Which of the following is.........

Question182: To develop meaningful recommendations for findings, which of the following is MOST important for an IS auditor to determine and understand?

Question183: During an audit of an organization's financial statements, an IS auditor finds that the IT general controls are deficient. What should the IS auditor recommend?

Question184: A data center's physical access log system captures each visitor's identification document numbers along with the visitor's photo. Which of the following sampling methods would be MOST useful to an IS auditor conducting compliance testing for the effectiveness of the system?

Question185: A user of a telephone banking system has forgotten his personal identification number (PIN), after the user has been authenticated, the BEST method of issuing a new pin is to have:

Question186: Which of the following is MOST likely to be included in computer operating procedures in a large data center?

Question187: A month after a company purchased and implemented system and performance monitoring software reports were too large and therefore were not reviewed or acted upon The MOST effective plan of action would be to

Question188: Which of the following BEST demonstrates the degree of alignment between IT and business strategy?

Question189: An organization is using a single account shared by personnel for its social networking marketing page. Which of the following is the BEST method to maintain accountability over the account?

Question190: An organization with high availability resource requirements is selecting a provider for cloud computing.
Which of the following would cause the GREATEST concern to an IS auditor? The provider:

Question191: Which of the following should be the PRIMARY consideration for IT management when selecting a new information security tool that monitors suspicious file access patterns?

Question192: The PRIMARY role of a control self-assessment (CSA) facilitator Is to:

Question193: An organization is deciding whether to outsource its customer relationship management systems to a provider located in another country. Which of the following should be the PRIMARY influence in the outsourcing decision?

Question194: An IS auditor is analysing a sample of assesses recorded on the system log of an application. The auditor intends to launch an intensive investigation if one exception is found. Which sampling method would be appropriate?

Question195: Which of the following are BEST suited for continuous auditing?

Question196: Which of the following is the MOST important operational aspect for an IS auditor to consider when assessing an assembly line with quality control sensors accessible via wireless techno

Question197: Which of the following should be done FIRST to effectively define the IT audit universe for an entity with multiple business lines?

Question198: Which of the following is a detective control that can be used to uncover unauthorized access to information systems?

Question199: Which of the following is MOST important to review when planning lor an IS audit of an organization's cross-border data Translators?

Question200: Which of the following is the BEST way for an IS auditor to validate that employees have been made aware of the organization's information security policy?

Question201: When evaluating an IT organizational structure, which of the following is MOST important to ensure has been documented?

Question202: Post-implementation testing is an example of which of the following control types?

Question203: While conducting a system architecture review, an IS auditor learns of multiple complaints from field agents about the latency of a mobile thin client designed to provide information during site inspections Which of the following is the BEST way to address this situation?

Question204: An IS auditor should ensure that an application's audit trail:

Question205: In a virtualized environment, which of the following techniques effectively mitigates the risk of network attacks?

Question206: When reviewing the functionality of an intrusion detection system (IDS), the IS auditor should be MOST concerned if:

Question207: Regression testing should be used during a system development project to ensure that:

Question208: An IS audit manager is preparing the starling plan for an audit engagement of a cloud service provider What should be the manager's PRIMARY concern when made aware that a new auditor in the department previous worked for this provider?

Question209: Which of the following is MOST important for the successful establishment of a security vunerability management program?

Question210: An IS auditor reviewing a high-risk business application has identified the need to strengthen controls for reporting malfunctions to management Which of the following would BEST facilitate timely reporting?

Question211: An IS audit team s evaluating the documentation related to the most recent application user-access review performed by IT and business management. It is determined that the user list was not system-generated. Which of the following: should be the GREATEST concern?

Question212: Which of the following should be the FIRST step in an organization's forensics process to preserve evidence?

Question213: An external IS auditor has been engaged to determine the organization's cybersecurity posture. Which of the following is MOST useful for this purpose?

Question214: An organization performs both full and incremental database backups Which of the following will BEST enable full restoration in the event of the destruction of the data center?

Question215: Which of the following would BEST prevent the potential leakage of sensitive corporate data from personal mobile devices accessing corporate applications?

Question216: A new privacy regulation requires a customer's privacy information to be deleted within 72 hours, if requested.
Which of the following would be an IS auditor's GREATEST concern regarding compliance to this regulation?

Question217: During an audit of a data classification policy, an IS auditor finds that many documents are inappropriately classified as confidential. Which of the following is the GREATEST concern?

Question218: A bank has implemented a new accounting system. Which of the following is the BEST lime for an IS auditor to perform a post-implementation review?

Question219: Which of the following is the BEST point in time to conduct a post-implementation review (PIR)?

Question220: Which of the following is MOST important to have in place to build consensus among key stakeholders on the cost-effectiveness of IT?

Question221: Which of the following is the FIRST step in initiating a data classification program?

Question222: The use of symmetric key encryption controls to protect sensitive data transmitted over a communications network requires that.

Question223: Which of the following would be an appropriate role of internal audit in helping to establish an organization's privacy program?

Question224: An organization decides to establish a formal incident response capability with clear roles and responsibilities facilitating centralized reporting of security incidents. Which type of control is being implemented?

Question225: Which of the following approaches would utilize data analytics to facilitate the testing of a new account creation process?

Question226: Which of the following is the BEST compensating control for a lack of proper segregation of duties in an IT department?

Question227: Which of the following would provide the BEST evidence of the effectiveness of mandated annual security awareness training?

Question228: Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?

Question229: Which of the following is the PRIMARY benefit of performing a maturity model assessment'?

Question230: Which of the following physical controls will MOST effectively prevent breaches of computer room security?

Question231: Which of the following provides the BEST method for maintaining the security of corporate applications pushed to employee-owned mobile devices?

Question232: Due to budget restraints, an organization is postponing the replacement of an in-house developed mission critical application. Which of the following represents the GREATEST risk?

Question233: Which of the following demonstrates the use of data analytics for a loan origination process?

Question234: Which of the following MOST efficiently protects computer equipment against short-term reductions in electrical power?

Question235: Which of the following would an IS auditor PRIMARILY review to understand key drivers of a project?

Question236: An IS auditor is reviewing a network diagram. Which of the following would be the BEST location for placement of a firewall?

Question237: Which of the following is the PRIMARY purpose of conducting follow-up audits for material observations?

Question238: An organization allows employees to use personally owned mobile devices to access customers' personal information Which of the following is MOST important for an IS auditor to verify?

Question239: An organization's IT security policy requires annual security awareness training for all employees. Which of the following would provide the BEST evidence of the training's effectiveness?

Question240: Which of the following is the BEST way to determine il IT is delivering value to the business?

Question241: Which of the following is the MOST effective way to maintain network integrity when using mobile devices?

Question242: Which of the following is The MOST effective accuracy control for entry of a valid numeric part number?

Question243: An organization is developing data classification standards and has asked internal audit for advice on aligning the standards with best practices. Internal audit would MOST likely recommend the standards should be:

Question244: An organization maintains an inventory of the IT applications used by its staff Which of the following would pose the GREATEST concern with regard to the quality of the inventory data?

Question245: During an operational audit of a biometric system used to control physical access, which of the following should be of GREATEST concern to an IS auditor?

Question246: Which of the following is the BEST source for describing the objectives of an organization s information systems?

Question247: When evaluating a protect immediately prior to implementation, which of the following would provide the BEST evidence that the system has the required functionality?

Question248: Which of the following would a digital signature MOST likely prevent?

Question249: Which of the following is the BEST way to enforce the principle of least privilege on a server containing data with different security classifications?

Question250: Which of the following is the MOST reliable network connection medium in an environment where there is strong electromagnetic interface?

Question251: Which of the following is an IS auditor's BEST guidance regarding the use of IT frameworks?

Question252: In which phase of penetration testing would host detection and domain name system (DNS) interrogation be performed?

Question253: Which of the following is the BEST methodology to use for estimating the complexity of developing a large business application?

Question254: An IS audit found that malware entered the organization through a spreadsheet macro, and the auditor recommended that spreadsheet macros be disabled. All macros were disabled except those needed by the finance team for reporting purposes. Which of the following is the auditor's BEST course of action?

Question255: What information within change records would provide an IS auditor with the MOST assurance that configuration management is operating effectively?

Question256: An IS auditor observes that exceptions have been approved (or an organization's information security policy.
Which of the following is MOST important for the auditor to confirm?

Question257: A review of an organization's IT portfolio revealed several applications that are not in use. The BEST way to prevent this situation from recurring would be to implement.

Question258: The PRIMARY purpose for an IS auditor to review previous audit reports during the planning phase of a current audit is to:

Question259: During which phase of the incident management life cycle should metrics such as "mean time to incident discovery" and "cost of recovery" be reported?

Question260: An employee approaches an IS auditor and expresses concern about a critical security issue in a newly installed application. Which of the following would be the MOST appropriate action for the auditor to take?

Question261: At what point in software development should the user acceptance test plan be prepared?

Question262: Which of the following is the MOST important difference between end-user computing (EUC) applications and traditional applications?

Question263: A manufacturing company is implementing application software for its sales and distribution system. Which of the following is the MOST important reason for the company to choose a centralized online database?

Question264: An IS auditor notes that IT and the business have different opinions on the availability of their application servers Which of the following should the IS auditor review FIRST in order to understand the problem?

Question265: IT disaster recovery lime objectives (RTOs) should be based on [he:

Question266: Which of the following will BEST help to ensure that an in-house application in the production environment is current?

Question267: During which phase of a system development project should key performance indicators (KPIs) be established'?

Question268: Data analytics tools and techniques are MOST helpful to an IS auditor during which of the following audit activities?

Question269: When deploying an application that was created using the programming language and tools supported by the cloud provider, the MOST appropriate cloud computing model for an organization to adopt is:

Question270: in a small IT web development company where developers must have write access to production the BEST recommendation of an IS auditor would be to

Question271: Which of the following should an IS auditor review FIRST when evaluating a business process for auditing?

Question272: An IS auditor noted that a change to a critical calculation was placed into the production environment without being tested. Which of the following is the BEST way to obtain assurance that the calculation functions correctly?

Question273: Which of the following is the MOST useful information for an IS auditor to review when formulating an audit plan for the organization's outsourced service provider?

Question274: The PRIMARY reason for an IS auditor to use data analytics techniques is to reduce which type of audit risk?

Question275: Which of the following is a benefit of increasing the use of data analytics in audits?

Question276: Upon completion of audit work, an IS auditor should:

Question277: An organization issues digital certificates to employees to enable connectivity to a web-based application.
Which of the following public key infrastructure (PKI) components MUST be included in the application architecture for determining the on-going validity of connections?

Question278: When preparing to evaluate the effectiveness of an organizations IT strategy, an IS auditor should FIRST review;

Question279: Which of the following would BEST enable an organization to address the security risks associated with a recently implemented bring your own device (BYOD) strategy?

Question280: An organization's enterprise architecture (EA) department decides to change a legacy system's components while maintaining its original functionality Which of the following is MOST important for an IS auditor to understand when reviewing this decision?

Question281: In a database management system (DBMS) normalization is used to:

Question282: An IS auditor's PRIMARY objective when examining problem reports should be to help ensure:

Question283: An IS auditor has obtained a large complex data set for analysis. Which of the following activities will MOST improve the output from the use of data analytics tools?

Question284: Of the following, who are the MOST appropriate staff for ensuring the alignment of user authorization tables with approved authorization forms?

Question285: Which of the following should be an IS auditor's PRIMARY focus when developing a risk-banned IS audit program?

Question286: Which of the following is the BEST way to mitigate the risk associated with malicious changes to binary code during the software development life cycle (SDLC)?

Question287: An IS auditor is planning on utilizing attribute sampling to determine the error rate for health care claims processed. Which of the following factors will cause the sample size to decrease?

Question288: The GREATEST risk of database denormalization is:

Question289: A multinational organization is integrating its existing payroll system with a human resource information system. Which of the following should be of GREATEST concern to the IS auditor?

Question290: An accounts receivable data entry routine prevents the entry of the same customer with different account numbers. Which of the following is the BEST way to test if this programmed control is effective?

Question291: Which of the following types of testing would BEST mitigate the risk of a newly implemented system adversely impacting existing systems?

Question292: When determining which IS audits to conduct during the upcoming year, internal audit has received a request from management for multiple audits of the contract division due to fraud findings during the prior year Which of the following is the BEST basis for selecting the audits to be performed?

Question293: When measuring the effectiveness of a security awareness program, the MOST helpful key performance indicator (KPI) is the number of:

Question294: The use of control totals reduces the risk of

Question295: An IS auditor is reviewing database log settings and notices that only INSERT and DELETE operations are being monitored in the database. What is the MOST significant risk?

Question296: Which of the following is the PRIMARY purpose for external assessments of internal audit's quality assurance (OA) systems and frameworks?

Question297: When evaluating database management practices, which of the following controls would MOST effectively support data integrity?

Question298: Which of the following is the MOST likely cause of a successful firewall penetration?

Question299: Which of the following reports would provide the GREATEST assurance to an IS auditor about the controls of a third party that processes critical data for the organization?

Question300: Which of the following BEST enables an IS auditor to detect incorrect exchange rates applied to outward remittance transactions at a financial institution?

Question301: When implementing a new IT maturity model which of the following should occur FIRST?

Question302: An organization has decided to implement a third-party system in its existing IT environment Which of the following is MOST important for the IS auditor to confirm?

Question303: Which of the following is the PRIMARY objective of baselining the IT control environment?

Question304: Which of the following would be MOST time and cost efficient when performing a control self-assessment (CSA) for an organization with a large number of widely dispersed employees?

Question305: Which of the following BEST helps to identify errors during data transfer?

Question306: Which of the following is MOST appropriate for measuring a batch processing application's system performance over time?

Question307: Which of the following findings would be of GREATEST concern when auditing an organization's end-user computing (EUC)?