EMT Practice Test

1. Question Content...


Question List

Question1: During a follow-up audit, an IS auditor finds that some critical recommendations have not been addressed as management has decided to accept the risk. Which of the following is the IS auditor's BEST course of action?

Question2: An IS auditor has completed an audit on the organization's IT strategic planning process Which of the following findings should be given the HIGHEST priority?

Question3: Which of the following should be of GREATEST concern to an IS auditor conducting an audit of an organization that recently experienced a ransomware attack?

Question4: Secure code reviews as part of a conbnuous deployment program are which type of control?

Question5: Which of the following is a detective control that can be used to uncover unauthorized access to information systems?

Question6: To ensure efficient and economic use of limited resources in supporting a local area network (LAN) infrastructure, it is advisable to:

Question7: Which of the following is an example of a corrective control?

Question8: A financial institution is launching a mobile banking service utilizing multi-factor authentication. This access control is an example of which of the following?

Question9: Compared to developing a system in-house, acquiring a software package means that the need for testing by end users is:

Question10: An organization's IT security policy requires annual security awareness training for all employees. Which of the following would provide the BEST evidence of the training's effectiveness?

Question11: A third-party service provider is hosting a private cloud for an organization. Which of the following findings during an audit of the provider poses the GREATEST risk to the organization?

Question12: An information systems security officer's PRIMARY responsibility for business process applications is to:

Question13: Which of the following conditions would be of MOST concern to an IS auditor assessing the risk of a successful brute force attack against encrypted data at rest?

Question14: Which of the following procedures for testing a disaster recovery plan (DRP) is MOST effective7

Question15: When conducting a post-implementation review of a new software application, an IS auditor should be MOST concerned with an increasing number of

Question16: A financial institution suspects that a manager has been crediting customer accounts without authorization.
Which of the following is the MOST effective method to validate this concern?

Question17: A company converted its payroll system from an external service to an internal package Payroll processing in April was run in parallel. To validate the completeness of data after the conversion, which of the following comparisons from the old to the new system would be MOST effective?

Question18: What information within change records would provide an IS auditor with the MOST assurance that configuration management is operating effectively?

Question19: An organization is deciding whether to outsource its customer relationship management systems to a provider located in another country. Which of the following should be the PRIMARY influence in the outsourcing decision?

Question20: An IS auditor intends to accept a management position in the data processing department within the same organization. However, the auditor is currently working on an audit of a major application and has not yet finished the report. Which of the following would be the BEST step tor the IS auditor to take?

Question21: An organization maintains an inventory of the IT applications used by its staff Which of the following would pose the GREATEST concern with regard to the quality of the inventory data?

Question22: The MOST important reason why an IT risk assessment should be updated on a regular basis is to:

Question23: Due to a global pandemic, a health organization has instructed its employees to work from home as much as possible. The employees communicate using instant messaging Which of the following is the GREATEST risk in this situation?

Question24: An organization has recently converted its infrastructure to a virtualized environment. The GREATEST benefit related to disaster recovery is that virtualized servers:

Question25: Which of the following should be an IS auditor's BEST recommendation to prevent installation of unlicensed software on employees' company-provided devices?

Question26: Which of the following observations should be of GREATEST concern to an IS auditor reviewing a hosted virtualized environment where each guest operating system (OS) is r

Question27: Internal audit is conducting an audit of customer transaction risk Which of the following would be the BEST reason to use data analytics?

Question28: The PRIMARY objective of value delivery in reference to IT governance is to:

Question29: An IS auditof notes the transaction processing times in an order processing system have significantly increased after a major release Which of the following should the IS auditor review FIRST?

Question30: Which of the following is an objective of data transfer controls?

Question31: An organization has agreed to perform remediation related to high-risk audit findings. The remediation process involves a complex reorganization of user roles as well as the Implementation of several compensating controls that may not be completed within the next audit cycle Which of the following is the BEST way for an IS auditor to follow up on their activities?

Question32: Which of the following observations should be of GREATEST concern to an IS auditor reviewing a large organization's virtualization environment?

Question33: When engaging services from external auditors, which of the following should be established FIRST?

Question34: During a disaster recovery audit, an IS auditor finds that a business impact analysis (BIA) has not been performed The auditor should FIRST.

Question35: Which of the following practices BEST ensures that archived electronic information of permanent importance is accessible over time?

Question36: An IS auditor attempts to sample for variables in a population of items with wide differences in values but determines that an unreasonably large number of sample items must be selected to produce the desired confidence level. In this situation, which of the following is the BEST audit decision?

Question37: Which of the following is the BEST sampling method when performing an audit test to determine the number of access requests without approval signatures?

Question38: An organization wants to change its project methodology to address increasing costs and process changes Which of the following is the BEST methodology to use?

Question39: An IS auditor reviewing a purchase accounting system notices several duplicate payments made for the services rendered. Which of the following is the auditor's BEST recommendation for preventing duplicate payments?

Question40: Which of the following should be the PRIMARY basis for procedures to dispose of data securely?

Question41: A USB device containing sensitive production data was lost by an employee and its contents were subsequently found published online Which of the following controls is the BEST recommendation to prevent a similar recurrence?

Question42: A user of a telephone banking system has forgotten his personal identification number (PIN), after the user has been authenticated, the BEST method of issuing a new pin is to have:

Question43: An IS auditor determines that a business continuity plan has not been reviewed and approved by management.
Which of the following is the MOST significant risk associated with this situation?

Question44: Which of the following is the BEST control to help prevent sensitive data leaving an organization via email?

Question45: An employee approaches an IS auditor and expresses concern about a critical security issue in a newly installed application. Which of the following would be the MOST appropriate action for the auditor to take?

Question46: Which of the following should occur EARLIEST in a business continuity management lifecycle?

Question47: What is the MAIN purpose of an organization's internal IS audit function?

Question48: Which of the following would be the MOST effective method to identify high risk areas in the business to be included in the audit plan?

Question49: Within the context of an IT-related governance framework, which type of organization would be considered MOST mature?

Question50: Which of the following would BEST facilitate the detection of internal fraud perpetrated by an individual?

Question51: Which of the following BEST enables an IS auditor to combine and compare access control lists from various applications and devices?

Question52: Which of the following is the MOST important consideration when incorporating data analytics into an audit?

Question53: Malicious program code was found in an application and corrected prior to release into production. After the release, the same issue was reported. Which of the following is the IS auditor's BEST recommendation?

Question54: After the release of an application system, an IS auditor wants to verify that the system is providing value to the organization. The auditor's BEST course of action would be to:

Question55: An IS auditor performs a follow-up audit and learns the approach taken by the auditee to fix the findings differs from the agreed-upon approach confirmed during the last audit. Which of the following should be the auditor's NEXT course of action?

Question56: When planning an end-user computing (EUC) audit, it is MOST important for the IS auditor to:

Question57: During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?

Question58: A financial institution has a system interface that is used by its branches to obtain applicable currency exchange rates when processing transactions Which of the following should be the PRIMARY control objective for maintaining the security of the system interface?

Question59: An IS auditor is evaluating the risk associated with moving from one database management system (DBMS) to another. Which of the following would be MOST helpful to ensure the integrity of the system throughout the change?

Question60: Which of the following is the MAIN purpose of an information security management system?

Question61: An organization experienced a domain name system (DNS) attack caused by default user accounts not being removed from one of the servers. Which of the following would have been the BEST way to mitigate the risk of this DNS attack1?

Question62: A software development organization with offshore personnel has implemented a third-party virtual workspace to allow the teams to collaborate. Which of the following should be of GREATEST concern?

Question63: An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY concern to the auditor?

Question64: An IS auditor identifies key controls that have been overridden by management. The next step the IS auditor should take is to

Question65: An organization's security policy mandates that all new employees must receive appropriate security awareness training. Which of the following metrics would BEST assure compliance with this policy?

Question66: Which of the following approaches provides the BEST assurance and user confidence when an organization migrates data to a more complex enterprise resource planning (ERP) system?

Question67: Which of the following observations noted during a review of the organization s social media practices should be of MOST concern to the IS auditor?

Question68: Following the sale of a business division, employees will be transferred to a new organization, but they will retain access to IT equipment from the previous employer. An IS auditor has recommended that both organizations agree to and document an acceptable use policy for the equipment. What type of control has been recommended?

Question69: Which of the following provides the BEST evidence of the effectiveness of an organization s audit quality management procedures?

Question70: Which of the following is MOST important lo have in place for he continuous improvement of process maturity within a large IT support function?

Question71: servDuring an internal audit review of a human resources (HR) recruitment system implementation the IS auditor notes that several defects were unresolved at the time the system went live Which of the following is the auditor's MOST important task prior to formulating an audit opinion?

Question72: Which of the following are BEST suited for continuous auditing?

Question73: Which of the following is the MOST effective control to ensure electronic records beyond their retention periods are deleted from IT systems?

Question74: Which of the following provides the MOST reliable audit evidence on the validity of transactions in a financial application?

Question75: During an audit of an access control system an IS auditor finds that RFID card readers are not connected via the network to a central server Which of the following is the GREATEST risk associated with this finding?

Question76: Which of the following communication modes should be of GREATEST concern to an IS auditor evaluating end user networking?

Question77: An IS auditor is following up on prior period items and finds management did not address an audit finding.
Which of the following should be the IS auditor's NEXT course of action?

Question78: Which of the following is the BEST indication of the completeness of interface control documents used for the development of a new application?

Question79: Which of the following should be of GREATEST concern to an IS auditor reviewing project documentation for a client relationship management (CRM) system migration project?

Question80: An IS auditor is reviewing an industrial control system (ICS) that uses older unsupported technology in the scope of an upcoming audit. What should the auditor consider the MOST significant concern?

Question81: Which of the following is the GREATEST benefit of utilizing data analytics?

Question82: When is the BEST time to commence continuity planning for a new application system?

Question83: Which of the following would be the MOST significant factor when choosing among several backup system alternatives with different restoration speeds?

Question84: Which of the following should an IS auditor validate FIRST when reviewing the security of an organization's IT infrastructure as it relates to Internet of Things (loT) devices?

Question85: Which of the following poses the GREATEST risk to a company that allows employees to use personally owned devices to access customer files on the company's network?

Question86: An organization considers implementing a system that uses a technology that is not in line with the organization's IT strategy. Which of the following is the BEST justification for deviating from the IT strategy?

Question87: An IS auditor finds that an organization's data toss prevention (DLP) system is configured to use vendor default settings to identify violations. The auditor's MAIN concern should be that:

Question88: Which of the following is the MOST effective sampling method for an IS auditor to use for identifying fraud and circumvention of regulations?

Question89: Which of the following is MOST important to ensure that electronic evidence collected during a forensic investigation will be admissible in future legal proceeding?

Question90: An IS auditor is performing a follow-up audit for findings identified in an organization's user provisioning process. Which of the following is the MOST appropriate population to sample from when testing for remediation?

Question91: Which of the following is the PRIMARY role of key performance indicators (KPIs) in supporting business process effectiveness?

Question92: Which of the following should an IS auditor expect to find when reviewing IT security policy?

Question93: During a review of IT service desk practices, an IS auditor notes that help desk personnel are spending more time fulfilling user requests (or password resets than resolving critical incidents. Which of the following recommendations to IT management would BEST address this situation?

Question94: Which of the following is a preventive control related to change management?

Question95: At what point in software development should the user acceptance test plan be prepared?

Question96: Which type of control is being implemented when a biometric access device is installed at the entrance to a facility?

Question97: During data migration, which of the following BEST prevents integrity issues when multiple processes within the migration program are attempting to write to the same table in the databases?

Question98: Which control type would provide the MOST useful input to a root cause analysis?

Question99: An organization has recently implemented a Voice-over IP (VoIP) communication system. Which of the following should be the IS auditor's PRIMARY concern?

Question100: A manager identifies active privileged accounts belonging to staff who have left the organization. Which of the following is the threat actor In this scenario?

Question101: An IS audit manager has been asked to perform a quality review on an audit that the same manager also supervised. Which of the following is (he manager's BEST response to this situation?

Question102: During recent post-implementation reviews, an IS auditor has noted that several deployed applications are not being used by the business. The MOST likely cause would be the lack of:

Question103: An IS auditor noted that a change to a critical calculation was placed into the production environment without being tested. Which of the following is the BEST way to obtain assurance that the calculation functions correctly?

Question104: When conducting a requirements analysis for a project the BEST approach would be to

Question105: Following a breach, what is the BEST source 10 determine the maximum amount of time before customers must be notified that their personal information may have been compromised?

Question106: Which of the following BEST facilitates detection of zero-day exploits?

Question107: Which of the following is the GREATEST concern when an organization allows personal devices to connect to its network?

Question108: Which of the following should be the PRIMARY basis for prioritizing follow-up audits?

Question109: Which of the following development practices would BEST mitigate the risk associated with theft erf user credentials transmitted between mobile devices and the corporate network?

Question110: After an external IS audit, which of the following should be IT management's MAIN consideration when determining the prioritization of follow-up activities?

Question111: Which of the following would an IS auditor consider the GREATEST risk associated with a mobile workforce environment?

Question112: Which of the following is the BEST source of information for an IS auditor when planning an audit of a business application's controls?

Question113: An IS auditor finds the timeliness and depth of information regarding the organization's IT projects varies based on which project manager is assigned. Which of the following recommendations would be A MOST helpful in achieving predictable and repeatable project management processes?

Question114: A new application will require multiple interfaces. Which of the following testing methods can be used to detect interface errors early in the development life cycle1?

Question115: When determining which IS audits to conduct during the upcoming year, internal audit has received a request from management for multiple audits of the contract division due to fraud findings during the prior year Which of the following is the BEST basis for selecting the audits to be performed?

Question116: Which of the following would be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?

Question117: An organization has replaced all of the storage devices at its primary data center with new higher capacity units The replaced devices have been installed at the disaster recovery site to replace older units An IS auditor s PRIMARY concern would be whether.

Question118: To develop meaningful recommendations for findings, which of the following is MOST important for an IS auditor to determine and understand?

Question119: A new regulation in one country of a global organization has recently prohibited cross-border transfer of personal data. An IS auditor has been asked to determine the organization's level of exposure in the affected country. Which of the following would be MOST helpful in making this assessment?

Question120: Which of the following situations would impair the independence of an IS auditor involved in a software development project?

Question121: What is the BEST population to select from when testing that programs are migrated to production with proper approval?

Question122: What is the BEST justification for allocating more funds to implement a control for an IT asset than the actual cost of the IT asset?

Question123: An organization is in the process of deciding whether to allow a bring your own device (BYOD) program. If approved, which of the following should be the FIRST control required before implementation?

Question124: An organization's software developers need access to personally identifiable information (Pll) stored in a particular data format. Which of the following is the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?

Question125: The information security function in a large organization is MOST effective when:

Question126: Data anonymizabon helps to prevent which types of attacks in a big data environment?

Question127: Which of the following would lead an IS auditor to conclude that the evidence collected during a digital forensic investigation would not be admissible in court?

Question128: During a business process re-engineering (BPR) program, IT can assist with:

Question129: Which of the following provides an IS auditor with the BEST evidence that a system has been assessed for known exploits?

Question130: Which of the following is a determine security control that reduces the likelihood of an insider threat event?

Question131: The use of cookies constitutes the MOST significant security threat when they are used for:

Question132: Which of the following is MOST likely to result from compliance testing?

Question133: Which of the following would be the MOST appropriate reason for an organization to purchase fault-tolerant hardware?

Question134: When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?

Question135: In a situation where the recovery point objective (RPO) is 0 for an online transaction processing system, which of the following is MOST important for an IS auditor to verify?

Question136: The BEST way to determine whether programmers have permission to alter data in the production environment is by reviewing:

Question137: Coding standards provide which of the following?

Question138: An e-commerce enterprise's disaster recovery (DR) site has 30% less processing capability than the primary site. Based on this information, which of the following presents the GREATEST risk?

Question139: After an employee termination, a network account was removed, but the application account remained active.
To keep this issue from recurring, which of the following is the BEST recommendation?

Question140: During a routine check, a system administrator identifies unusual activity indicating an intruder within a firewall. Which of the following controls has MOST likely been compromised?

Question141: Which of the following would BEST provide executive management with current information on IT related costs and IT performance indicators?

Question142: Which of the following is the BEST way to mitigate the impact of ransomware attacks?

Question143: Which of the following MOST effectively mitigates the risk of disclosure of sensitive data stored on company-owned smartphones?

Question144: Following a significant merger and acquisition, which of the following should the chief audit executive (CAE) do FIRST to evaluate the performance of the combined internal audit function?

Question145: The PRIMARY benefit of information asset classification is that it:

Question146: During the implementation of an upgraded enterprise resource planning (ERP) system, which of the following is the MOST important consideration for a go-live decision?

Question147: An IS auditor finds the log management system is overwhelmed with false positive alerts. The auditor's BEST recommendation would be to:

Question148: Which of the following is the BEST source of information for an IS auditor to use as a baseline to assess the adequacy of an organization's privacy policy?

Question149: Which of the following would BEST enable an organization to address the security risks associated with a recently implemented bring your own device (BYOD) strategy?

Question150: When evaluating the management practices at a third-party organization providing outsourced services, the IS auditor considers relying on an independent auditors report. The IS auditor would first

Question151: Which of the following provides for the GREATEST cost reduction in a large data center?

Question152: Which of the following fire suppression systems needs to be combined with an automatic switch to shut down the electricity supply in the event of activation?

Question153: Which of the following should be the PRIMARY objective of a migration audit?

Question154: Which of the following should be done FIRST to effectively define the IT audit universe for an entity with multiple business lines?

Question155: A system development project is experiencing delays due to ongoing staff shortages Which of the following strategies would provide the GREATEST assurance of system quality at implementation?

Question156: Which of the following BEST indicates that an organization has effective governance in place?

Question157: An IS auditor is conducting a post-implementation review of an enterprise resource planning (ERP) system End users indicated concerns with the accuracy of critical automatic calculations made by the system. The auditor's FIRST course of action should be to:

Question158: An IS auditor is using data analytics in an audit and has obtained the data to be used for testing. Which of the following is the MOST important task before testing begins?

Question159: An IS auditor has assessed a payroll service provider's security policy and finds significant topics are missing.
Which of the following is the auditor's BEST course of action?

Question160: When evaluating the recent implementation of an intrusion detection system (IDS), an IS auditor should be MOST concerned with inappropriate:

Question161: Which of the following is a PRIMARY role of an IS auditor in a control self-assessment (CSA) workshop?

Question162: Which of the following BEST enables an IS auditor to detect incorrect exchange rates applied to outward remittance transactions at a financial institution?

Question163: Which of the following should be defined in an audit charter?

Question164: Which of the following should be an IS auditor's PRIMARY consideration when evaluating the development and design of a privacy program?

Question165: Which of the following is MOST effective in detecting an intrusion attempt?

Question166: An IS auditor should ensure that an application's audit trail:

Question167: An IS auditor notes that IT and the business have different opinions on the availability of their application servers Which of the following should the IS auditor review FIRST in order to understand the problem?

Question168: What should be the PRIMARY basis for scheduling a follow-up audit?

Question169: IS management has recently disabled certain referential integrity controls in the database management system (DBMS) software to provide users increased query performance Which of the following controls win MOST effectively compensate for the lack of referential integrity?

Question170: An IS auditor finds that the process for removing access for terminated employee is not documented. What is the MOST significant risk from this observation?

Question171: The PRIMARY benefit of using secure shell (SSH) to access a server on a network is that it:

Question172: During which IT project phase is it MOST appropriate to conduct a benefits realization analysis?

Question173: A client/server configuration will:

Question174: During an audit of an organization's financial statements, an IS auditor finds that the IT general controls are deficient. What should the IS auditor recommend?

Question175: Which of the following development practices would BEST mitigate the risk associated with theft of user credentials transmitted between mobile devices and the corporate network?

Question176: What is the MOST difficult aspect of access control in a multiplatform, multiple-site client/server environment?

Question177: An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner Which of the following is the auditor s BEST recommendation?

Question178: Which of the following should be of GREATEST concern to an IS auditor planning to employ data analytics in an upcoming audit?

Question179: What is the PRIMARY benefit of prototyping as a method of system development?

Question180: An organization is migrating its human resources (HR) application to an Infrastructure as a Service (laaS) model in a private cloud. Who is PRIMARILY responsible for the security configurations of the deployed application's operating system?

Question181: Which of the following is MOST important for an IS auditor to confirm when conducting a review of an active-active application cluster configuration?

Question182: What is the PRIMARY reason for conducting a risk assessment when developing an annual IS audit plan?

Question183: The BEST way to prevent fraudulent payments is to implement segregation of duties between the vendor setup and:

Question184: To address issues related to privileged users identified in an IS audit, management implemented a security information and event management (SIEM) system. Which type of control is in place?

Question185: Reconciliations have identified data discrepancies between an enterprise data warehouse and a revenue system for key financial reports. What is the GREATEST risk to the organization in this situation?

Question186: The PRIMARY reason an IS department should analyze past incidents and problems is to:

Question187: Which of the following is the BEST way to address ongoing concerns with the quality and accuracy of internal audits?

Question188: Which of the following would MOST likely impair the independence of the IS auditor when performing a post-implementation review of an application system?

Question189: The use of symmetric key encryption controls to protect sensitive data transmitted over a communications network requires that.

Question190: An IS auditor performing an audit of backup procedures observes that backup tapes are picked up weekly and stored offsite at a third-party hosting facility. Which of the following recommendations would be the BEST way to protect the integrity of the data on the backup tapes?

Question191: Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?

Question192: A legacy application is running on an operating system that is no longer supported by vendor, if the organization continues to use the current application, which of the application should be the IS auditor's GREATEST concern?

Question193: During a post-implementation review, an IS auditor learns that while benefits were realized according to the business case, complications during implementation added to the cost of the solution. Which of the following is the auditor's BEST course of action?

Question194: Which of the following controls BEST ensures appropriate segregation of duties within an accounts payable department?

Question195: An IS auditor observes that exceptions have been approved (or an organization's information security policy.
Which of the following is MOST important for the auditor to confirm?

Question196: Which of the following is the BEST way to achieve high availability and fault tolerance for an e-business system?

Question197: An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives Which of the following findings should be the IS auditor's GREATEST concern?

Question198: Which of the following is the BEST incident of an effective problem management process?

Question199: Which of the following is the BEST way to mitigate the risk associated with a document storage application that has a syncing feature that could allow malware to spread to other machines in the network?

Question200: Which of the following is the MAIN risk associated with adding a new system functionality during the development phase without following a project change management process?

Question201: Which of the following must be in place before an IS auditor initiates audit follow-up activities?

Question202: The performance, risks, and capabilities of an IT infrastructure are BEST measured using a:

Question203: Which of the following human resources management practices BEST leads to the detection of fraudulent activity?

Question204: An IT governance body wants to determine whether IT service delivery is based on consistently effective processes. Which of the following is the BEST approach?

Question205: The operations team of an organization has reported an IS security attack. Which of the following should be the FIRST step for the security incident response team?

Question206: Which of the following is an IS auditor's BEST recommendation to help an organization increase the efficiency of computing resources?

Question207: Which of the following is MOST important for an IS auditor to examine when reviewing an organization's privacy policy?

Question208: What would be of GREATEST concern to an IS auditor observing shared key cards being utilized to access an organization's data center?

Question209: Which of the following analytical methods would be MOST useful when trying to identify groups with similar behavior or characteristics in a large population?

Question210: Which of the following would be MOST useful to an IS auditor confirming thai an IS department meets its service level agreements (SLAs)?

Question211: Which of the following is the PRIMARY objective of implementing privacy-related controls within an organization"?

Question212: Batch processes running in multiple countries are merged to one batch job to be executed in a single data center. Which of the following is the GREATEST concern with this approach?

Question213: A warehouse employee of a retail company has been able to conceal the theft of inventory items by entering adjustments of either damaged or lost stock items to the inventory system Which control would have BEST prevented this type of fraud in a retail environment?

Question214: Which of the following BEST enables alignment of IT with business objectives?

Question215: An IS auditor is evaluating a virtual server environment and learns that the production server, development server, and management console are housed in the same physical host. What should be the auditor's PRIMARY concern?

Question216: An organization is planning to re-purpose workstations mat were used to handle confidential information.
Which of the following would be the IS auditor's BEST recommendation to dispose of this information?

Question217: Which of the following is MOST important for an IS auditor to verify when reviewing a critical business application that requires high availability?

Question218: An organization that has suffered a cyber attack is performing a forensic analysis of the affected users' computers Which of the following should be of GREATEST concern for the IS editor reviewing this process?

Question219: Which of the following is the GREATEST risk associated with the lack of an effective data privacy program?

Question220: Which of the following should be defined in an audit chatter?

Question221: To BEST evaluate the effectiveness of a disaster recovery plan, the IS auditor should review the:

Question222: The members of an emergency incident response team should be:

Question223: In planning a major system development project, function point analysis would assist in:

Question224: The PRIMARY reason to follow up on prior-year audit reports is to determine if

Question225: Which of the following validation techniques would BEST prevent duplicate electronic vouchers?

Question226: An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor s NEXT course of action?

Question227: An organization with high availability resource requirements is selecting a provider for cloud computing.
Which of the following would cause the GREATEST concern to an IS auditor? The provider:

Question228: In a database management system (DBMS) normalization is used to:

Question229: Which of the following is MOST useful for determining whether the goals of IT are aligned with the organization's goals?

Question230: Which of the following is the MOST important difference between end-user computing (EUC) applications and traditional applications?

Question231: Which of the following is the MOST significant operational risk associated with the use of virtualization?

Question232: An IS auditor is performing a follow-up audit for findings identified In an organization's user provisioning process Which of the Mowing is the MOST appropriate population to sample from when testing for remediation?

Question233: Data analytics Tools are BEST suited for which of the following purposes?

Question234: An accounts receivable data entry routine prevents the entry of the same customer with different account numbers. Which of the following is the BEST way to test if this programmed control is effective?

Question235: When reviewing backup policies, an IS auditor MUST verify that backup intervals of critical systems do not exceed which of the following?

Question236: Which of the following is MOST helpful in preventing a systems failure from occurring when an application is replaced using the abrupt changeover technique?

Question237: Using swipe cards to limit employee access to restricted areas requires implementing which additional control?

Question238: Which of the following controls is BEST implemented through system configuration?

Question239: Which of the following is a directive control?

Question240: An IS auditor s role in privacy and security is to:

Question241: An organization seeks to control costs related to storage media throughout the information life cycle while still meeting business and regulatory requirements. Which of the following is the BEST way to achieve this objective?

Question242: Which of the following group is MOST likely responsible for the implementation of IT projects?

Question243: An IS auditor finds that terminated users have access to financial applications. Which of the following is the auditor's MOST important course of action when assessing the impact?

Question244: Management has decided to include a compliance manager in the approval process for a new business that may require changes to tie IT infrastructure. Which of the following is the GREATEST benefit of this approach?

Question245: Which of the following security risks can be reduced by a properly configured network firewall?

Question246: Which of the following should be included in a business impact analysis (BIA)

Question247: The PRIMARY reason for an IS auditor to use data analytics techniques is to reduce which type of audit risk?

Question248: Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organizations information security policy?

Question249: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?

Question250: Which of the following measures BEST mitigates the risk of exfiltration during a cyber attack?

Question251: Which of the following is the GREATEST concern when using a cold backup site?

Question252: Which of the following is the BEST way to mitigate risk to an organization's network associated with devices permitted under a bring your own device (BYOD) policy?

Question253: Which of the following poses the GREATEST security risk when implementing acquired application systems?

Question254: An algorithm in an email program analyzes traffic to quarantine emails identified as spam The algorithm in the program is BEST characterized as which type of control?

Question255: Which of the following is the GREATEST security risk associated with data migration from a legacy human resources (HR) system to a cloud-based system''

Question256: An employee has accidentally posted confidential data to the company's social media page. Which of the following is the BEST control to prevent this from recurring?

Question257: Which of the following is the MOST significant risk associated with peer-to-peer networking technology?

Question258: Which of the following BEST demonstrates the degree of alignment between IT and business strategy?

Question259: Several unattended laptops containing sensitive customer data were stolen from personnel offices Which of the following would be an IS auditor's BEST recommendation to protect data in case of recurrence?

Question260: Due to a high volume of customer orders, an organization plans to implement a new application for customers to use for online ordering Which type of testing is MOST important to ensure the security of the application prior to go-live?

Question261: Which of the following cloud deployment models would BEST meet the needs of a startup software development organization with limited initial capital?

Question262: An existing system is being replaced with a new application package User acceptance testing (UAT) should ensure that

Question263: An IS auditor finds that corporate mobile devices used by employees have varying levels of password settings.
Which of the following would be the BEST recommendation?

Question264: Which of the following is the PRIMARY objective of baselining the IT control environment?

Question265: Which of the following is an example of a control that is both detective and preventive at the same lime?

Question266: Which of the following features of a library control software package would protect against unauthorized updating of source code?

Question267: A bank recently experienced fraud where unauthorized payments were inserted into the payments transaction process. An IS auditor has reviewed the application systems and databases along the processing chain but has not identified the entry point of the fraudulent transactions. Where should the auditor look NEXT?

Question268: Which of the following is the MAIN benefit of using data analytics when testing the effectiveness of controls?

Question269: Which of the following control techniques BEST ensures the integrity of system interface transmissions?

Question270: Which type of attack poses the GREATEST risk to an organization's most sensitive data?

Question271: An IS auditor performing an application development review attends development team meetings. The IS auditor's independence will be compromised if the IS auditor:

Question272: An organization wants to replace its suite of legacy applications with a new, in-house developed solution.
Which of the following is the BEST way to address concerns associated with migration of all mission-critical business functionality?

Question273: An IS auditor is planning on utilizing attribute sampling to determine the error rate for health care claims processed. Which of the following factors will cause the sample size to decrease?

Question274: During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures. The auditor's NEXT step should be to:

Question275: During an audit of a data classification policy, an IS auditor finds that many documents are inappropriately classified as confidential. Which of the following is the GREATEST concern?

Question276: Which of the following metrics is MOST useful to an IS auditor when evaluating whether IT investments are meeting business objectives?

Question277: Which of the following indicates that an internal audit organization is structured to support the independence and clarity of the reporting process?

Question278: Which of the following is the PRIMARY purpose of quality assurance (QA) within an IS audit department?

Question279: Which of the following provides the MOST useful information to an IS auditor reviewing the relationships between critical business processes and IT systems?

Question280: An IS auditor will be testing accounts payable controls by performing data analytics on the entire population of transactions. Which of the following is MOST important for the auditor to confirm when sourcing the population data?

Question281: An IS auditor learns a server administration team regularly applies workarounds to address repeated failures of critical data processing services. Which of the following would BEST enable the organization to resolve this issue?

Question282: Which of the following features can be provided only by asymmetric encryption?

Question283: An IS auditor is assigned to review the development of a specific application. Which of the following would be the MOST significant step following the feasibility study?

Question284: Which of the following is the MOST important determining factor when establishing appropriate timeframes for follow-up activities related to audit findings?

Question285: The CIO of an organization is concerned that the information security policies may not be comprehensive.
Which of the following should an IS auditor recommend be performed FIRST?

Question286: Which of the following MUST be completed before selecting and deploying a biometric system that uses facial recognition software?

Question287: During a review, an IS auditor notes that an organization's marketing department has purchased a cloud-based software application without following the procurement process. What should the auditor do FIRST?

Question288: An effective implementation of security roles and responsibilities is BEST evidenced across an enterprise when:

Question289: An IS auditor is reviewing the implementation of an international quality management standard Which of the following provides the BEST evidence that quality management objectives have been achieved?

Question290: What is the MOST critical finding when reviewing an organization's information security management?

Question291: Which of the following provides an IS auditor the MOST assurance that an organization is compliant with legal and regulatory requirements?

Question292: Which of the following provides the BEST method for maintaining the security of corporate applications pushed to employee-owned mobile devices?

Question293: A month after a company purchased and implemented system and performance monitoring software reports were too large and therefore were not reviewed or acted upon The MOST effective plan of action would be to

Question294: Which of the following is the GREATEST advantage of vulnerability scanning over penetration testing'?

Question295: Which of the following is a concern associated with virtualization?

Question296: Which of the following network management toots should an IS auditor use to review the type of packets flowing along a monitored link'?

Question297: The activation of a pandemic response plan has resulted in a remote workforce situation. Which of the following technologies poses the GREATEST risk to data confidentiality?

Question298: To create a digital signature in a message using asymmetric encryption, it is necessary to:

Question299: Which of the following BEST demonstrates that IT strategy is aligned with organizational goals and objectives?

Question300: An IS auditor evaluating a three-tier client/server architecture observes an issue with graphical user interface (GUI) tasks. Which layer should the auditor recommend the client address?

Question301: When aligning IT projects with organizational objectives, it is MOST important to ensure that the:

Question302: An organization's business function wants to capture customer data and must comply with global data protection regulations. Which of the following should be considered FIRST?

Question303: The GREATEST benefit of using a prototyping approach in software development is that it helps to:

Question304: Which of the following should be of GREATEST concern to an IS auditor testing interface controls for an associated bank wire transfer process?

Question305: Which of the following should be an IS auditor's PRIMARY focus when developing a risk-based IS audit program?

Question306: In the risk assessment process, which of the following should be identified FIRST?

Question307: An organization processing high volumes of financial transactions has implemented log file analysis on a central log server to continuously monitor compliance with its fraud policy. Which of the following poses the GREATEST risk to this control?

Question308: During an audit, the client learns that the IS auditor has recently completed a similar security review at a competitor. The client inquires about the competitor's audit results. What is the BEST way for the auditor to address this inquiry?

Question309: Which of the following should be of GREATEST concern to an IS auditor reviewing actions taken during a forensic investigation?