Question1: Which of the following would MOST effectively ensure the integrity of data transmitted over a network?
Question2: An internal audit department recently established a quality assurance (QA) program. Which of the following activities Is MOST important to include as part of the QA program requirements?
Question3: An organization conducted an exercise to test the security awareness level of users by sending an email offering a cash reward 10 those who click on a link embedded in the body of the email. Which of the following metrics BEST indicates the effectiveness of awareness training?
Question4: Which of the following conditions would be of MOST concern to an IS auditor assessing the risk of a successful brute force attack against encrypted data at test?
Question5: Which of the following should be an IS auditor's GREATEST concern when assessing an IT service configuration database?
Question6: An organization is planning an acquisition and has engaged an IS auditor lo evaluate the IT governance framework of the target company. Which of the following would be MOST helpful In determining the effectiveness of the framework?
Question7: Which of the following is the BEST source of information for an IS auditor to use as a baseline to assess the adequacy of an organization's privacy policy?
Question8: When auditing the feasibility study of a system development project, the IS auditor should:
Question9: Which of the following analytical methods would be MOST useful when trying to identify groups with similar behavior or characteristics in a large population?
Question10: Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?
Question11: An organization has recently moved to an agile model for deploying custom code to its in-house accounting software system. When reviewing the procedures in place for production code deployment, which of the following is the MOST significant security concern to address?
Question12: During a follow-up audit, an IS auditor finds that some critical recommendations have the IS auditor's BEST course of action?
Question13: Which of the following poses the GREATEST risk to the use of active RFID tags?
Question14: Which of the following is MOST important for an IS auditor to determine during the detailed design phase of a system development project?
Question15: Which of the following BEST enables an organization to improve the effectiveness of its incident response team?
Question16: Which of the following is MOST important when implementing a data classification program?
Question17: Which of the following is the MOST efficient solution for a multi-location healthcare organization that wants to be able to access patient data wherever patients present themselves for care?
Question18: A data breach has occurred due lo malware. Which of the following should be the FIRST course of action?
Question19: To reduce operational costs, IT management plans to reduce the number of servers currently used to run business applications. Which of the following is MOST helpful to review when identifying which servers are no longer required?
Question20: Which of the following is MOST likely to be reduced when implementing optimal risk management strategies?
Question21: An IS auditor is reviewing a network diagram. Which of the following would be the BEST location for placement of a firewall?
Question22: A programmer has made unauthorized changes lo key fields in a payroll system report. Which of the following control weaknesses would have contributed MOST to this problem?
Question23: During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:
Question24: As part of business continuity planning, which of the following is MOST important to assess when conducting a business impact analysis (B1A)?
Question25: Which of the following application input controls would MOST likely detect data input errors in the customer account number field during the processing of an accounts receivable transaction?
Question26: An IS auditor finds that the process for removing access for terminated employees is not documented What is the MOST significant risk from this observation?
Question27: Which of the following is MOST critical to the success of an information security program?
Question28: During which process is regression testing MOST commonly used?
Question29: Which of the following is the BEST way to detect unauthorized copies of licensed software on systems?
Question30: Which of the following is the PRIMARY reason for an IS audit manager to review the work performed by a senior IS auditor prior to presentation of a report?
Question31: Which of the following is the PRIMARY purpose of obtaining a baseline image during an operating system audit?
Question32: Which of the following is the BEST performance indicator for the effectiveness of an incident management program?
Question33: During an information security review, an IS auditor learns an organizational policy requires all employ-ees to attend information security training during the first week of each new year. What is the auditor's BEST recommendation to ensure employees hired after January receive adequate guid-ance regarding security awareness?
Question34: Using swipe cards to limit employee access to restricted areas requires implementing which additional control?
Question35: Which of the following presents the GREATEST challenge to the alignment of business and IT?
Question36: A month after a company purchased and implemented system and performance monitoring software, reports were too large and therefore were not reviewed or acted upon The MOST effective plan of action would be to:
Question37: An IS auditor is reviewing an artificial intelligence (Al) and expert system application. The system has produced several critical errors with severe impact. Which of the following should the IS auditor do NEXT to understand the cause of the errors?
Question38: The PRIMARY role of a control self-assessment (CSA) facilitator is to:
Question39: An IS auditor finds that while an organization's IT strategy is heavily focused on research and development, the majority of protects n the IT portfolio focus on operations and maintenance. Which of the Mowing is the BEST recommendation?
Question40: An organization's security team created a simulated production environment with multiple vulnerable applications. What would be the PRIMARY purpose of creating such an environment?
Question41: What is the BEST way to reduce the risk of inaccurate or misleading data proliferating through business intelligence systems?
Question42: While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed with the audit function. In order to resolve the situation, the IS auditor's BEST course of action would be to:
Question43: Capacity management enables organizations to:
Question44: An IS auditor finds that the cost of developing an application is now projected to significantly exceed the budget. Which of the following is the GREATEST risk to communicate to senior management?
Question45: An external attacker spoofing an internal Internet Protocol (IP) address can BEST be detected by which of the following?
Question46: An IS audit reveals an IT application is experiencing poor performance including data inconsistency and integrity issues. What is the MOST likely cause?
Question47: Which of the following backup schemes is the BEST option when storage media is limited?
Question48: Which of the following findings from a database security audit presents the GREATEST risk of critical security exposures?
Question49: During an operational audit on the procurement department, the audit team encounters a key system that uses an artificial intelligence (Al) algorithm. The audit team does not have the necessary knowledge to proceed with the audit. Which of the following is the BEST way to handle this situation?
Question50: An organization is considering allowing users to connect personal devices to the corporate network. Which of the following should be done FIRST?
Question51: During the planning phase of a data loss prevention (DLP) audit, management expresses a concern about mobile computing. Which of the following should the IS auditor identity as the associated risk?
Question52: What should be the PRIMARY focus during a review of a business process improvement project?
Question53: A senior IS auditor suspects that a PC may have been used to perpetrate fraud in a finance department. The auditor should FIRST report this suspicion to:
Question54: Which of the following is the BEST way for an organization to mitigate the risk associated with third-party application performance?
Question55: Which of the following is the PRIMARY benefit of monitoring IT operational logs?
Question56: Which of the following would be MOST useful when analyzing computer performance?
Question57: Which of the following approaches will ensure recovery time objectives (RTOs) are met for an organization's disaster recovery plan (DRP)?
Question58: Which of the following is the MOST important privacy consideration for an organization that uses a cloud service provider to process customer data?
Question59: When assessing a proposed project for the two-way replication of a customer database with a remote call center, the IS auditor should ensure that:
Question60: Following a merger, a review of an international organization determines the IT steering committee's decisions do not extend to regional offices as required in the consolidated IT operating model. Which of the following is the IS auditor's BEST recommendation?
Question61: An organization has implemented a new data classification scheme and asks the IS auditor to evaluate its effectiveness. Which of the following would be of GREATEST concern to the auditor?
Question62: An organization has replaced all of the storage devices at its primary data center with new higher-capacity units The replaced devices have been installed at the disaster recovery site to replace older units An IS auditor s PRIMARY concern would be whether
Question63: Which of the following BEST indicates that the effectiveness of an organization's security awareness program has improved?
Question64: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?
Question65: Which of the following is the MOST effective method of destroying sensitive data stored on electronic media?
Question66: Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?
Question67: An IS auditor reviewing the system development life cycle (SDLC) finds there is no requirement for business cases. Which of the following should be offGREATEST concern to the organization?
Question68: An incident response team has been notified of a virus outbreak in a network subnet. Which of the following should be the NEXT step?
Question69: When auditing the adequacy of a cooling system for a data center, which of the following is MOST important for the IS auditor to review?
Question70: Which of the following would be the BEST criteria for monitoring an IT vendor's service levels?
Question71: Following the sale of a business division, employees will be transferred to a new organization, but they will retain access to IT equipment from the previous employer. An IS auditor has recommended that both organizations agree to and document an acceptable use policy for the equipment. What type of control has been recommended?
Question72: An IS auditor suspects an organization's computer may have been used to commit a crime. Which of the following is the auditor's BEST course of action?
Question73: Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?
Question74: Which of the following should be an IS auditor's GREATEST concern when an international organization intends to roll out a global data privacy policy?
Question75: During which IT project phase is it MOST appropriate to conduct a benefits realization analysis?
Question76: Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's method to transport sensitive data between offices?
Question77: Which of the following areas is MOST likely to be overlooked when implementing a new data classification process?
Question78: Which of the following BEST Indicates that an incident management process is effective?
Question79: Capacity management tools are PRIMARILY used to ensure that:
Question80: Which of the following should be done FIRST when planning to conduct internal and external penetration testing for a client?
Question81: Which of the following methods will BEST reduce the risk associated with the transition to a new system using technologies that are not compatible with the old system?
Question82: A core system fails a week after a scheduled update, causing an outage that impacts service. Which of the following is MOST important for incident management to focus on when addressing the issue?
Question83: An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application The audit manager Is the only one in the audit department with IT project management experience. What is the BEST course of action?
Question84: Which of the following provides the BEST assurance that vendor-supported software remains up to date?
Question85: Which of the following is the BEST source of information tor an IS auditor to use when determining whether an organization's information security policy is adequate?
Question86: An IS auditor Is renewing the deployment of a new automated system Which of the following findings presents the MOST significant risk?
Question87: Which type of testing is used to identify security vulnerabilities in source code in the development environment?
Question88: Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization's information security governance?
Question89: Who is PRIMARILY responsible for the design of IT controls to meet control objectives?
Question90: Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
Question91: An organization's information security policies should be developed PRIMARILY on the basis of:
Question92: Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS audit has been asked to conduct a control assessment. the auditor's BEST course of action would be to determine if:
Question93: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?
Question94: The PRIMARY purpose of an incident response plan is to:
Question95: When planning an audit, it is acceptable for an IS auditor to rely on a third-party provider's external audit report on service level management when the
Question96: A checksum is classified as which type of control?
Question97: Which of the following is an advantage of using agile software development methodology over the waterfall methodology?
Question98: An IS auditor observes that a business-critical application does not currently have any level of fault tolerance.
Which of the following is the GREATEST concern with this situation?
Question99: Which of the following is MOST important for an IS auditor to verify when evaluating an organization's firewall?
Question100: Who is PRIMARILY responsible for the design of IT controls to meet control objectives?
Question101: A senior auditor is reviewing work papers prepared by a junior auditor indicating that a finding was removed after the auditee said they corrected the problem. Which of the following is the senior auditor s MOST appropriate course of action?
Question102: What would be an IS auditor's BEST course of action when an auditee is unable to close all audit recommendations by the time of the follow-up audit?
Question103: Which of the following is the BEST way to strengthen the security of smart devices to prevent data leakage?
Question104: Which of the following is the BEST justification for deferring remediation testing until the next audit?
Question105: What would be an IS auditor's BEST recommendation upon finding that a third-party IT service provider hosts the organization's human resources (HR) system in a foreign country?
Question106: Which of the following is the BEST way to mitigate the risk associated with unintentional modifications of complex calculations in end-user computing (EUC)?
Question107: An organization implemented a cybersecurity policy last year Which of the following is the GREATE ST indicator that the policy may need to be revised?
Question108: Which of the following is the BEST way to foster continuous improvement of IS audit processes and practices?
Question109: What Is the BEST method to determine if IT resource spending is aligned with planned project spending?
Question110: Which of the following observations regarding change management should be considered the MOST serious risk by an IS auditor?
Question111: An IS auditor determines elevated administrator accounts for servers that are not properly checked out and then back in after each use. Which of the following is the MOST appropriate sampling technique to determine the scope of the problem?
Question112: Recovery facilities providing a redundant combination of Internet connections to the local communications loop is an example of which type of telecommunications continuity?
Question113: Which of the following biometric access controls has the HIGHEST rate of false negatives?
Question114: Which of the following is a social engineering attack method?
Question115: Which of the following is the BEST detective control for a job scheduling process involving data transmission?
Question116: An IT strategic plan that BEST leverages IT in achieving organizational goals will include:
Question117: What is the PRIMARY purpose of documenting audit objectives when preparing for an engagement?
Question118: The MOST important measure of the effectiveness of an organization's security program is the:
Question119: A mission-critical application utilizes a one-node database server. On multiple occasions, the database service has been stopped to perform routine patching, causing application outages. Which of the following should be the IS auditor's GREATEST concern?
Question120: An IT governance body wants to determine whether IT service delivery is based on consistently effective processes. Which of the following is the BEST approach?
Question121: Effective separation of duties in an online environment can BEST be achieved by utilizing:
Question122: During a review, an IS auditor discovers that corporate users are able to access cloud-based applications and data any Internet-connected web browser. Which Of the following is the auditor's BEST recommendation to prevent unauthorized access?
Question123: Which of the following should be the PRIMARY basis for prioritizing follow-up audits?
Question124: Which of the following provides the BEST evidence that a third-party service provider's information security controls are effective?
Question125: A now regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?
Question126: Which of the following would be an appropriate role of internal audit in helping to establish an organization's privacy program?
Question127: Which of the following would be MOST impacted if an IS auditor were to assist with the implementation of recommended control enhancements?
Question128: An IS auditor has been asked to provide support to the control self-assessment (CSA) program. Which of the following BEST represents the scope of the auditor's role in the program?
Question129: Which of the following observations should be of GREATEST concern to an IS auditor performing an audit of change and release management controls for a new complex system developed by a small in-house IT team?
Question130: A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?
Question131: During an ongoing audit, management requests a briefing on the findings to date. Which of the following is the IS auditor's BEST course of action?
Question132: Which of the following MOST effectively minimizes downtime during system conversions?
Question133: Which of the following is an IS auditor's BEST approach when prepanng to evaluate whether the IT strategy supports the organization's vision and mission?
Question134: When is it MOST important for an IS auditor to apply the concept of materiality in an audit?
Question135: Which of the following is an effective way to ensure the integrity of file transfers in a peer-to-peer (P2P) computing environment?
Question136: Which of the following is the BEST method to maintain an audit trail of changes made to the source code of a program?
Question137: Which of the following procedures for testing a disaster recovery plan (DRP) is MOST effective?
Question138: Which of the following is the MOST effective control to mitigate against the risk of inappropriate activity by employees?
Question139: Which of the following technology trends can lead to more robust data loss prevention (DLP) tools?
Question140: Which of the following is an IS auditor's BEST recommendation to protect an organization from attacks when its file server needs to be accessible to external users?
Question141: Which of the following approaches would utilize data analytics to facilitate the testing of a new account creation process?
Question142: Which of the following would BEST enable an organization to address the security risks associated with a recently implemented bring your own device (BYOD) strategy?
Question143: To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?
Question144: When planning an audit to assess application controls of a cloud-based system, it is MOST important tor the IS auditor to understand the.
Question145: A review of IT interface controls finds an organization does not have a process to identify and correct records that do not get transferred to the receiving system Which of the following is the IS auditors BEST recommendation?
Question146: An IS auditor is reviewing an organization's incident management processes and procedures. Which of the following observations should be the auditor's GREATEST concern?
Question147: Which of the following types of firewalls provide the GREATEST degree of control against hacker intrusion?
Question148: Which of the following should be of GREATEST concern to an |$ auditor reviewing data conversion and migration during the implementation of a new application system?
Question149: Which of the following is a threat to IS auditor independence?
Question150: Which of the following findings should be of GREATEST concern to an IS auditor assessing the risk associated with end-user computing (EUC) in an organization?
Question151: An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?
Question152: Which of the following is the BEST indication of effective governance over IT infrastructure?
Question153: During the implementation of an upgraded enterprise resource planning (ERP) system, which of the following is the MOST important consideration for a go-live decision?
Question154: Which of the following is a detective control?
Question155: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?
Question156: Which of the following is the MOST appropriate control to ensure integrity of online orders?
Question157: Which of the following is the MAIN responsibility of the IT steering committee?
Question158: Which of the following approaches BEST enables an IS auditor to detect security vulnerabilities within an application?
Question159: During a review, an IS auditor discovers that corporate users are able to access cloud-based applications and data from any Internet-connected web browser. Which of the following is the auditor's BEST recommendation to help prevent unauthorized access?
Question160: An organization is disposing of removable onsite media which contains sensitive information. Which of the following is the MOST effective method to prevent disclosure of sensitive data?
Question161: When planning an internal penetration test, which of the following is the MOST important step prior to finalizing the scope of testing?
Question162: Which of the following is the BEST way to enforce the principle of least privilege on a server containing data with different security classifications?
Question163: Which of the following is the MOST effective control to mitigate unintentional misuse of authorized access?
Question164: Which of the following would MOST likely impair the independence of the IS auditor when performing a post-implementation review of an application system?
Question165: Which of the following should be of GREATEST concern to an IS auditor performing a review of information security controls?
Question166: A security administrator is called in the middle of the night by the on-call programmer A number of programs have failed, and the programmer has asked for access to the live system. What IS the BEST course of action?
Question167: Which of the following is MOST helpful for understanding an organization's key driver to modernize application platforms?
Question168: Due to a recent business divestiture, an organization has limited IT resources to deliver critical projects Reviewing the IT staffing plan against which of the following would BEST guide IT management when estimating resource requirements for future projects?
Question169: An IS auditor has learned that access privileges are not periodically reviewed or updated. Which of the following would provide the BEST evidence to determine whether transactions have been executed by authorized employees?
Question170: When assessing whether an organization's IT performance measures are comparable to other organizations in the same industry, which of the following would be MOST helpful to review?
Question171: Spreadsheets are used to calculate project cost estimates. Totals for each cost category are then keyed into the job-costing system. What is the BEST control to ensure that data is accurately entered into the system?
Question172: Which of the following business continuity activities prioritizes the recovery of critical functions?
Question173: What should an IS auditor do FIRST when a follow-up audit reveals some management action plans have not been initiated?
Question174: Which of the following is the GREATEST benefit of adopting an international IT governance framework rather than establishing a new framework based on the actual situation of a specific organization1?
Question175: In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?
Question176: A database administrator (DBA) should be prevented from having end user responsibilities:
Question177: Which of the following should be of GREATEST concern to an IS auditor who is assessing an organization's configuration and release management process?
Question178: An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that
Question179: Which of the following is a PRIMARY responsibility of a quality assurance (QA) team?
Question180: Which of the following BEST describes a digital signature?
Question181: During a project assessment, an IS auditor finds that business owners have been removed from the project initiation phase. Which of the following should be the auditor's GREATEST concern with this situation?
Question182: Which of the following is MOST important to review during the project initiation phase of developing and deploying a new application?
Question183: Which of the following is the MOST important outcome of an information security program?
Question184: Which of the following is the BEST method to prevent wire transfer fraud by bank employees?
Question185: Which of the following provides the BEST evidence of the validity and integrity of logs in an organization's security information and event management (SIEM) system?
Question186: What should an IS auditor evaluate FIRST when reviewing an organization's response to new privacy legislation?
Question187: Which of the following is MOST important to consider when developing a service level agreement (SLAP)?
Question188: Prior to a follow-up engagement, an IS auditor learns that management has decided to accept a level of residual risk related to an audit finding without remediation. The IS auditor is concerned about management's decision. Which of the following should be the IS auditor's NEXT course of action?
Question189: Which of the following findings would be of GREATEST concern when reviewing project risk management practices?
Question190: Which of the following is the MOST important responsibility of data owners when implementing a data classification process?
Question191: When reviewing past results of a recurring annual audit, an IS auditor notes that findings may not have been reported and independence may not have been maintained. Which of the following is the auditor's BEST course of action?
Question192: Which of the following is the BEST indication of effective IT investment management?
Question193: During a database management evaluation an IS auditor discovers that some accounts with database administrator (DBA) privileges have been assigned a default password with an unlimited number of failed login attempts Which of the following is the auditor's BEST course of action?
Question194: A bank performed minor changes to the interest calculation computer program. Which of the following techniques would provide the STRONGEST evidence to determine whether the interest calculations are correct?
Question195: Which of the following would be MOST effective to protect information assets in a data center from theft by a vendor?
Question196: Controls related to authorized modifications to production programs are BEST tested by:
Question197: An organization that operates an e-commerce website wants to provide continuous service to its customers and is planning to invest in a hot site due to service criticality. Which of the following is the MOST important consideration when making this decision?
Question198: An IS auditor is assigned to perform a post-implementation review of an application system. Which of the following would impair the auditor's independence?
Question199: Which of the following is the MOST appropriate indicator of change management effectiveness?
Question200: An IS auditor discovers that validation controls m a web application have been moved from the server side into the browser to boost performance This would MOST likely increase the risk of a successful attack by.
Question201: An organization requires the use of a key card to enter its data center. Recently, a control was implemented that requires biometric authentication for each employee.
Which type of control has been added?
Question202: An organization allows programmers to change production systems in emergency situations without seeking prior approval. Which of the following controls should an IS auditor consider MOST important?
Question203: During a pre-deployment assessment, what is the BEST indication that a business case will lead to the achievement of business objectives?
Question204: The PRIMARY purpose of a configuration management system is to:
Question205: Which of the following is the PRIMARY advantage of using visualization technology for corporate applications?
Question206: Which of the following is BEST used for detailed testing of a business application's data and configuration files?
Question207: What is the GREATEST concern for an IS auditor reviewing contracts for licensed software that executes a critical business process?
Question208: An IS auditor has been asked to audit the proposed acquisition of new computer hardware. The auditor's PRIMARY concern Is that:
Question209: Which of the following be of GREATEST concern to an IS auditor reviewing on-site preventive maintenance for an organization's business-critical server hardware?
Question210: One benefit of return on investment (ROI) analysts in IT decision making is that it provides the:
Question211: The PRIMARY benefit of automating application testing is to:
Question212: Which of the following is MOST important for an IS auditor to verify when reviewing the use of an outsourcer for disposal of storage media?
Question213: Which of the following should be the FIRST consideration when deciding whether data should be moved to a cloud provider for storage?
Question214: Which of the following is the MOST effective way to maintain network integrity when using mobile devices?
Question215: Which of the following is the MOST effective accuracy control for entry of a valid numeric part number?
Question216: Stress testing should ideally be earned out under a:
Question217: Which of the following should be of GREATEST concern to an IS auditor assessing an organization's patch management program?
Question218: Which of the following should be an IS auditor's GREATEST consideration when scheduling follow-up activities for agreed-upon management responses to remediate audit observations?
Question219: Which of the following should be the PRIMARY consideration when validating a data analytic algorithm that has never been used before?
Question220: When developing customer-facing IT applications, in which stage of the system development life cycle (SDLC) is it MOST beneficial to consider data privacy principles?
Question221: Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?
Question222: Management has learned the implementation of a new IT system will not be completed on time and has requested an audit. Which of the following audit findings should be of GREATEST concern?
Question223: An organization's software developers need access to personally identifiable information (Pll) stored in a particular data format. Which of the following is the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?
Question224: A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?
Question225: An IS auditor should ensure that an application's audit trail:
Question226: Which of the following is MOST important to consider when reviewing an organization's defined data backup and restoration procedures?
Question227: in a controlled application development environment, the MOST important segregation of duties should be between the person who implements changes into the production environment and the:
Question228: During audit framework. an IS auditor teams that employees are allowed to connect their personal devices to company-owned computers. How can the auditor BEST validate that appropriate security controls are in place to prevent data loss?
Question229: Which of the following is the MOST important area of focus for an IS auditor when developing a risk-based audit strategy?
Question230: A new system is being developed by a vendor for a consumer service organization. The vendor will provide its proprietary software once system development is completed Which of the following is the MOST important requirement to include In the vendor contract to ensure continuity?
Question231: Which of the following is the PRIMARY benefit of benchmarking an organization's software development lifecycle practices against a capability maturity model?
Question232: During a pre-implementation review, an IS auditor notes that some scenarios have not been tested.
Management has indicated that the project is critical and cannot be postponed. Which of the following is the auditor's BEST course of action?
Question233: During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:
Question234: Which task should an IS auditor complete FIRST during the preliminary planning phase of a database security review?
Question235: A small business unit is implementing a control self-assessment (CSA) program and leveraging the internal audit function to test its internal controls annually. Which of the following is the MOST significant benefit of this approach?
Question236: An externally facing system containing sensitive data is configured such that users have either read-only or administrator rights. Most users of the system have administrator access. Which of the following is the GREATEST risk associated with this situation?
Question237: Which of the following is the PRIMARY reason an IS auditor would recommend offsite backups although critical data is already on a redundant array of inexpensive disks (RAID)?
Question238: When planning a review of IT governance, an IS auditor is MOST likely to:
Question239: When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:
Question240: Which of the following can only be provided by asymmetric encryption?
Question241: A small IT department has embraced DevOps, which allows members of this group to deploy code to production and maintain some development access to automate releases. Which of the following is the MOST effective control?
Question242: Which of the following is the BEST audit procedure to determine whether a firewall is configured in compliance with the organization's security policy?
Question243: Which of the following should be the FIRST step when conducting an IT risk assessment?
Question244: An IT balanced scorecard is PRIMARILY used for:
Question245: The PRIMARY purpose of requiring source code escrow in a contractual agreement is to:
Question246: An IS auditor discovers that a developer has used the same key to grant access to multiple applications making calls to an application programming interface (API). Which of the following is the BEST recommendation to address this situation?
Question247: Which of the following would MOST effectively help to reduce the number of repealed incidents in an organization?
Question248: An IS auditor follows up on a recent security incident and finds the incident response was not adequate.
Which of the following findings should be considered MOST critical?
Question249: Which of the following is MOST critical to the success of an information security program?
Question250: How does a continuous integration/continuous development (CI/CD) process help to reduce software failure risk?
Question251: To ensure confidentiality through the use of asymmetric encryption, a message is encrypted with which of the following?
Question252: Audit observations should be FIRST communicated with the auditee:
Question253: An organization has outsourced the development of a core application. However, the organization plans to bring the support and future maintenance of the application back in-house. Which of the following findings should be the IS auditor's GREATEST concern?
Question254: When reviewing a business case for a proposed implementation of a third-party system, which of the following should be an IS auditor's GREATEST concern?
Question255: The GREATEST benefit of using a polo typing approach in software development is that it helps to:
Question256: Data from a system of sensors located outside of a network is received by the open ports on a server. Which of the following is the BEST way to ensure the integrity of the data being collected from the sensor system?
Question257: Several unattended laptops containing sensitive customer data were stolen from personnel offices Which of the following would be an IS auditor's BEST recommendation to protect data in case of recurrence?
Question258: Which of the following provides the BE ST method for maintaining the security of corporate applications pushed to employee-owned mobile devices?
Question259: Which of the following is the GREATEST concern related to an organization's data classification processes?
Question260: What is the BEST control to address SQL injection vulnerabilities?
Question261: An IS auditor engaged in developing the annual internal audit plan learns that the chief information officer (CIO) has requested there be no IS audits in the upcoming year as more time is needed to address a large number of recommendations from the previous year. Which of the following should the auditor do FIRST
Question262: In which of the following sampling methods is the entire sample considered to be irregular if a single error is found?
Question263: Which of the following is the MOST important consideration for patching mission critical business application servers against known vulnerabilities?
Question264: Which of the following BEST enables a benefits realization process for a system development project?
Question265: Which of the following would provide an IS auditor with the GREATEST assurance that data disposal controls support business strategic objectives?
Question266: Which of the following is the PRIMARY reason to involve IS auditors in the software acquisition process?
Question267: A disaster recovery plan (DRP) should include steps for:
Question268: An IS auditor concludes that logging and monitoring mechanisms within an organization are ineffective because critical servers are not included within the central log repository. Which of the following audit procedures would have MOST likely identified this exception?
Question269: Which of the following findings related to segregation of duties should be of GREATEST concern to an IS auditor?
Question270: A new regulation in one country of a global organization has recently prohibited cross-border transfer of personal data. An IS auditor has been asked to determine the organization's level of exposure In the affected country. Which of the following would be MOST helpful in making this assessment?
Question271: An IS auditor is analyzing a sample of accounts payable transactions for a specific vendor and identifies one transaction with a value five times as high as the average transaction. Which of the following should the auditor do NEXT?
Question272: An IS auditor is tasked to review an organization's plan-do-check-act (PDCA) method for improving IT-related processes and wants to determine the accuracy of defined targets to be achieved. Which of the following steps in the PDCA process should the auditor PRIMARILY focus on in this situation?
Question273: Which of the following should be done FIRST to minimize the risk of unstructured data?
Question274: Which of the following is the GREATEST benefit of adopting an Agile audit methodology?
Question275: Which of the following types of firewalls provides the GREATEST degree of control against hacker intrusion?
Question276: For an organization that has plans to implement web-based trading, it would be MOST important for an IS auditor to verify the organization's information security plan includes:
Question277: An IS auditor is reviewing an organization that performs backups on local database servers every two weeks and does not have a formal policy to govern data backup and restoration procedures. Which of the following findings presents the GREATEST risk to the organization?
Question278: Which of the following is the GREATEST advantage of outsourcing the development of an e-banking solution when in-house technical expertise is not available?
Question279: An organization's IT department and internal IS audit function all report to the chief information officer (CIO). Which of the following is the GREATEST concern associated with this reporting structure?
Question280: An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?
Question281: An IS auditor is reviewing logical access controls for an organization's financial business application Which of the following findings should be of GREATEST concern to the auditor?
Question282: What is MOST important to verify during an external assessment of network vulnerability?
Question283: What is BEST for an IS auditor to review when assessing the effectiveness of changes recently made to processes and tools related to an organization's business continuity plan (BCP)?
Question284: The BEST way to evaluate the effectiveness of a newly developed application is to:
Question285: An incident response team has been notified of a virus outbreak in a network subnet. Which of the following should be the NEXT step?
Question286: An IS auditor Is reviewing a recent security incident and is seeking information about me approval of a recent modification to a database system's security settings Where would the auditor MOST likely find this information?
Question287: Which of the following BEST enables an IS auditor to prioritize financial reporting spreadsheets for an end- user computing (EUC) audit?
Question288: An organization relies on an external vendor that uses a cloud-based Software as a Service (SaaS) model to back up its data. Which of the following is the GREATEST risk to the organization related to data backup and retrieval?
Question289: Which of the following should be of MOST concern to an IS auditor reviewing the public key infrastructure (PKI) for enterprise email?
Question290: Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:
Question291: Which of the following is the BEST way for management to ensure the effectiveness of the cybersecurity incident response process?
Question292: An IS auditor is reviewing a machine learning algorithm-based system for loan approvals and is preparing a data set to test the algorithm for bias. Which of the following is MOST important for the auditor's test data set to include?
Question293: Which of the following is the BEST way to address potential data privacy concerns associated with inadvertent disclosure of machine identifier information contained within security logs?
Question294: Which of the following are BEST suited for continuous auditing?
Question295: During the implementation of a new system, an IS auditor must assess whether certain automated calculations comply with the regulatory requirements Which of the following is the BEST way to obtain this assurance?
Question296: The PRIMARY reason to assign data ownership for protection of data is to establish:
Question297: To mitigate the risk of exposing data through application programming interface (API) queries. which of the following design considerations is MOST important?
Question298: An organization is ready to implement a new IT solution consisting of multiple modules. The last module updates the processed data into the database. Which of the following findings should be of MOST concern to the IS auditor?
Question299: Which of the following should be of GREATEST concern to an IS auditor when using data analytics?
Question300: Which of the following is the GREATEST risk related to the use of virtualized environments?
Question301: Audit frameworks can assist the IS audit function by:
Question302: Which of the following is MOST important to define within a disaster recovery plan (DRP)?
Question303: Which of the following should be an IS auditor's PRIMARY focus when developing a risk-based IS audit program?
Question304: Which of the following BEST addresses the availability of an online store?
Question305: Which of the following is the PRIMARY purpose of a rollback plan for a system change?
Question306: Which of the following is MOST critical to the success of an information security program?
Question307: An organization plans to centrally decommission end-of-life databases and migrate the data to the latest model of hardware. Which of the following BEST ensures data integrity is preserved during the migration?
Question308: A small organization is experiencing rapid growth and plans to create a new information security policy.
Which of the following is MOST relevant to creating the policy?
Question309: A warehouse employee of a retail company has been able to conceal the theft of inventory items by entering adjustments of either damaged or lost stock items lo the inventory system. Which control would have BEST prevented this type of fraud in a retail environment?
Question310: Which of the following would be the GREATEST concern to an IS auditor when reviewing the outsourcing contract for an organization's cloud service provider?
Question311: To help determine whether a controls-reliant approach to auditing financial systems in a company should be used, which sequence of IS audit work is MOST appropriate?
Question312: The use of access control lists (ACLs) is the MOST effective method to mitigate security risk for routers because they: (Identify Correct answer and related explanation/references from CISA Certification - Information Systems Auditor official Manual or book)
Question313: Which of the following is MOST important to include in security awareness training?
Question314: Which of the following is the MAIN purpose of an information security management system?
Question315: Which of the following BEST demonstrates to senior management and the board that an audit function is compliant with standards and the code of ethics?
Question316: An IS auditor is evaluating an organization's IT strategy and plans. Which of the following would be of GREATEST concern?
Question317: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?
Question318: Which of the following would an IS auditor find to be the GREATEST risk associated with the server room in a remote office location?
Question319: An organization is migrating its HR application to an Infrastructure as a Service (laaS) model in a private cloud. Who is PRIMARILY responsible for the security configurations of the deployed application's operating system?
Question320: In an online application which of the following would provide the MOST information about the transaction audit trail?
Question321: Which of the following is MOST important to ensure that electronic evidence collected during a forensic investigation will be admissible in future legal proceedings?
Question322: Which type of risk would MOST influence the selection of a sampling methodology?
Question323: Which of the following audit procedures would be MOST conclusive in evaluating the effectiveness of an e- commerce application system's edit routine?
Question324: During audit planning, the IS audit manager is considering whether to budget for audits of entities regarded by the business as having low risk. Which of the following is the BEST course of action in this situation?
Question325: During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?
Question326: Which of the following would BEST indicate the effectiveness of a security awareness training program?
Question327: Which of the following user actions poses the GREATEST risk for inadvertently introducing malware into a local network?
Question328: Which of the following is the PRIMARY objective of implementing privacy-related controls within an organization?
Question329: Which of the following network communication protocols is used by network devices such as routers to send error messages and operational information indicating success or failure when communicating with another IP address?
Question330: Which of the following should an IS auditor recommend be done FIRST when an organization is made aware of a new regulation that is likely to impact IT security requirements?
Question331: An IS auditor learns a server administration team regularly applies workarounds to address repeated failures of critical data processing services Which of the following would BEST enable the organization to resolve this issue?
Question332: Which of the following provides the BEST audit evidence that a firewall is configured in compliance with the organization's security policy?
Question333: Which of the following is a challenge in developing a service level agreement (SLA) for network services?
Question334: Which of the following should an IS auditor consider FIRST when evaluating firewall rules?
Question335: Which of the following would BEST prevent an arbitrary application of a patch?
Question336: An organization uses public key infrastructure (PKI) to provide email security. Which of the following would be the MOST efficient method to determine whether email messages have been modified in transit?
Question337: Which of the following is MOST important when creating a forensic image of a hard drive?
Question338: Which of the following is a PRIMARY responsibility of an IT steering committee?
Question339: Which of the following is the PRIMARY objective of enterprise architecture (EA)?
Question340: Which of the following would a digital signature MOST likely prevent?
Question341: Which of the following is the PRIMARY benefit of effective implementation of appropriate data classification?
Question342: An organization is concerned with meeting new regulations for protecting data confidentiality and asks an IS auditor to evaluate their procedures for transporting data. Which of the following would BEST support the organization's objectives?
Question343: Which of the following is the MOST efficient way to identify segregation of duties violations in a new system?
Question344: An IS auditor is examining a front-end subledger and a main ledger. Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?
Question345: Which of the following is the BEST evidence that an organization's IT strategy is aligned lo its business objectives?
Question346: Stress testing should ideally be carried out under a:
Question347: An IS auditor is reviewing the security of a web-based customer relationship management (CRM) system that is directly accessed by customers via the Internet, which of the following should be a concern for the auditor?
Question348: Which of the following tests is MOST likely to detect an error in one subroutine resulting from a recent change in another subroutine?
Question349: A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?
Question350: An IS auditor has found that a vendor has gone out of business and the escrow has an older version of the source code. What is the auditor's BEST recommendation for the organization?
Question351: Which of the following is the BEST methodology to use for estimating the complexity of developing a large business application?
Question352: During an audit of a multinational bank's disposal process, an IS auditor notes several findings. Which of the following should be the auditor's GREATEST concern?
Question353: Which of the following will BEST ensure that archived electronic information of permanent importance remains accessible over time?
Question354: In data warehouse (DW) management, what is the BEST way to prevent data quality issues caused by changes from a source system?
Question355: A global bank plans to use a cloud provider for backup of customer financial data. Which of the following should be the PRIMARY focus of this project?
Question356: An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?
Question357: Which of the following should be the PRIMARY focus when communicating an IS audit issue to management?
Question358: Which of the following is MOST important for an IS auditor to review when evaluating the accuracy of a spreadsheet that contains several macros?
Question359: Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?
Question360: Which of the following should be the MOST important consideration when conducting a review of IT portfolio management?
Question361: Which of the following is MOST important during software license audits?
Question362: Which of the following would the IS auditor MOST likely review to determine whether modifications to the operating system parameters were authorized?
Question363: How is nonrepudiation supported within a public key infrastructure (PKI) environment?
Question364: Which of the following is MOST useful when planning to audit an organization's compliance with cybersecurity regulations in foreign countries?
Question365: An IS auditor is reviewing a data conversion project Which of the following is the auditor's BEST recommendation prior to go-live?
Question366: An IS auditor found that operations personnel failed to run a script contributing to year-end financial statements. Which of the following is the BEST recommendation?
Question367: Management receives information indicating a high level of risk associated with potential flooding near the organization's data center within the next few years. As a result, a decision has been made to move data center operations to another facility on higher ground. Which approach has been adopted?
Question368: In order for a firewall to effectively protect a network against external attacks, what fundamental practice must be followed?
Question369: Which of the following would be an auditor's GREATEST concern when reviewing data inputs from spreadsheets into the core finance system?
Question370: Which of the following is the BEST indicator of the effectiveness of signature-based intrusion detection systems (lDS)?
Question371: Which of the following provides the MOST useful information for performing a business impact analysis (B1A)?
Question372: An organization considering the outsourcing of a business application should FIRST:
Question373: An organization that has suffered a cyber-attack is performing a forensic analysis of the affected users' computers. Which of the following should be of GREATEST concern for the IS auditor reviewing this process?
Question374: Which of the following is an executive management concern that could be addressed by the implementation of a security metrics dashboard?
Question375: Which of the following is the MOST appropriate testing approach when auditing a daily data flow between two systems via an automated interface to confirm that it is complete and accurate?
Question376: Which of the following is the GREATEST risk if two users have concurrent access to the same database record?
Question377: An organization offers an e-commerce platform that allows consumer-to-consumer transactions. The platform now uses blockchain technology to ensure the parties are unable to deny the transactions. Which of the following attributes BEST describes the risk element that this technology is addressing?
Question378: An organization is shifting to a remote workforce In preparation the IT department is performing stress and capacity testing of remote access infrastructure and systems What type of control is being implemented?
Question379: Which of the following findings from an IT governance review should be of GREATEST concern?
Question380: Which of the following is MOST helpful to an IS auditor when assessing the effectiveness of controls?
Question381: Which of the following components of a risk assessment is MOST helpful to management in determining the level of risk mitigation to apply?
Question382: In a high-volume, real-time system, the MOST effective technique by which to continuously monitor and analyze transaction processing is:
Question383: Which of the following findings would be of GREATEST concern to an IS auditor assessing an organization's patch management process?
Question384: The use of which of the following is an inherent risk in the application container infrastructure?
Question385: In order to be useful, a key performance indicator (KPI) MUST
Question386: Who should be the FIRST to evaluate an audit report prior to issuing it to the project steering committee?
Question387: Which of the following is the GREATEST impact as a result of the ongoing deterioration of a detective control?
Question388: An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner. Which of the following is the auditor's BEST recommendation?
Question389: Due to system limitations, segregation of duties (SoD) cannot be enforced in an accounts payable system.
Which of the following is the IS auditor's BEST recommendation for a compensating control?
Question390: Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?
Question391: Which of the following is the MOST important consideration when establishing vulnerability scanning on critical IT infrastructure?
Question392: Which of the following would be of GREATEST concern to an IS auditor reviewing an IT strategy document?
Question393: An IS auditor notes that the previous year's disaster recovery test was not completed within the scheduled time frame due to insufficient hardware allocated by a third-party vendor. Which of the following provides the BEST evidence that adequate resources are now allocated to successfully recover the systems?
Question394: Which of the following should an IS auditor be MOST concerned with during a post-implementation review?
Question395: An IS auditor finds that capacity management for a key system is being performed by IT with no input from the business The auditor's PRIMARY concern would be:
Question396: An organization has recently acquired and implemented intelligent-agent software for granting loans to customers. During the post-implementation review, which of the following is the MOST important procedure for the IS auditor to perform?
Question397: Which of the following is the BEST way to prevent social engineering incidents?
Question398: Which of the following should be performed FIRST before key performance indicators (KPIs) can be implemented?
Question399: Which of the following represents the HIGHEST level of maturity of an information security program?
Question400: An incorrect version of the source code was amended by a development team. This MOST likely indicates a weakness in:
Question401: An IS auditor notes that not all security tests were completed for an online sales system recently promoted to production. Which of the following is the auditor's BEST course of action?
Question402: An organization is establishing a steering committee for the implementation of a new enterprise resource planning (ERP) system that uses Agile project management methodology. What is the MOST important criterion for the makeup of this committee?
Question403: An IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer payments. The IS auditor should FIRST
Question404: An audit has identified that business units have purchased cloud-based applications without IPs support. What is the GREATEST risk associated with this situation?
Question405: Which of the following is MOST important for an IS auditor to consider when performing the risk assessment poor to an audit engagement?
Question406: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?
Question407: A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?
Question408: During a review of system access, an IS auditor notes that an employee who has recently changed roles within the organization still has previous access rights. The auditor's NEXT step should be to:
Question409: Management has requested a post-implementation review of a newly implemented purchasing package to determine to what extent business requirements are being met. Which of the following is MOST likely to be assessed?
Question410: An IS audit team is evaluating documentation of the most recent application user access review. It is determined that the user list was not system generated. Which of the following should be of MOST concern?
Question411: An IS auditor is verifying the adequacy of an organization's internal controls and is concerned about potential circumvention of regulations. Which of the following is the BEST sampling method to use?
Question412: During an exit meeting, an IS auditor highlights that backup cycles
are being missed due to operator error and that these exceptions
are not being managed. Which of the following is the BEST way to
help management understand the associated risk?
Question413: Which of the following is the MOST significant risk that IS auditors are required to consider for each engagement?
Question414: Which of the following is the MOST significant impact to an organization that does not use an IT governance framework?
Question415: During a routine internal software licensing review, an IS auditor discovers instances where employees shared license keys to critical pieces of business software. Which of the following would be the auditor's BEST course of action?
Question416: Which of the following is MOST important for an IS auditor to examine when reviewing an organization's privacy policy?
Question417: Which of the following would BEST manage the risk of changes in requirements after the analysis phase of a business application development project?
Question418: A project team has decided to switch to an agile approach to develop a replacement for an existing business application. Which of the following should an IS auditor do FIRST to ensure the effectiveness of the protect audit?
Question419: Which of the following provides the BEST providence that outsourced provider services are being properly managed?
Question420: What is the FIRST step when creating a data classification program?
Question421: An IS auditor conducts a review of a third-party vendor's reporting of key performance indicators (KPIs) Which of the following findings should be of MOST concern to the auditor?
Question422: An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported. The auditee has stated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?
Question423: After the merger of two organizations, which of the following is the MOST important task for an IS auditor to perform?
Question424: Which of the following types of environmental equipment will MOST likely be deployed below the floor tiles of a data center?
Question425: Which of the following risk scenarios is BEST addressed by implementing policies and procedures related to full disk encryption?
Question426: When reviewing an organization's information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of:
Question427: An IS auditor notes that IT and the business have different opinions on the availability of their application servers. Which of the following should the IS auditor review FIRST in order to understand the problem?
Question428: Which of the following metrics is the BEST indicator of the performance of a web application
Question429: During a new system implementation, an IS auditor has been assigned to review risk management at each milestone. The auditor finds that several risks to project benefits have not been addressed. Who should be accountable for managing these risks?
Question430: Which of the following strategies BEST optimizes data storage without compromising data retention practices?
Question431: Which of the following is the MOST effective way to detect as many abnormalities as possible during an IS audit?
Question432: An organization has implemented a distributed security administration system to replace the previous centralized one. Which of the following presents the GREATEST potential concern?
Question433: An IS auditor is reviewing an organization's business continuity plan (BCP) following a change in organizational structure with significant impact to business processes. Which of the following findings should be the auditor's GREATEST concern?
Question434: Which of the following is a PRIMARY benefit of using risk assessments to determine areas to be included in an audit plan?
Question435: Which of the following provides an IS auditor assurance that the interface between a point-of-sale (POS) system and the general ledger is transferring sales data completely and accurately?
Question436: Which of the following is the BEST indicator that a third-party vendor adheres to the controls required by the organization?
Question437: The waterfall life cycle model of software development is BEST suited for which of the following situations?
Question438: Which of the following is the BEST way to mitigate the impact of ransomware attacks?
Question439: Which of the following BEST indicates to an IS auditor that an organization handles emergency changes appropriately and transparently?
Question440: The implementation of an IT governance framework requires that the board of directors of an organization:
Question441: When designing metrics for information security, the MOST important consideration is that the metrics:
Question442: An IS auditor will be testing accounts payable controls by performing data analytics on the entire population of transactions. Which of the following is MOST important for the auditor to confirm when sourcing the population data?
Question443: Which of the following controls BEST ensures appropriate segregation of dudes within an accounts payable department?
Question444: The BEST way to provide assurance that a project is adhering to the project plan is to:
Question445: What should an IS auditor do FIRST upon discovering that a service provider did not notify its customers of a security breach?
Question446: A senior IS auditor suspects that a PC may have been used to perpetrate fraud in a finance department. The auditor should FIRST report this suspicion to:
Question447: Which of the following provides the MOST useful information regarding an organization's risk appetite and tolerance?
Question448: Which of the following will BEST ensure that a proper cutoff has been established to reinstate transactions and records to their condition just prior to a computer system failure?
Question449: When assessing the overall effectiveness of an organization's disaster recovery planning process, which of the following is MOST important for the IS auditor to verify?
Question450: Which of the following findings should be of GREATEST concern for an IS auditor when auditing the effectiveness of a phishing simu-lation test administered for staff members?
Question451: Which of the following should be of GREATEST concern for an IS auditor reviewing an organization's disaster recovery plan (DRP)?
Question452: Which of the following provides a new IS auditor with the MOST useful information to evaluate overall IT performance?
Question453: An IS audit learn is evaluating the documentation related to the most recent application user-access review performed by IT and business management It is determined that the user list was not system-generated. Which of the following should be the GREATEST concern?
Question454: What is the PRIMARY reason to adopt a risk-based IS audit strategy?
Question455: During an audit of a financial application, it was determined that many terminated users' accounts were not disabled. Which of the following should be the IS auditor's NEXT step?
Question456: Which of the following BEST describes an audit risk?
Question457: Which of the following activities provides an IS auditor with the MOST insight regarding potential single person dependencies that might exist within the organization?
Question458: Which type of threat can utilize a large group of automated social media accounts to steal data, send spam, or launch distributed denial of service (DDoS) attacks?
Question459: In an organization's feasibility study to acquire hardware to support a new web server, omission of which of the following would be of MOST concern?
Question460: Which of the following BEST reflects a mature strategic planning process?
Question461: Which of the following is the BEST control to minimize the risk of unauthorized access to lost company-owned mobile devices?
Question462: An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor's NEXT course of action?
Question463: During planning for a cloud service audit, audit management becomes aware that the assigned IS auditor is unfamiliar with the technologies in use and their associated risks to the business. To ensure audit quality, which of the following actions should audit management consider FIRST?
Question464: Which of the following is the MOST important activity in the data classification process?
Question465: Audit frameworks cart assist the IS audit function by:
Question466: Which of the following is the MOST important control for virtualized environments?
Question467: Which of the following is the BEST source of information for examining the classification of new data?
Question468: Which of the following would be of GREATEST concern to an IS auditor reviewing an IT-related customer service project?
Question469: Which of the following provides the MOST assurance of the integrity of a firewall log?
Question470: Which of the following is MOST important for an IS auditor to do during an exit meeting with an auditee?
Question471: Which of the following is an IS auditor's BEST recommendation to mitigate the risk of eavesdropping associated with an application programming interface (API) integration implementation?
Question472: An IS auditor is conducting a review of a data center. Which of the following observations could indicate an access control Issue?
Question473: Which of the following staff should an IS auditor interview FIRST to obtain a general overview of the various technologies used across different programs?
Question474: Which of the following would BEST facilitate the successful implementation of an IT-related framework?
Question475: When evaluating the design of controls related to network monitoring, which of the following is MOST important for an IS auditor to review?
Question476: Which of the following is the GREATEST advantage of maintaining an internal IS audit function within an organization?
Question477: What is the PRIMARY purpose of performing a parallel run of a now system?
Question478: Which of the following should be the GREATEST concern to an IS auditor reviewing the information security framework of an organization?
Question479: While conducting a follow-up on an asset management audit, the IS auditor finds paid invoices for IT devices not recorded in the organization's inventory. Which of the following is the auditor's BEST course of action?
Question480: Which of the following is MOST useful for determining whether the goals of IT are aligned with the organization's goals?
Question481: An organization has decided to build a data warehouse using source data from several disparate systems to support strategic decision-making.
Which of the following is the BEST way to ensure the accuracy and completeness of the data used to support business decisions?
Question482: An IS auditor is reviewing an organization's information asset management process. Which of the following would be of GREATEST concern to the auditor?
Question483: Which of the following is MOST useful to an IS auditor performing a review of access controls for a document management system?
Question484: Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization's data loss prevention (DLP) controls?
Question485: An organization has made a strategic decision to split into separate operating entities to improve profitability.
However, the IT infrastructure remains shared between the entities. Which of the following would BEST help to ensure that IS audit still covers key risk areas within the IT environment as part of its annual plan?
Question486: Which of the following is the MOST important reason for an IS auditor to examine the results of a post- incident review performed after a security incident?
Question487: An IS auditor is performing a follow-up audit for findings identified in an organization's user provisioning process Which of the following is the MOST appropriate population to sample from when testing for remediation?
Question488: One advantage of monetary unit sampling is the fact that
Question489: Which of the following should be done FIRST when planning a penetration test?
Question490: Which of the following is the BEST indicator for measuring performance of IT help desk function?
Question491: Which of the following would BEST guide an IS auditor when determining an appropriate time to schedule the follow-up of agreed corrective actions for reported audit issues?
Question492: Which of the following is MOST important when defining the IS audit scope?
Question493: The waterfall life cycle model of software development is BEST suited for which of the following situations?
Question494: Which of the following is the GREATEST advantage of vulnerability scanning over penetration testing?
Question495: Which of the following is the BEST security control to validate the integrity of data communicated between production databases and a big data analytics system?
Question496: Which of the following would BEST help lo support an auditor's conclusion about the effectiveness of an implemented data classification program?
Question497: Which of the following findings should be of GREATEST concern to an IS auditor performing a review of IT operations?
Question498: Which of the following is the BEST way to verify the effectiveness of a data restoration process?
Question499: Which of the following BEST enables an IS auditor to combine and compare access control lists from various applications and devices?
Question500: In which phase of penetration testing would host detection and domain name system (DNS) interrogation be performed?
Question501: An IS auditor is reviewing the service agreement with a technology company that provides IT help desk services to the organization. Which of the following monthly performance metrics is the BEST indicator of service quality?
Question502: When planning a follow-up, the IS auditor is informed by operational management that recent organizational changes have addressed the previously identified risk and implementing the action plan is no longer necessary. What should the auditor do NEXT?
Question503: An organization's strategy to source certain IT functions from a software as a service (SaaS) provider should be approved by the:
Question504: Which of the following is the BEST method to safeguard data on an organization's laptop computers?
Question505: When protecting the confidentiality of information assets, the MOST effective control practice is the:
Question506: Which of the following is the MOST effective control over visitor access to highly secured areas?
Question507: After delivering an audit report, the audit manager discovers that evidence was overlooked during the audit This evidence indicates that a procedural control may have failed and could contradict a conclusion of the audit Which of the following risks is MOST affected by this oversight?
Question508: Which of the following are used in a firewall to protect the entity's internal resources?
Question509: In an annual audit cycle, the audit of an organization's IT department resulted in many findings. Which of the following would be the MOST important consideration when planning the next audit?
Question510: Compared to developing a system in-house, acquiring a software package means that the need for testing by end users is:
Question511: Which of the following information security requirements BE ST enables the tracking of organizational data in a bring your own device (BYOD) environment?
Question512: Which of the following should be the PRIMARY objective of conducting an audit follow-up of management action plans?
Question513: An IS auditor reviewing a job scheduling tool notices performance and reliability problems. Which of the following is MOST likely affecting the tool?
Question514: Which of the following BEST facilitates strategic program management?
Question515: When reviewing the functionality of an intrusion detection system (IDS), the IS auditor should be MOST concerned if:
Question516: An IS auditor is evaluating the access controls for a shared customer relationship management (CRM) system.
Which of the following would be the GREATEST concern?
Question517: An organization has both an IT strategy committee and an IT steering committee. When reviewing the minutes of the IT steering committee, an IS auditor would expect to find that the committee:
Question518: An IS auditor finds that an organization's data loss prevention (DLP) system is configured to use vendor default settings to identify violations. The auditor's MAIN concern should be that:
Question519: Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?
Question520: Which of the following presents the GREATEST risk associated with end-user computing (EUC) applica- tions over financial reporting?
Question521: Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's job scheduling practices?
Question522: A web application is developed in-house by an organization. Which of the following would provide the BEST evidence to an IS auditor that the application is secure from external attack?
Question523: An auditee disagrees with a recommendation for corrective action that appears in the draft engagement report.
Which of the following is the IS auditor's BEST course of action when preparing the final report?
Question524: An IS auditor evaluating the change management process must select a sample from the change log. What is the BEST way to the auditor to confirm the change log is complete?
Question525: A source code repository should be designed to:
Question526: Which of the following should be the GREATEST concern for an IS auditor assessing an organization's disaster recovery plan (DRP)?
Question527: During a follow-up audit, an IS auditor finds that senior management has implemented a different remediation action plan than what was previously agreed upon. Which of the following is the auditor's BEST course of action?
Question528: An IS auditor learns that an organization's business continuity plan (BCP) has not been updated in the last 18 months and that the organization recently closed a production plant. Which of the following is the auditor's BEST course of action?
Question529: A proper audit trail of changes to server start-up procedures would include evidence of:
Question530: Which of the following is the GREATEST risk when relying on reports generated by end-user computing (EUC)?
Question531: Which of the following provides the BEST evidence that system requirements are met when evaluating a project before implementation?
Question532: The business case for an information system investment should be available for review until the:
Question533: Which of the following should be an IS auditor's GREATEST concern when a data owner assigns an incorrect classification level to data?
Question534: Which of the following is the BEST way to ensure that business continuity plans (BCPs) will work effectively in the event of a major disaster?
Question535: In the development of a new financial application, the IS auditor's FIRST involvement should be in the:
Question536: Which of the following findings should be of GREATEST concern to an IS auditor reviewing an organization s newly implemented online security awareness program'?
Question537: Which of the following is the GREATEST risk of using a reciprocal site for disaster recovery?
Question538: Which of the following would be of MOST concern for an IS auditor evaluating the design of an organization's incident management processes?
Question539: Which of the following should be the IS auditor's PRIMARY focus, when evaluating an organization's offsite storage facility?
Question540: The PRIMARY focus of a post-implementation review is to verify that:
Question541: In an environment where data virtualization is used, which of the following provides the BEST disaster recovery solution?
Question542: During a follow-up audit, it was found that a complex security vulnerability of low risk was not resolved within the agreed-upon timeframe. IT has stated that the system with the identified vulnerability is being replaced and is expected to be fully functional in two months Which of the following is the BEST course of action?
Question543: A programmer has made unauthorized changes to key fields in a payroll system report. Which of the following control weaknesses would have contributed MOST to this problem?
Question544: The due date of an audit project is approaching, and the audit manager has determined that only 60% of the audit has been completed. Which of the following should the audit manager do FIRST?
Question545: Which of the following is the BEST control to mitigate the malware risk associated with an instant messaging (IM) system?
Question546: Demonstrated support from which of the following roles in an organization has the MOST influence over information security governance?
Question547: Who is accountable for an organization's enterprise risk management (ERM) program?
Question548: When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:
Question549: An organization allows employees to retain confidential data on personal mobile devices. Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?
Question550: During the discussion of a draft audit report IT management provided suitable evidence that a process has been implemented for a control that had been concluded by the IS auditor as ineffective Which of the following is the auditor's BEST action?
Question551: Which of the following BEST supports the effectiveness of a compliance program?
Question552: A credit card company has decided to outsource the printing of customer statements It Is MOST important for the company to verify whether:
Question553: During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?
Question554: An IS auditor wants to determine who has oversight of staff performing a specific task and is referencing the organization's RACI chart. Which of the following roles within the chart would provide this information?
Question555: Which of the following is the GREATEST risk associated with security patches being automatically downloaded and applied to production servers?
Question556: An IS auditor reviewing incident response management processes notices that resolution times for reoccurring incidents have not shown improvement. Which of the following is the auditor's BEST recommendation?
Question557: Which of the following helps to ensure the integrity of data for a system interface?
Question558: An IS auditor finds that application servers had inconsistent security settings leading to potential vulnerabilities. Which of the following is the BEST recommendation by the IS auditor?
Question559: Which of the following should be considered when examining fire suppression systems as part of a data center environmental controls review?
Question560: Which of the following should an IS auditor be MOST concerned with when a system uses RFID?
Question561: An IS auditor should be MOST concerned if which of the following fire suppression systems is utilized to protect an asset storage closet?
Question562: When auditing the closing stages of a system development protect which of the following should be the MOST important consideration?
Question563: An organization is planning to implement a work-from-home policy that allows users to work remotely as needed. Which of the following is the BEST solution for ensuring secure remote access to corporate resources?
Question564: Which of the following is the BEST disposal method for flash drives that previously stored confidential data?
Question565: Which of the following is a PRIMARY function of an intrusion detection system (IDS)?
Question566: An IS audit reveals that an organization operating in business continuity mode during a pandemic situation has not performed a simulation test of the business continuity plan (BCP). Which of the following is the auditor's BEST course of action?
Question567: During an audit which of the following would be MOST helpful in establishing a baseline for measuring data quality?
Question568: Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?
Question569: Which of the following should be used as the PRIMARY basis for prioritizing IT projects and initiatives?
Question570: Which of the following is MOST effective for controlling visitor access to a data center?
Question571: Which of the following would be MOST helpful to an IS auditor performing a risk assessment of an application programming interface (API) that feeds credit scores from a well-known commercial credit agency into an organizational system?
Question572: What should an IS auditor do FIRST when management responses
to an in-person internal control questionnaire indicate a key internal
control is no longer effective?
Question573: Which of the following is MOST important to determine during the planning phase of a cloud-based messaging and collaboration platform acquisition?
Question574: Which of the following is an analytical review procedure for a payroll system?
Question575: Which of the following is the MOST important Issue for an IS auditor to consider with regard to Voice-over IP (VoIP) communications?
Question576: An organization has decided to purchase a web-based email service from a third-party vendor and eliminate its own email server infrastructure. What type of cloud computing environment would BEST meet the organization's objective?
Question577: Which of the following is MOST important with regard to an application development acceptance test?
Question578: Which of the following is the MOST important prerequisite for implementing a data loss prevention (DLP) tool?
Question579: Which of the following is MOST important for an IS auditor to confirm when reviewing an organization's plans to implement robotic process automation (RPA> to automate routine business tasks?