EMT Practice Test

1. Question Content...


Question List

Question1: One benefit of return on investment (ROI) analysts in IT decision making is that it provides the:

Question2: Which of the following is the BEST sampling method to use when relatively few errors are expected to be found in a population?

Question3: Which of the following metrics is the BEST indicator of the performance of a web application

Question4: Which of the following BEST enables an IS auditor to combine and compare access control lists from various applications and devices?

Question5: Which of the following is the MAIN responsibility of the IT steering committee?

Question6: A core system fails a week after a scheduled update, causing an outage that impacts service. Which of the following is MOST important for incident management to focus on when addressing the issue?

Question7: Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?

Question8: During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?

Question9: Which of the following provides the MOST protection against emerging threats?

Question10: An IS auditor noted a recent production incident in which a teller transaction system incorrectly charged fees to customers due to a defect from a recent release. Which of the following should be the auditor's NEXT step?

Question11: Which of the following is the BEST way to detect unauthorized copies of licensed software on systems?

Question12: Which of the following is a method to prevent disclosure of classified documents printed on a shared printer?

Question13: Which of the following helps to ensure the integrity of data for a system interface?

Question14: Which type of review is MOST important to conduct when an IS auditor is informed that a recent internal exploitation of a bug has been discovered in a business application?

Question15: A review of IT interface controls finds an organization does not have a process to identify and correct records that do not get transferred to the receiving system. Which of the following is the IS auditor's BEST recommendation?

Question16: Which of the following would BEST facilitate the successful implementation of an IT-related framework?

Question17: An IS auditor who was instrumental in designing an application is called upon to review the application. The auditor should:

Question18: An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported. The auditee has stated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?

Question19: Which of the following is MOST important for an IS auditor to validate when auditing network device management?

Question20: Which of the following presents the GREATEST challenge to the alignment of business and IT?

Question21: What should be the PRIMARY focus during a review of a business process improvement project?

Question22: Which of the following BEST reflects a mature strategic planning process?

Question23: An IS auditor evaluating the change management process must select a sample from the change log. What is the BEST way to the auditor to confirm the change log is complete?

Question24: Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?

Question25: Which of the following is MOST important when planning a network audit?

Question26: An IS auditor is reviewing logical access controls for an organization's financial business application Which of the following findings should be of GREATEST concern to the auditor?

Question27: Which of the following is necessary for effective risk management in IT governance?

Question28: An IS auditor is reviewing the perimeter security design of a network. Which of the following provides the GREATEST assurance outgoing Internet traffic is controlled?

Question29: A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?

Question30: Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization's vulnerability scanning program''

Question31: Which of the following is the BEST point in time to conduct a post-implementation review?

Question32: Which of the following is the MOST important consideration when establishing vulnerability scanning on critical IT infrastructure?

Question33: Which of the following is the BEST indication of effective IT investment management?

Question34: Which of the following BEST enables the timely identification of risk exposure?

Question35: Which of the following cloud capabilities BEST enables an organization to meet unexpectedly high service demand?

Question36: The PRIMARY role of an IS auditor in the remediation of problems found during an audit engagement is to:

Question37: A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?

Question38: Which of the following should an IS auditor ensure is classified at the HIGHEST level of sensitivity?

Question39: Which of the following is the BEST metric to measure the alignment of IT and business strategy?

Question40: Which of the following is the GREATEST concern associated with a high number of IT policy exceptions approved by management?

Question41: An organization has implemented a new data classification scheme and asks the IS auditor to evaluate its effectiveness. Which of the following would be of GREATEST concern to the auditor?

Question42: An IS auditor is reviewing the service agreement with a technology company that provides IT help desk services to the organization. Which of the following monthly performance metrics is the BEST indicator of service quality?

Question43: When assessing whether an organization's IT performance measures are comparable to other organizations in the same industry, which of the following would be MOST helpful to review?

Question44: An IS auditor is assessing the adequacy of management's remediation action plan. Which of the following should be the MOST important consideration?

Question45: Which of the following should be the FIRST step m managing the impact of a recently discovered zero-day attack?

Question46: Which of the following should be GREATEST concern to an IS auditor reviewing data conversion and migration during the implementation of a new application system?

Question47: To mitigate the risk of exposing data through application programming interface (API) queries. which of the following design considerations is MOST important?

Question48: A manager Identifies active privileged accounts belonging to staff who have left the organization. Which of the following is the threat actor In this scenario?

Question49: Which of the following is the BEST way to determine whether a test of a disaster recovery plan (DRP) was successful?

Question50: Which of the following is MOST likely to be a project deliverable of an agile software development methodology?

Question51: Which of the following BEST describes the role of a document owner when implementing a data classification policy in an organization?

Question52: The business case for an information system investment should be available for review until the:

Question53: Which of the following BEST describes an audit risk?

Question54: An audit has identified that business units have purchased cloud-based applications without IPs support. What is the GREATEST risk associated with this situation?

Question55: A business has requested an audit to determine whether information stored in an application is adequately protected. Which of the following is the MOST important action before the audit work begins?

Question56: How is nonrepudiation supported within a public key infrastructure (PKI) environment?

Question57: A senior IS auditor suspects that a PC may have been used to perpetrate fraud in a finance department. The auditor should FIRST report this suspicion to:

Question58: The PRIMARY advantage of object-oriented technology is enhanced:

Question59: In an organization's feasibility study to acquire hardware to support a new web server, omission of which of the following would be of MOST concern?

Question60: Which of the following is the PRIMARY reason an IS auditor would recommend offsite backups although critical data is already on a redundant array of inexpensive disks (RAID)?

Question61: Which of the following must be in place before an IS auditor initiates audit follow-up activities?

Question62: An IS auditor discovers that backups of critical systems are not being performed in accordance with the recovery point objective (RPO) established in the business continuity plan (BCP). What should the auditor do NEXT?

Question63: An IS auditor is assigned to perform a post-implementation review of an application system. Which of the following would impair the auditor's independence?

Question64: An IS auditor will be testing accounts payable controls by performing data analytics on the entire population of transactions. Which of the following is MOST important for the auditor to confirm when sourcing the population data?

Question65: A transaction processing system interfaces with the general ledger. Data analytics has identified that some transactions are being recorded twice in the general ledger. While management states a system fix has been implemented, what should the IS auditor recommend to validate the interface is working in the future?

Question66: An IS auditor learns that an in-house system development life cycle (SDLC) project has not met user specifications. The auditor should FIRST examine requirements from which of the following phases?

Question67: An IS auditor finds that capacity management for a key system is being performed by IT with no input from the business The auditor's PRIMARY concern would be:

Question68: Who should be the FIRST to evaluate an audit report prior to issuing it to the project steering committee?

Question69: If a source code is not recompiled when program changes are implemented, which of the following is a compensating control to ensure synchronization of source and object?

Question70: An IS auditor finds that one employee has unauthorized access to confidential data. The IS auditor's BEST recommendation should be to:

Question71: Which type of attack poses the GREATEST risk to an organization's most sensitive data?

Question72: Which of the following is the BEST source of information to determine the required level of data protection on a file server?

Question73: Which of the following observations would an IS auditor consider the GREATEST risk when conducting an audit of a virtual server farm tor potential software vulnerabilities?

Question74: Which of the following documents should specify roles and responsibilities within an IT audit organization?

Question75: Which of the following is the MOST important area of focus for an IS auditor when developing a risk-based audit strategy?

Question76: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?

Question77: A checksum is classified as which type of control?

Question78: Which of the following is MOST important to consider when reviewing an organization's defined data backup and restoration procedures?

Question79: A senior IS auditor suspects that a PC may have been used to perpetrate fraud in a finance department. The auditor should FIRST report this suspicion to:

Question80: What is the BEST way to reduce the risk of inaccurate or misleading data proliferating through business intelligence systems?

Question81: What would be an IS auditor's BEST course of action when an auditee is unable to close all audit recommendations by the time of the follow-up audit?

Question82: Which of the following types of firewalls provide the GREATEST degree of control against hacker intrusion?

Question83: A bank has a combination of corporate customer accounts (higher monetary value) and small business accounts (lower monetary value) as part of online banking. Which of the following is the BEST sampling approach for an IS auditor to use for these accounts?

Question84: Which of the following presents the GREATEST risk of data leakage in the cloud environment?

Question85: Which of the following is MOST important to determine when conducting an audit Of an organization's data privacy practices?

Question86: Which of the following is MOST important for an effective control self-assessment (CSA) program?

Question87: An organization conducted an exercise to test the security awareness level of users by sending an email offering a cash reward 10 those who click on a link embedded in the body of the email. Which of the following metrics BEST indicates the effectiveness of awareness training?

Question88: Which of the following metrics would BEST measure the agility of an organization's IT function?

Question89: An organization has engaged a third party to implement an application to perform business-critical calculations. Which of the following is the MOST important process to help ensure the application provides accurate calculations?

Question90: Which of the following would BEST determine whether a post-implementation review (PIR) performed by the project management office (PMO) was effective?

Question91: Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's method to transport sensitive data between offices?

Question92: Which of the following is a corrective control?

Question93: Which of the following is the MOST appropriate and effective fire suppression method for an unstaffed computer room?

Question94: Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:

Question95: In which of the following sampling methods is the entire sample considered to be irregular if a single error is found?

Question96: When evaluating information security governance within an organization, which of the following findings should be of MOST concern to an IS auditor?

Question97: Backup procedures for an organization's critical data are considered to be which type of control?

Question98: Which of the following components of a risk assessment is MOST helpful to management in determining the level of risk mitigation to apply?

Question99: Which of the following would BEST detect that a distributed denial of service (DDoS) attack is occurring?

Question100: When auditing the closing stages of a system development protect which of the following should be the MOST important consideration?

Question101: Which of the following activities provides an IS auditor with the MOST insight regarding potential single person dependencies that might exist within the organization?

Question102: Which of the following is the PRIMARY reason an IS auditor should discuss observations with management before delivering a final report?

Question103: What should an IS auditor recommend to management as the MOST important action before selecting a Software as a Service (SaaS) vendor?

Question104: An IS auditor notes that the previous year's disaster recovery test was not completed within the scheduled time frame due to insufficient hardware allocated by a third-party vendor. Which of the following provides the BEST evidence that adequate resources are now allocated to successfully recover the systems?

Question105: Which of the following is the BEST performance indicator for the effectiveness of an incident management program?

Question106: During the walk-through procedures for an upcoming audit, an IS auditor notes that the key application in scope is part of a Software as a Service (SaaS) agreement. What should the auditor do NEXT?

Question107: Which of the following would be of GREATEST concern to an IS auditor reviewing an IT strategy document?

Question108: An IS auditor is reviewing security controls related to collaboration tools for a business unit responsible for intellectual property and patents. Which of the following observations should be of MOST concern to the auditor?

Question109: Which of the following is MOST important when defining the IS audit scope?

Question110: Data from a system of sensors located outside of a network is received by the open ports on a server. Which of the following is the BEST way to ensure the integrity of the data being collected from the sensor system?

Question111: Which of the following measures BEST mitigates the risk of data exfiltration during a cyberattack?

Question112: An IS auditor observes that a business-critical application does not currently have any level of fault tolerance.
Which of the following is the GREATEST concern with this situation?

Question113: Which of the following is the BEST way to mitigate the risk associated with unintentional modifications of complex calculations in end-user computing (EUC)?

Question114: While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed with the audit function. In order to resolve the situation, the IS auditor's BEST course of action would be to:

Question115: Which of the following will BEST ensure that a proper cutoff has been established to reinstate transactions and records to their condition just prior to a computer system failure?

Question116: Which of the following BEST ensures the quality and integrity of test procedures used in audit analytics?

Question117: When auditing the security architecture of an online application, an IS auditor should FIRST review the:

Question118: An organization has implemented a distributed security administration system to replace the previous centralized one. Which of the following presents the GREATEST potential concern?

Question119: Secure code reviews as part of a continuous deployment program are which type of control?

Question120: An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?

Question121: A senior IS auditor suspects that a PC may have been used to perpetrate fraud in a finance department. The auditor should FIRST report this suspicion to:

Question122: Following the sale of a business division, employees will be transferred to a new organization, but they will retain access to IT equipment from the previous employer. An IS auditor has recommended that both organizations agree to and document an acceptable use policy for the equipment. What type of control has been recommended?

Question123: The PRIMARY purpose of a configuration management system is to:

Question124: Which of the following is MOST appropriate to review when determining if the work completed on an IT project is in alignment with budgeted costs?

Question125: Recovery facilities providing a redundant combination of Internet connections to the local communications loop is an example of which type of telecommunications continuity?

Question126: Which of the following is MOST helpful for measuring benefits realization for a new system?

Question127: To reduce operational costs, IT management plans to reduce the number of servers currently used to run business applications. Which of the following is MOST helpful to review when identifying which servers are no longer required?

Question128: The record-locking option of a database management system (DBMS) serves to.

Question129: Which of the following methods would BEST help detect unauthorized disclosure of confidential documents sent over corporate email?

Question130: During an ongoing audit, management requests a briefing on the findings to date. Which of the following is the IS auditor's BEST course of action?

Question131: Which of the following provides the BEST evidence of the validity and integrity of logs in an organization's security information and event management (SIEM) system?

Question132: IS management has recently disabled certain referential integrity controls in the database management system (DBMS) software to provide users increased query performance. Which of the following controls will MOST effectively compensate for the lack of referential integrity?

Question133: An IS auditor notes that not all security tests were completed for an online sales system recently promoted to production. Which of the following is the auditor's BEST course of action?

Question134: Which of the following is the MOST important reason to classify a disaster recovery plan (DRP) as confidential?

Question135: What is the BEST control to address SQL injection vulnerabilities?

Question136: Which of the following non-audit activities may impair an IS auditor's independence and objectivity?

Question137: An organization's sensitive data is stored in a cloud computing environment and is encrypted. Which of the following findings should be of GREATEST concern to an IS auditor?

Question138: Which of the following features of a library control software package would protect against unauthorized updating of source code?

Question139: An IS auditor has been tasked to review the processes that prevent fraud within a business expense claim system. Which of the following stakeholders is MOST important to involve in this review?

Question140: An organization has recently implemented a Voice-over IP (VoIP) communication system. Which ot the following should be the IS auditor's PRIMARY concern?

Question141: Which of the following should be the FIRST step in the incident response process for a suspected breach?

Question142: Which of the following should be the FIRST step to successfully implement a corporate data classification program?

Question143: Afire alarm system has been installed in the computer room The MOST effective location for the fire alarm control panel would be inside the

Question144: Which of the following should be of GREATEST concern to an IS auditor when using data analytics?

Question145: When developing customer-facing IT applications, in which stage of the system development life cycle (SDLC) is it MOST beneficial to consider data privacy principles?

Question146: Which of the following would BEST help lo support an auditor's conclusion about the effectiveness of an implemented data classification program?

Question147: Which of the following provides the BEST providence that outsourced provider services are being properly managed?

Question148: Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?

Question149: Which of the following BEST Indicates that an incident management process is effective?

Question150: When classifying information, it is MOST important to align the classification to:

Question151: IT disaster recovery time objectives (RTOs) should be based on the:

Question152: An IS auditor determines that the vendor's deliverables do not include the source code for a newly acquired product. To address this issue, which of the following should the auditor recommend be included in the contract?

Question153: What is the FIRST step when creating a data classification program?

Question154: Which of the following BEST supports the effectiveness of a compliance program?

Question155: When planning a review of IT governance, an IS auditor is MOST likely to:

Question156: Which of the following is the BEST way to ensure an organization's data classification policies are preserved during the process of data transformation?

Question157: Which of the following is the BEST method to prevent wire transfer fraud by bank employees?

Question158: Which of the following approaches will ensure recovery time objectives (RTOs) are met for an organization's disaster recovery plan (DRP)?

Question159: Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?

Question160: An organization has replaced all of the storage devices at its primary data center with new higher-capacity units The replaced devices have been installed at the disaster recovery site to replace older units An IS auditor s PRIMARY concern would be whether

Question161: An IS auditor can BEST evaluate the business impact of system failures by:

Question162: An IS auditor discovers that validation controls in a web application have been moved from the server side into the browser to boost performance. This would MOST likely increase the risk of a successful attack by:

Question163: Which of the following methods BEST enforces data leakage prevention in a multi-tenant cloud environment?

Question164: During a closing meeting, the IT manager disagrees with a valid audit finding presented by the IS auditor and requests the finding be excluded from the final report. Which of the following is the auditor's BEST course of action?

Question165: Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?

Question166: If a recent release of a program has to be backed out of production, the corresponding changes within the delta version of the code should be:

Question167: An organization has outsourced the development of a core application. However, the organization plans to bring the support and future maintenance of the application back in-house. Which of the following findings should be the IS auditor's GREATEST concern?

Question168: Who is PRIMARILY responsible for the design of IT controls to meet control objectives?

Question169: A data center's physical access log system captures each visitor's identification document numbers along with the visitor's photo. Which of the following sampling methods would be MOST useful to an IS auditor conducting compliance testing for the effectiveness of the system?

Question170: Which of the following types of firewalls provides the GREATEST degree of control against hacker intrusion?

Question171: Which of the following should be the PRIMARY focus when communicating an IS audit issue to management?

Question172: Which of the following is the MOST effective control for protecting the confidentiality and integrity of data stored unencrypted on virtual machines?

Question173: In an annual audit cycle, the audit of an organization's IT department resulted in many findings. Which of the following would be the MOST important consideration when planning the next audit?

Question174: Which of the following would lead an IS auditor to conclude that the evidence collected during a digital forensic investigation would not be admissible in court?

Question175: An employee loses a mobile device resulting in loss of sensitive corporate data. Which o( the following would have BEST prevented data leakage?

Question176: An IS auditor plans to review all access attempts to a video-monitored and proximity card-controlled communications room. Which of the following would be MOST useful to the auditor?

Question177: An IS auditor is evaluating an enterprise resource planning (ERP) migration from local systems to the cloud.
Who should be responsible for the data
classification in this project?

Question178: An organization is ready to implement a new IT solution consisting of multiple modules. The last module updates the processed data into the database. Which of the following findings should be of MOST concern to the IS auditor?

Question179: Which of the following data would be used when performing a business impact analysis (BIA)?

Question180: The BEST way to evaluate the effectiveness of a newly developed application is to:

Question181: Which of the following is the GREATEST impact as a result of the ongoing deterioration of a detective control?

Question182: Which of the following is a PRIMARY responsibility of an IT steering committee?

Question183: An organization's IT risk assessment should include the identification of:

Question184: A now regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?

Question185: A proper audit trail of changes to server start-up procedures would include evidence of:

Question186: An IS auditor is reviewing enterprise governance and finds there is no defined organizational structure for technology risk governance. Which of the following is the GREATEST concern with this lack of structure?

Question187: Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?

Question188: An organization's security policy mandates that all new employees must receive appropriate security awareness training. Which of the following metrics would BEST assure compliance with this policy?

Question189: An organization uses public key infrastructure (PKI) to provide email security. Which of the following would be the MOST efficient method to determine whether email messages have been modified in transit?

Question190: Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS audit has been asked to conduct a control assessment. the auditor's BEST course of action would be to determine if:

Question191: The PRIMARY benefit lo using a dry-pipe fire-suppression system rather than a wet-pipe system is that a dry-pipe system:

Question192: Which of the following is the MOST important outcome of an information security program?

Question193: Which of the following would be the BEST process for continuous auditing to a large financial Institution?

Question194: Which of the following tests would provide the BEST assurance that a health care organization is handling patient data appropriately?

Question195: An organization has an acceptable use policy in place, but users do not formally acknowledge the policy.
Which of the following is the MOST significant risk from this finding?

Question196: Which audit approach is MOST helpful in optimizing the use of IS audit resources?

Question197: Which of the following is the BEST methodology to use for estimating the complexity of developing a large business application?

Question198: Which of the following would be an IS auditor's BEST recommendation to senior management when several IT initiatives are found to be misaligned with the organization's strategy?

Question199: Which of the following biometric access controls has the HIGHEST rate of false negatives?

Question200: When auditing an organization's software acquisition process the BEST way for an IS auditor to understand the software benefits to the organization would be to review the

Question201: Which of the following provides the MOST assurance over the completeness and accuracy ol loan application processing with respect to the implementation of a new system?

Question202: Which of the following should be used as the PRIMARY basis for prioritizing IT projects and initiatives?

Question203: Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?

Question204: Which of the following is the GREATEST risk of project dashboards being set without sufficiently defined criteria?

Question205: Which of the following is the MOST efficient solution for a multi-location healthcare organization that wants to be able to access patient data wherever patients present themselves for care?

Question206: An IS auditor should look for which of the following to ensure the risk associated with scope creep has been mitigated during software development?

Question207: Which of the following BEST enables the effectiveness of an agile project for the rapid development of a new software application?

Question208: Which of the following is an example of a preventative control in an accounts payable system?

Question209: Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?

Question210: An IS auditor discovers from patch logs that some in-scope systems are not compliant with the regular patching schedule. What should the auditor do NEXT?

Question211: Prior to a follow-up engagement, an IS auditor learns that management has decided to accept a level of residual risk related to an audit finding without remediation. The IS auditor is concerned about management's decision. Which of the following should be the IS auditor's NEXT course of action?

Question212: Which of the following is the BEST source of information tor an IS auditor to use when determining whether an organization's information security policy is adequate?

Question213: Which of the following should be the FIRST step when conducting an IT risk assessment?

Question214: Which of the following is the GREATEST benefit of adopting an Agile audit methodology?

Question215: Which of the following would be of GREATEST concern to an IS auditor reviewing an IT-related customer service project?

Question216: Which of the following is the PRIMARY objective of implementing privacy-related controls within an organization?

Question217: Which of the following should be the PRIMARY role of an internal audit function in the management of identified business risks?

Question218: Which of the following should be of GREATEST concern to an IS auditor reviewing a network printer disposal process?

Question219: What should an IS auditor evaluate FIRST when reviewing an organization's response to new privacy legislation?

Question220: Stress testing should ideally be earned out under a:

Question221: Which of the following BEST ensures that effective change management is in place in an IS environment?

Question222: A finance department has a multi-year project to upgrade the enterprise resource planning (ERP) system hosting the general ledger. and in year one, the system version upgrade will be applied. Which of the following should be the PRIMARY focus of the IS auditor reviewing the first year of the project?

Question223: Which of the following applications has the MOST inherent risk and should be prioritized during audit planning?

Question224: Which type of attack targets security vulnerabilities in web applications to gain access to data sets?

Question225: When protecting the confidentiality of information assets, the MOST effective control practice is the:

Question226: Which of the following is the BEST detective control for a job scheduling process involving data transmission?

Question227: A new system development project is running late against a critical implementation deadline. Which of the following is the MOST important activity?

Question228: Which of the following areas is MOST likely to be overlooked when implementing a new data classification process?

Question229: A global organization's policy states that all workstations must be scanned for malware each day. Which of the following would provide an IS auditor with the BEST evidence of continuous compliance with this policy?

Question230: Which of the following tests is MOST likely to detect an error in one subroutine resulting from a recent change in another subroutine?

Question231: Which of the following risk scenarios is BEST addressed by implementing policies and procedures related to full disk encryption?

Question232: Which of the following management decisions presents the GREATEST risk associated with data leakage?

Question233: What Is the BEST method to determine if IT resource spending is aligned with planned project spending?

Question234: Which of the following BEST guards against the risk of attack by hackers?

Question235: Which of the following statements appearing in an organization's acceptable use policy BEST demonstrates alignment with data classification standards related to the protection of information assets?

Question236: An IS auditor is reviewing a bank's service level agreement (SLA) with a third-party provider that hosts the bank's secondary data center, which of the following findings should be of GREATEST concern to the auditor?

Question237: An IS auditor should be MOST concerned if which of the following fire suppression systems is utilized to protect an asset storage closet?

Question238: Capacity management tools are PRIMARILY used to ensure that:

Question239: Which of the following provides the MOST reliable method of preventing unauthonzed logon?

Question240: When testing the accuracy of transaction data, which of the following situations BEST justifies the use of a smaller sample size?

Question241: Which of the following will provide the GREATEST assurance to IT management that a quality management system (QMS) is effective?

Question242: A steering committee established to oversee an organization's digital transformation program is MOSTlikely to be involved with which of the following activities?

Question243: An organization outsourced its IS functions to meet its responsibility for disaster recovery, the organization should:

Question244: Which of the following is the GREATEST advantage of maintaining an internal IS audit function within an organization?

Question245: Which of the following provides the MOST useful information to an IS auditor when selecting projects for inclusion in an IT audit plan?

Question246: An organization plans to replace its nightly batch processing backup to magnetic tape with real-time replication to a second data center. Which of the following is the GREATEST risk associated with this change?

Question247: The PRIMARY purpose of an incident response plan is to:

Question248: What is the GREATEST concern for an IS auditor reviewing contracts for licensed software that executes a critical business process?

Question249: Which of the following can BEST reduce the impact of a long-term power failure?

Question250: During the planning phase of a data loss prevention (DLP) audit, management expresses a concern about mobile computing. Which of the following should the IS auditor identify as the associated risk?

Question251: Which type of control has been established when an organization implements a security information and event management (SIEM) system?

Question252: Which of the following is the PRIMARY advantage of parallel processing for a new system implementation?

Question253: An IS auditor is reviewing an organization's primary router access control list. Which of the following should result in a finding?

Question254: Which of the following is the MOST important prerequisite for the protection of physical information assets in a data center?

Question255: An organization is considering allowing users to connect personal devices to the corporate network. Which of the following should be done FIRST?

Question256: During which process is regression testing MOST commonly used?

Question257: A financial group recently implemented new technologies and processes, Which type of IS audit would provide the GREATEST level of assurance that the department's objectives have been met?

Question258: Which of the following would protect the confidentiality of information sent in email messages?

Question259: An internal audit department recently established a quality assurance (QA) program. Which of the following activities Is MOST important to include as part of the QA program requirements?

Question260: Which of the following is MOST useful for determining whether the goals of IT are aligned with the organization's goals?

Question261: The PRIMARY objective of value delivery in reference to IT governance is to:

Question262: An IS auditor discovers an option in a database that allows the administrator to directly modify any table. This option is necessary to overcome bugs in the software, but is rarely used. Changes to tables are automatically logged. The IS auditor's FIRST action should be to:

Question263: Which of the following is the BEST compensating control when segregation of duties is lacking in a small IS department?

Question264: Which of the following would be of MOST concern for an IS auditor evaluating the design of an organization's incident management processes?

Question265: The BEST way to provide assurance that a project is adhering to the project plan is to:

Question266: Which of the following physical controls provides the GREATEST assurance that only authorized individuals can access a data center?

Question267: Management is concerned about sensitive information being intentionally or unintentionally emailed as attachments outside the organization by employees. What is the MOST important task before implementing any associated email controls?

Question268: Which of the following would be an appropriate role of internal audit in helping to establish an organization's privacy program?

Question269: When assessing the overall effectiveness of an organization's disaster recovery planning process, which of the following is MOST important for the IS auditor to verify?

Question270: The GREATEST benefit of using a polo typing approach in software development is that it helps to:

Question271: Management receives information indicating a high level of risk associated with potential flooding near the organization's data center within the next few years. As a result, a decision has been made to move data center operations to another facility on higher ground. Which approach has been adopted?

Question272: During a follow-up audit, an IS auditor finds that some critical recommendations have the IS auditor's BEST course of action?

Question273: Which of the following is MOST important to include in forensic data collection and preservation procedures?

Question274: During which phase of the software development life cycle should an IS auditor be consulted to recommend security controls?

Question275: A secure server room has a badge reader system that records name, date, and time information whenever a staff member uses a badge to enter or exit. When reviewing the system logs, an IS auditor notices records for some employees entering, but not exiting, the room. Which of the following would be the MOST effective compensating control to recommend?

Question276: Which of the following should be restricted from a network administrator's privileges in an adequately segregated IT environment?

Question277: Which of the following would BEST indicate the effectiveness of a security awareness training program?

Question278: During an audit of payment services of a branch based in a foreign country, a large global bank's audit team identifies an opportunity to use data analytics techniques to identify abnormal payments. Which of the following is the team's MOST important course of action?

Question279: An IS auditor has been asked to provide support to the control self-assessment (CSA) program. Which of the following BEST represents the scope of the auditor's role in the program?

Question280: An organization has developed mature risk management practices that are followed across all departments What is the MOST effective way for the audit team to leverage this risk management maturity?

Question281: An IS auditor discovers that due to resource constraints a database administrator (DBA) is responsible for developing and executing changes into the production environment Which ot the following should the auditor do FIRSTS

Question282: An organization allows programmers to change production systems in emergency situations without seeking prior approval. Which of the following controls should an IS auditor consider MOST important?

Question283: A web proxy server for corporate connections to external resources reduces organizational risk by:

Question284: An IS auditor is reviewing the security of a web-based customer relationship management (CRM) system that is directly accessed by customers via the Internet, which of the following should be a concern for the auditor?

Question285: In which phase of the internal audit process is contact established with the individuals responsible for the business processes in scope for review?

Question286: Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?

Question287: Following an IT audit, management has decided to accept the risk highlighted in the audit report. Which of the following would provide the MOST assurance to the IS auditor that management is adequately balancing the needs of the business with the need to manage risk?

Question288: An IS auditor concludes that an organization has a quality security policy. Which of the following is MOST important to determine next? The policy must be:

Question289: An IS auditor finds that a number of key patches have not been applied in a timely manner due to re-source constraints. Which of the following is the GREATEST risk to the organization in this situation?

Question290: The PRIMARY objective of a follow-up audit is to:

Question291: To confirm integrity for a hashed message, the receiver should use:

Question292: Which of the following provides IS audit professionals with the BEST source of direction for performing audit functions?

Question293: A database administrator (DBA) should be prevented from having end user responsibilities:

Question294: Which of the following is the GREATEST risk of using a reciprocal site for disaster recovery?

Question295: Which of the following is an IS auditor's BEST recommendation for mitigating risk associated with inadvertent disclosure of sensitive information by employees?

Question296: An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that

Question297: An organization is shifting to a remote workforce In preparation the IT department is performing stress and capacity testing of remote access infrastructure and systems What type of control is being implemented?

Question298: Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?

Question299: To develop meaningful recommendations 'or findings, which of the following is MOST important 'or an IS auditor to determine and understand?

Question300: An IS auditor is reviewing a machine learning algorithm-based system for loan approvals and is preparing a data set to test the algorithm for bias. Which of the following is MOST important for the auditor's test data set to include?

Question301: Which of the following is the MOST efficient control to reduce the risk associated with a systems administrator having network administrator responsibilities?

Question302: An organization has partnered with a third party to transport backup drives to an offsite storage facility. Which of the following is MOST important before sending the drives?

Question303: An IS auditor notes that several employees are spending an excessive amount of time using social media sites for personal reasons. Which of the following should the auditor recommend be performed FIRST?

Question304: Which of the following BEST demonstrates that IT strategy Is aligned with organizational goals and objectives?

Question305: Which of the following BEST enables an IS auditor to confirm the batch processing to post transactions from an input source is successful?

Question306: Which of the following approaches would utilize data analytics to facilitate the testing of a new account creation process?

Question307: Which of the following is the BEST control to minimize the risk of unauthorized access to lost company-owned mobile devices?

Question308: Which of the following is MOST useful to an IS auditor performing a review of access controls for a document management system?

Question309: Which of the following would BEST prevent an arbitrary application of a patch?

Question310: Which of the following would provide the BEST evidence of an IT strategy corrections effectiveness?

Question311: Which of the following should an IS auditor expect to see in a network vulnerability assessment?

Question312: What should an IS auditor do FIRST when management responses
to an in-person internal control questionnaire indicate a key internal
control is no longer effective?

Question313: Which of the following poses the GREATEST risk to an organization when employees use public social networking sites?

Question314: Which of the following is the MOST effective way to evaluate the physical security of a data center?

Question315: Which of the following is the MAJOR advantage of automating internal controls?

Question316: Which of the following provides the MOST assurance of the integrity of a firewall log?

Question317: Which of the following provides a new IS auditor with the MOST useful information to evaluate overall IT performance?

Question318: The due date of an audit project is approaching, and the audit manager has determined that only 60% of the audit has been completed. Which of the following should the audit manager do FIRST?

Question319: Which of the following would BEST guide an IS auditor when determining an appropriate time to schedule the follow-up of agreed corrective actions for reported audit issues?

Question320: An IS auditor reviewing the throat assessment for a data cantor would be MOST concerned if:

Question321: A small IT department has embraced DevOps, which allows members of this group to deploy code to production and maintain some development access to automate releases. Which of the following is the MOST effective control?

Question322: An organization has recently acquired and implemented intelligent-agent software for granting loans to customers. During the post-implementation review, which of the following is the MOST important procedure for the IS auditor to perform?

Question323: Which of the following should be the PRIMARY consideration when validating a data analytic algorithm that has never been used before?

Question324: Which of the following information security requirements BE ST enables the tracking of organizational data in a bring your own device (BYOD) environment?

Question325: Which of the following observations regarding change management should be considered the MOST serious risk by an IS auditor?

Question326: What is the PRIMARY benefit of an audit approach which requires reported findings to be issued together with related action plans, owners, and target dates?

Question327: Which of the following is the PRIMARY advantage of using an automated security log monitoring tool instead of conducting a manual review to monitor the use of privileged access?

Question328: An IS audit team is evaluating documentation of the most recent application user access review. It is determined that the user list was not system generated. Which of the following should be of MOST concern?

Question329: An organization that has suffered a cyber-attack is performing a forensic analysis of the affected users' computers. Which of the following should be of GREATEST concern for the IS auditor reviewing this process?

Question330: Which of the following should be an IS auditor's PRIMARY focus when evaluating the response process for cybercrimes?

Question331: Which of the following should be of MOST concern to an IS auditor reviewing the public key infrastructure (PKI) for enterprise email?

Question332: A web application is developed in-house by an organization. Which of the following would provide the BEST evidence to an IS auditor that the application is secure from external attack?

Question333: The process of applying a hash function to a message and obtaining and ciphering a digest refers to:

Question334: Which of the following is the GREATEST risk if two users have concurrent access to the same database record?

Question335: Which of the following is the GREATEST risk if two users have concurrent access to the same database record?

Question336: An auditee disagrees with a recommendation for corrective action that appears in the draft engagement report.
Which of the following is the IS auditor's BEST course of action when preparing the final report?

Question337: An organization requires the use of a key card to enter its data center. Recently, a control was implemented that requires biometric authentication for each employee.
Which type of control has been added?

Question338: When reviewing the functionality of an intrusion detection system (IDS), the IS auditor should be MOST concerned if:

Question339: Which of the following findings should be of GREATEST concern to an IS auditor reviewing an organization s newly implemented online security awareness program'?

Question340: Which of the following are used in a firewall to protect the entity's internal resources?

Question341: Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization's data loss prevention (DLP) controls?

Question342: An organization's information security policies should be developed PRIMARILY on the basis of:

Question343: In a high-volume, real-time system, the MOST effective technique by which to continuously monitor and analyze transaction processing is:

Question344: An organization's enterprise architecture (EA) department decides to change a legacy system's components while maintaining its original functionality. Which of the following is MOST important for an IS auditor to understand when reviewing this decision?

Question345: During a physical security audit, an IS auditor was provided a proximity badge that granted access to three specific floors in a corporate office building. Which of the following issues should be of MOST concern?

Question346: A security administrator is called in the middle of the night by the on-call programmer A number of programs have failed, and the programmer has asked for access to the live system. What IS the BEST course of action?

Question347: In a small IT web development company where developers must have write access to production, the BEST recommendation of an IS auditor would be to:

Question348: Who is PRIMARILY responsible for the design of IT controls to meet control objectives?

Question349: Which of the following environments is BEST used for copying data and transformation into a compatible data warehouse format?

Question350: Which of the following should an organization do to anticipate the effects of a disaster?

Question351: Which of the following is the MOST important consideration for patching mission critical business application servers against known vulnerabilities?

Question352: Which of the following should be the PRIMARY basis for prioritizing follow-up audits?

Question353: Which of the following findings would be of GREATEST concern to an IS auditor assessing an organization's patch management process?

Question354: Which of the following would provide the BEST evidence that a cloud provider's change management process is effective?

Question355: Which of the following should be done FIRST when planning a penetration test?

Question356: Which of the following is the MOST effective way to identify exfiltration of sensitive data by a malicious insider?

Question357: Audit frameworks cart assist the IS audit function by:

Question358: Which of the following is MOST important with regard to an application development acceptance test?

Question359: Which of following is MOST important to determine when conducting a post-implementation review?

Question360: During a project assessment, an IS auditor finds that business owners have been removed from the project initiation phase. Which of the following should be the auditor's GREATEST concern with this situation?

Question361: Which of the following would be of GREATEST concern to an IS auditor reviewing the resiliency of an organizational network that has two internet connections?

Question362: An IS auditor learns that an organization's business continuity plan (BCP) has not been updated in the last 18 months and that the organization recently closed a production plant. Which of the following is the auditor's BEST course of action?

Question363: An incident response team has been notified of a virus outbreak in a network subnet. Which of the following should be the NEXT step?

Question364: Which of the following findings would be of GREATEST concern to an IS auditor reviewing firewall security for an organization's corporate network?

Question365: Stress testing should ideally be carried out under a:

Question366: Which of the following is MOST important to ensure that electronic evidence collected during a forensic investigation will be admissible in future legal proceedings?

Question367: Which of the following will MOST likely compromise the control provided By a digital signature created using RSA encryption?

Question368: An IS audit manager is preparing the staffing plan for an audit engagement of a cloud service provider. What should be the manager's PRIMARY concern when being made aware that a new auditor in the department previously worked for this provider?

Question369: An IS auditor wants to inspect recent events in a system to observe failed authentications and password changes. Which of the following is the MOST appropriate method to use for this purpose?

Question370: Which of the following provides the BEST assurance of data integrity after file transfers?

Question371: Which of the following is the BEST way to address potential data privacy concerns associated with inadvertent disclosure of machine identifier information contained within security logs?

Question372: Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?

Question373: Which of the following BEST demonstrates to senior management and the board that an audit function is compliant with standards and the code of ethics?

Question374: Which of the following is the GREATEST security risk associated with data migration from a legacy human resources (HR) system to a cloud-based system?

Question375: Which of the following would be MOST useful to an IS auditor when making recommendations to enable continual improvement of IT processes over time?

Question376: Which of the following BEST enables alignment of IT with business objectives?

Question377: An IS auditor finds that a recently deployed application has a number of developers with inappropriate update access left over from the testing environment. Which of the following would have BEST prevented the update access from being migrated?

Question378: Which of the following provides the GREATEST assurance that a middleware application compiling data from multiple sales transaction databases for forecasting is operating effectively?

Question379: During an IT general controls audit of a high-risk area where both internal and external audit teams are reviewing the same approach to optimize resources?

Question380: An IS auditor learns a server administration team regularly applies workarounds to address repeated failures of critical data processing services Which of the following would BEST enable the organization to resolve this issue?

Question381: Which of the following is the BEST way to foster continuous improvement of IS audit processes and practices?

Question382: Which of the following is the GREATEST concern related to an organization's data classification processes?

Question383: An organization is planning to implement a work-from-home policy that allows users to work remotely as needed. Which of the following is the BEST solution for ensuring secure remote access to corporate resources?

Question384: Which of the following is the BEST method to safeguard data on an organization's laptop computers?

Question385: An organization allows its employees lo use personal mobile devices for work. Which of the following would BEST maintain information security without compromising employee privacy?

Question386: An IS auditor discovers that an IT organization serving several business units assigns equal priority to all initiatives, creating a risk of delays in securing project funding Which of the following would be MOST helpful in matching demand for projects and services with available resources in a way that supports business objectives?

Question387: Which of the following should be of GREATEST concern to an IS auditor conducting an audit of an organization that recently experienced a ransomware attack?

Question388: An IS auditor finds a user account where privileged access is not appropriate for the user's role. Which of the following would provide the BEST evidence to determine whether the risk of this access has been exploited?

Question389: Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?

Question390: Which of the following will provide the GREATEST assurance to IT management that a quality management system (QMS) is effective?

Question391: Spreadsheets are used to calculate project cost estimates. Totals for each cost category are then keyed into the job-costing system. What is the BEST control to ensure that data is accurately entered into the system?

Question392: Which of the following is MOST useful when planning to audit an organization's compliance with cybersecurity regulations in foreign countries?

Question393: When verifying the accuracy and completeness of migrated data for a new application system replacing a legacy system. It is MOST effective for an IS auditor to review;

Question394: An external audit firm was engaged to perform a validation and verification review for a systems implementation project. The IS auditor identifies that regression testing is not part of the project plan and was not performed by the systems implementation team. According to the team, the parallel testing being performed is sufficient, making regression testing unnecessary. What should be the auditor's NEXT step?

Question395: An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?

Question396: With regard to resilience, which of the following is the GREATEST risk to an organization that has implemented a new critical system?

Question397: Which of the following methods will BEST reduce the risk associated with the transition to a new system using technologies that are not compatible with the old system?

Question398: A characteristic of a digital signature is that it

Question399: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?

Question400: Which of the following is a social engineering attack method?

Question401: An incident response team has been notified of a virus outbreak in a network subnet. Which of the following should be the NEXT step?

Question402: During the planning phase of a data loss prevention (DLP) audit, management expresses a concern about mobile computing. Which of the following should the IS auditor identity as the associated risk?

Question403: Which of the following findings would be of GREATEST concern to an IS auditor reviewing the security architecture of an organization that has just implemented a Zero Trust solution?

Question404: Which of the following is the BEST way for management to ensure the effectiveness of the cybersecurity incident response process?

Question405: Which of the following is MOST important for an IS auditor to verify when evaluating an organization's data conversion and infrastructure migration plan?

Question406: Which of the following should be an IS auditor's GREATEST concern when a data owner assigns an incorrect classification level to data?

Question407: A review of Internet security disclosed that users have individual user accounts with Internet service providers (ISPs) and use these accounts for downloading business data. The organization wants to ensure that only the corporate network is used. The organization should FIRST:

Question408: An IS auditor is reviewing database fields updated in real-time and displayed through other applications in multiple organizational functions. When validating business approval for these various use cases, which of the following sources of information would be the BEST starting point?

Question409: Which of the following would be the BEST criteria for monitoring an IT vendor's service levels?

Question410: An IS auditor is following up on prior period items and finds management did not address an audit finding.
Which of the following should be the IS auditor's NEXT course of action?

Question411: Which of the following is the MOST important benefit of involving IS audit when implementing governance of enterprise IT?

Question412: Which of the following audit procedures would provide the BEST assurance that an application program is functioning as designed?

Question413: To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?

Question414: Which of the following would be the MOST useful metric for management to consider when reviewing a project portfolio?

Question415: An IS auditor is reviewing processes for importing market price data from external data providers. Which of the following findings should the auditor consider MOST critical?

Question416: Which of the following should be the FRST step when developing a data toes prevention (DIP) solution for a large organization?

Question417: An organization that operates an e-commerce website wants to provide continuous service to its customers and is planning to invest in a hot site due to service criticality. Which of the following is the MOST important consideration when making this decision?

Question418: Which of the following is the BEST way to ensure that an application is performing according to its specifications?

Question419: Which of the following is the BEST way to help ensure new IT implementations align with enterprise architecture (EA) principles and requirements?

Question420: Which of the following business continuity activities prioritizes the recovery of critical functions?

Question421: During an audit of a multinational bank's disposal process, an IS auditor notes several findings. Which of the following should be the auditor's GREATEST concern?

Question422: Which of the following provides the BE ST method for maintaining the security of corporate applications pushed to employee-owned mobile devices?

Question423: A project team has decided to switch to an agile approach to develop a replacement for an existing business application. Which of the following should an IS auditor do FIRST to ensure the effectiveness of the protect audit?

Question424: Which of the following is the PRIMARY reason an IS auditor would recommend offsite backups although critical data is already on a redundant array of inexpensive disks (RAID)?

Question425: An organization is concerned about duplicate vendor payments on a complex system with a high volume of transactions. Which of the following would be MOST helpful to an IS auditor to determine whether duplicate vendor payments exist?

Question426: Which of the following is the BEST compensating control against segregation of duties conflicts in new code development?

Question427: An IS auditor wants to gain a better understanding of an organization's selected IT operating system software.
Which of the following would be MOST helpful to review?

Question428: During an audit of an organization's risk management practices, an IS auditor finds several documented IT risk acceptances have not been renewed in a timely manner after the assigned expiration date When assessing the seventy of this finding, which mitigating factor would MOST significantly minimize the associated impact?

Question429: An IS auditor is evaluating an organization's IT strategy and plans. Which of the following would be of GREATEST concern?

Question430: Which of the following is an IS auditor's BEST recommendation to protect an organization from attacks when its file server needs to be accessible to external users?

Question431: A programmer has made unauthorized changes lo key fields in a payroll system report. Which of the following control weaknesses would have contributed MOST to this problem?

Question432: Which of the following controls is BEST implemented through system configuration?

Question433: An IS auditor conducts a review of a third-party vendor's reporting of key performance indicators (KPIs) Which of the following findings should be of MOST concern to the auditor?

Question434: Which of the following would be an appropriate rote of internal audit in helping to establish an organization's privacy program?

Question435: An IS audit learn is evaluating the documentation related to the most recent application user-access review performed by IT and business management It is determined that the user list was not system-generated. Which of the following should be the GREATEST concern?

Question436: Which of the following BEST enables a benefits realization process for a system development project?

Question437: Which of the following should be of GREATEST concern to an IS auditor performing a review of information security controls?

Question438: The BEST way to prevent fraudulent payments is to implement segregation of duties between the vendor setup and:

Question439: Which of the following is the BEST way to verify the effectiveness of a data restoration process?

Question440: An organization is disposing of removable onsite media which contains sensitive information. Which of the following is the MOST effective method to prevent disclosure of sensitive data?

Question441: An IS auditor finds the log management system is overwhelmed with false positive alerts. The auditor's BEST recommendation would be to:

Question442: Which of the following is the MOST effective accuracy control for entry of a valid numeric part number?

Question443: In an online application which of the following would provide the MOST information about the transaction audit trail?

Question444: During audit framework. an IS auditor teams that employees are allowed to connect their personal devices to company-owned computers. How can the auditor BEST validate that appropriate security controls are in place to prevent data loss?

Question445: Which of the following is MOST important to define within a disaster recovery plan (DRP)?

Question446: An IS auditor is reviewing an organization that performs backups on local database servers every two weeks and does not have a formal policy to govern data backup and restoration procedures. Which of the following findings presents the GREATEST risk to the organization?

Question447: During a disaster recovery audit, an IS auditor finds that a business impact analysis (BIA) has not been performed. The auditor should FIRST

Question448: Which of the following BEST indicates that an incident management process is effective?

Question449: A telecommunications company has recently created a new fraud department with three employees and acquired a fraud detection system that uses artificial intelligence (AI) modules. Which of the following would be of GREATEST concern to an IS auditor reviewing the system?

Question450: Which of the following is the GREATEST advantage of outsourcing the development of an e-banking solution when in-house technical expertise is not available?

Question451: The PRIMARY responsibility of a project steering committee is to:

Question452: Which of the following would provide the MOST important input during the planning phase for an audit on the implementation of a bring your own device (BYOD) program?

Question453: An IS auditor is examining a front-end subledger and a main ledger. Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?

Question454: Which of the following is MOST important to the effectiveness of smoke detectors installed in a data processing facility?

Question455: An IS audit reveals an IT application is experiencing poor performance including data inconsistency and integrity issues. What is the MOST likely cause?

Question456: Which of the following is the MOST significant impact to an organization that does not use an IT governance framework?

Question457: The IS quality assurance (OA) group is responsible for:

Question458: Due to system limitations, segregation of duties (SoD) cannot be enforced in an accounts payable system.
Which of the following is the IS auditor's BEST recommendation for a compensating control?

Question459: Which of the following is MOST important during software license audits?

Question460: The PRIMARY reason for an IS auditor to use data analytics techniques is to reduce which type of audit risk?

Question461: Which of the following BEST describes the role of the IS auditor in a control self-assessment (CSA)?

Question462: An IS auditor concludes that logging and monitoring mechanisms within an organization are ineffective because critical servers are not included within the central log repository. Which of the following audit procedures would have MOST likely identified this exception?

Question463: Which of the following is the GREATEST risk associated with storing customer data on a web server?

Question464: During the implementation of a new system, an IS auditor must assess whether certain automated calculations comply with the regulatory requirements Which of the following is the BEST way to obtain this assurance?

Question465: Which of the following is an effective way to ensure the integrity of file transfers in a peer-to-peer (P2P) computing environment?

Question466: Which of the following should be an IS auditor's PRIMARY consideration when determining which issues to include in an audit report?

Question467: A firewall between internal network segments improves security and reduces risk by:

Question468: Which of the following is the MOST important consideration when establishing operational log management?

Question469: Which of the following is the BEST indication that there are potential problems within an organization's IT service desk function?

Question470: Which of the following is the MOST important consideration for a contingency facility?

Question471: An IS auditor is tasked to review an organization's plan-do-check-act (PDCA) method for improving IT-related processes and wants to determine the accuracy of defined targets to be achieved. Which of the following steps in the PDCA process should the auditor PRIMARILY focus on in this situation?

Question472: Which of the following is the PRIMARY concern when negotiating a contract for a hot site?

Question473: Several unattended laptops containing sensitive customer data were stolen from personnel offices Which of the following would be an IS auditor's BEST recommendation to protect data in case of recurrence?

Question474: Which of the following is MOST helpful to an IS auditor when assessing the effectiveness of controls?

Question475: The use of which of the following would BEST enhance a process improvement program?

Question476: An organization is planning an acquisition and has engaged an IS auditor lo evaluate the IT governance framework of the target company. Which of the following would be MOST helpful In determining the effectiveness of the framework?

Question477: An IS auditor has been asked to advise on measures to improve IT governance within the organization. Which at the following is the BEST recommendation?

Question478: Which of the following is a threat to IS auditor independence?

Question479: An IS auditor is planning an audit of an organization's accounts payable processes. Which of the following controls is MOST important to assess in the audit?

Question480: As part of the architecture of virtualized environments, in a bare metal or native visualization the hypervisor runs without:

Question481: An organization implemented a cybersecurity policy last year Which of the following is the GREATE ST indicator that the policy may need to be revised?

Question482: A data breach has occurred due lo malware. Which of the following should be the FIRST course of action?

Question483: Which of the following is the MOST appropriate control to ensure integrity of online orders?

Question484: An IS auditor finds that application servers had inconsistent security settings leading to potential vulnerabilities. Which of the following is the BEST recommendation by the IS auditor?

Question485: Which of the following would be of GREATEST concern when reviewing an organization's security information and event management (SIEM) solution?

Question486: Which of the following is the PRIMARY advantage of using visualization technology for corporate applications?

Question487: Which of the following should be of GREATEST concern to an |$ auditor reviewing data conversion and migration during the implementation of a new application system?

Question488: Which of the following observations should be of GREATEST concern to an IS auditor performing an audit of change and release management controls for a new complex system developed by a small in-house IT team?

Question489: Which of the following BEST describes a digital signature?

Question490: Which of the following would be of GREATEST concern to an IS auditor reviewing the feasibility study for a new application system?

Question491: Which of the following would provide management with the MOST reasonable assurance that a new data warehouse will meet the needs of the organization?

Question492: In which phase of penetration testing would host detection and domain name system (DNS) interrogation be performed?