Question1: Which of the following is the BEST source of information for assessing the effectiveness of IT process monitoring?
Question2: What should an IS auditor do FIRST when management responses
to an in-person internal control questionnaire indicate a key internal
control is no longer effective?
Question3: Which of the following provides the MOST useful information for performing a business impact analysis (B1A)?
Question4: Which of the following is me GREATE ST impact as a result of the ongoing deterioration of a detective control?
Question5: Which of the following is the MOST important task of an IS auditor during an application post- implementation review?
Question6: An IS auditor has been tasked with auditing the inventory control process for a large organization that processes millions of data transactions. Which of the following is the BEST testing strategy to adopt?
Question7: Which of the following should be of GREATEST concern to an IS auditor who is assessing an organization's configuration and release management process?
Question8: In an IT organization where many responsibilities are shared which of the following is the BEST control for detecting unauthorized data changes?
Question9: Which of the following approaches would utilize data analytics to facilitate the testing of a new account creation process?
Question10: What is the PRIMARY benefit of using one-time passwords?
Question11: Which of the following poses the GREATEST risk to the use of active RFID tags?
Question12: An organization has moved all of its infrastructure to the cloud. Which of the following would be an IS auditor's GREATEST concern related to the organization's ability to continue operations in case of a disaster?
Question13: An IS auditor finds that one employee has unauthorized access to confidential data. The IS auditor's BEST recommendation should be to:
Question14: Which of the following should be the PRIMARY consideration when incorporating user training and awareness into a data loss prevention (DLP) strategy?
Question15: An IS auditor reviewing the database controls for a new e-commerce system discovers a security weakness in the database configuration. Which of the following should be the IS auditor's NEXT course of action?
Question16: Which of the following is the PRIMARY role of key performance indicators (KPIs) in supporting business process effectiveness?
Question17: An IS auditor is reviewing processes for importing market price data from external data providers. Which of the following findings should the auditor consider MOST critical?
Question18: Which of the following should be of MOST concern to an IS auditor when reviewing an intrusion detection system (IDS)?
Question19: IT governance should be driven by:
Question20: Which of the following must be in place before an IS auditor initiates audit follow-up activities?
Question21: When planning an audit, it is acceptable for an IS auditor to rely on a third-party provider's external audit report on service level management when the
Question22: A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?
Question23: Who is PRIMARILY responsible for the design of IT controls to meet control objectives?
Question24: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?
Question25: Which of the following would MOST likely jeopardize the independence of a quality assurance (QA} team and could lead to conflict of interest?
Question26: Which of the following features of a library control software package would protect against unauthorized updating of source code?
Question27: Which of the following should be the PRIMARY role of an internal audit function in the management of identified business risks?
Question28: An IS auditor suspects an organization's computer may have been used to commit a crime. Which of the following is the auditor's BEST course of action?
Question29: Which of the following should be of GREATEST concern to an IS auditor reviewing project documentation for a client relationship management (CRM) system migration project?
Question30: The process of applying a hash function to a message and obtaining and ciphering a digest refers to:
Question31: Which of the following is the BEST indicator for measuring performance of IT help desk function?
Question32: Which of the following should be of GREATEST concern for an IS auditor reviewing an organization's disaster recovery plan (DRP)?
Question33: An IS department is evaluated monthly on its cost-revenue ratio user satisfaction rate, and computer downtime This is BEST zed as an application of.
Question34: An IS auditor Is renewing the deployment of a new automated system Which of the following findings presents the MOST significant risk?
Question35: Which of the following BEST indicates that an incident management process is effective?
Question36: Which of the following BEST enables an organization to improve the effectiveness of its incident response team?
Question37: Spreadsheets are used to calculate project cost estimates. Totals for each cost category are then keyed into the job-costing system. What is the BEST control to ensure that data is accurately entered into the system?
Question38: An organization has developed mature risk management practices that are followed across all departments What is the MOST effective way for the audit team to leverage this risk management maturity?
Question39: A senior auditor is reviewing work papers prepared by a junior auditor indicating that a finding was removed after the auditee said they corrected the problem. Which of the following is the senior auditor s MOST appropriate course of action?
Question40: Which of the following is the BEST compensating control against segregation of duties conflicts in new code development?
Question41: Which of the following user actions poses the GREATEST risk for inadvertently introducing malware into a local network?
Question42: Which of the following is the GREATEST risk if two users have concurrent access to the same database record?
Question43: An internal audit team is deciding whether to use an audit management application hosted by a third party in a different country.
What should be the MOST important consideration related to the uploading of payroll audit documentation in the hosted application?
Question44: An IS auditor is assessing backup performance and observes that the system administrator manually initiates backups during unexpected peak usage. Which of the following is the auditor's BEST course of action?
Question45: Which of the following BEST enables an organization to determine the effectiveness of its information security awareness program?
Question46: Which of the following applications has the MOST inherent risk and should be prioritized during audit planning?
Question47: In order to be useful, a key performance indicator (KPI) MUST
Question48: Which of the following should be of GREATEST concern to an IS auditor reviewing project documentation for a client relationship management (CRM) system migration project?
Question49: A financial group recently implemented new technologies and processes, Which type of IS audit would provide the GREATEST level of assurance that the department's objectives have been met?
Question50: An IS auditor is reviewing a machine learning model that predicts the likelihood that a user will watch a certain movie. Which of the following would be of GREATEST concern to the auditor?
Question51: A checksum is classified as which type of control?
Question52: What is MOST important to verify during an external assessment of network vulnerability?
Question53: Which of the following is MOST important during software license audits?
Question54: The PRIMARY benefit of automating application testing is to:
Question55: A secure server room has a badge reader system that records name, date, and time information whenever a staff member uses a badge to enter or exit. When reviewing the system logs, an IS auditor notices records for some employees entering, but not exiting, the room. Which of the following would be the MOST effective compensating control to recommend?
Question56: Which of the following is the BEST method to delete sensitive information from storage media that will be reused?
Question57: An organization is establishing a steering committee for the implementation of a new enterprise resource planning (ERP) system that uses Agile project management methodology. What is the MOST important criterion for the makeup of this committee?
Question58: Which of the following is the MOST important determining factor when establishing appropriate timeframes for follow-up activities related to audit findings?
Question59: Which of the following is the MOST appropriate testing approach when auditing a daily data flow between two systems via an automated interface to confirm that it is complete and accurate?
Question60: Which of the following would be an IS auditor's GREATEST concern when reviewing the organization's business continuity plan (BCP)?
Question61: Which of the following documents should define roles and responsibilities within an IT audit organization?
Question62: Which of the following should be used as the PRIMARY basis for prioritizing IT projects and initiatives?
Question63: Which of the following BEST protects evidence in a forensic investigation?
Question64: Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's job scheduling practices?
Question65: Which of the following is an example of a preventive control for physical access?
Question66: During a project audit, an IS auditor notes that project reporting does not accurately reflect current progress.
Which of the following is the GREATEST resulting impact?
Question67: Which of the following tests would provide the BEST assurance that a health care organization is handling patient data appropriately?
Question68: Which of the following is an IS auditor's BEST approach when prepanng to evaluate whether the IT strategy supports the organization's vision and mission?
Question69: A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?
Question70: The use of access control lists (ACLs) is the MOST effective method to mitigate security risk for routers because they: (Identify Correct answer and related explanation/references from CISA Certification - Information Systems Auditor official Manual or book)
Question71: An organization allows employees to retain confidential data on personal mobile devices. Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?
Question72: Which of the following would be the BEST process for continuous auditing to a large financial Institution?
Question73: Which of the following is the BEST approach to help organizations address risks associated with shadow IT?
Question74: The MOST important measure of the effectiveness of an organization's security program is the:
Question75: Which of the following provides the MOST useful information to an IS auditor when selecting projects for inclusion in an IT audit plan?
Question76: An IS auditor is reviewing the perimeter security design of a network. Which of the following provides the GREATEST assurance outgoing Internet traffic is controlled?
Question77: Which of the following should be the FIRST consideration when deciding whether data should be moved to a cloud provider for storage?
Question78: Who is accountable for an organization's enterprise risk management (ERM) program?
Question79: A white box testing method is applicable with which of the following testing processes?
Question80: An IS auditor discovers that validation controls m a web application have been moved from the server side into the browser to boost performance This would MOST likely increase the risk of a successful attack by.
Question81: Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?
Question82: Which of the following is an example of a preventative control in an accounts payable system?
Question83: During an information security review, an IS auditor learns an organizational policy requires all employ-ees to attend information security training during the first week of each new year. What is the auditor's BEST recommendation to ensure employees hired after January receive adequate guid-ance regarding security awareness?
Question84: An IS auditor has been asked to audit the proposed acquisition of new computer hardware. The auditor's PRIMARY concern Is that:
Question85: Which of the following BEST describes an audit risk?
Question86: An IS auditor is assigned to review the IS department s quality procedures. Upon contacting the IS manager, the auditor finds that there is an informal unwritten set of standards Which of the following should be the auditor's NEXT action1?
Question87: A job is scheduled to transfer data from a transactional system database to a data lake for reporting purposes.
Which of the following would be of GREATEST concern to an IS auditor?
Question88: During an audit of a multinational bank's disposal process, an IS auditor notes several findings. Which of the following should be the auditor's GREATEST concern?
Question89: Which of the following issues identified during a formal review of an organization's information security policies presents the GREATEST potential risk to the organization?
Question90: Which of the following is the GREATEST advantage of maintaining an internal IS audit function within an organization?
Question91: Which of the following should be the GREATEST concern for an IS auditor assessing an organization's disaster recovery plan (DRP)?
Question92: In a large organization, IT deadlines on important projects have been missed because IT resources are not prioritized properly. Which of the following is the BEST recommendation to address this problem?
Question93: An IS auditor should be MOST concerned if which of the following fire suppression systems is utilized to protect an asset storage closet?
Question94: Which of the following is the PRIMARY benefit of monitoring IT operational logs?
Question95: Which of the following is an audit reviewer's PRIMARY role with regard to evidence?
Question96: Which of the following is the MOST important reason to implement version control for an end-user computing (EUC) application?
Question97: An IS auditor reviewing the throat assessment for a data cantor would be MOST concerned if:
Question98: An audit has identified that business units have purchased cloud-based applications without IPs support. What is the GREATEST risk associated with this situation?
Question99: Which of the following is the PRIMARY benefit of effective implementation of appropriate data classification?
Question100: Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?
Question101: An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported. The auditee has stated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?
Question102: Which of the following is the GREATEST advantage of vulnerability scanning over penetration testing?
Question103: Which of the following is an IS auditor's BEST recommendation for mitigating risk associated with inadvertent disclosure of sensitive information by employees?
Question104: An organization plans to replace its nightly batch processing backup to magnetic tape with real-time replication to a second data center. Which of the following is the GREATEST risk associated with this change?
Question105: Which of the following is a PRIMARY responsibility of an IT steering committee?
Question106: Which of the following is the BEST indication to an IS auditor that management's post-implementation review was effective?
Question107: Cross-site scripting (XSS) attacks are BEST prevented through:
Question108: Which of the following application input controls would MOST likely detect data input errors in the customer account number field during the processing of an accounts receivable transaction?
Question109: Which of the following is the MOST effective way to maintain network integrity when using mobile devices?
Question110: Which of the following would protect the confidentiality of information sent in email messages?
Question111: Which of the following presents the GREATEST risk to an organization's ability to manage quality control (QC) processes?
Question112: Which of the following BEST ensures the quality and integrity of test procedures used in audit analytics?
Question113: Which of the following is MOST important with regard to an application development acceptance test?
Question114: While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed with the audit function. In order to resolve the situation, the IS auditor's BEST course of action would be to:
Question115: Which of the following findings from a database security audit presents the GREATEST risk of critical security exposures?
Question116: Which of the following is the GREATEST risk when relying on reports generated by end-user computing (EUC)?
Question117: An IS auditor conducts a review of a third-party vendor's reporting of key performance indicators (KPIs) Which of the following findings should be of MOST concern to the auditor?
Question118: Which of the following findings from an IT governance review should be of GREATEST concern?
Question119: Which of the following would BEST determine whether a post-implementation review (PIR) performed by the project management office (PMO) was effective?
Question120: An IS auditor is reviewing a network diagram. Which of the following would be the BEST location for placement of a firewall?
Question121: An IS auditor who was instrumental in designing an application is called upon to review the application. The auditor should:
Question122: The PRIMARY role of an IS auditor in the remediation of problems found during an audit engagement is to:
Question123: During a follow-up audit, an IS auditor finds that some critical recommendations have not been addressed as management has decided to accept the risk. Which of the following is the IS auditor's BEST course of action?
Question124: An organization wants to classify database tables according to its data classification scheme From an IS auditor's perspective the tables should be classified based on the:
Question125: Which of the following provides the BEST evidence that all elements of a business continuity plan (BCP) are operating effectively?
Question126: Which of the following is MOST appropriate to review when determining if the work completed on an IT project is in alignment with budgeted costs?
Question127: Which of the following BEST indicates to an IS auditor that an organization handles emergency changes appropriately and transparently?
Question128: Which of the following BEST demonstrates to senior management and the board that an audit function is compliant with standards and the code of ethics?
Question129: An IS auditor is reviewing security controls related to collaboration tools for a business unit responsible for intellectual property and patents. Which of the following observations should be of MOST concern to the auditor?
Question130: Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?
Question131: A bank performed minor changes to the interest calculation computer program. Which of the following techniques would provide the STRONGEST evidence to determine whether the interest calculations are correct?
Question132: Which of the following is the BEST recommendation to include in an organization's bring your own device (BYOD) policy to help prevent data leakage?
Question133: An IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer payments. The IS auditor should FIRST
Question134: Which of the following BEST enables the timely identification of risk exposure?
Question135: Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization's data loss prevention (DLP) controls?
Question136: Which of the following responsibilities associated with a disaster recovery plan (DRP) can be outsourced to a Disaster Recovery as a Service (DRaaS) provider?
Question137: An organization was recently notified by its regulatory body of significant discrepancies in its reporting data.
A preliminary investigation revealed that the discrepancies were caused by problems with the organization's data quality Management has directed the data quality team to enhance their program. The audit committee has asked internal audit to be advisors to the process. To ensure that management concerns are addressed, which data set should internal audit recommend be reviewed FIRST?
Question138: Which of the following would minimize the risk of losing transactions as a result of a disaster?
Question139: Which of the following conditions would be of MOST concern to an IS auditor assessing the risk of a successful brute force attack against encrypted data at test?
Question140: What is the BEST control to address SQL injection vulnerabilities?
Question141: During the evaluation of controls over a major application development project, the MOST effective use of an IS auditor's time would be to review and evaluate:
Question142: Which of the following approaches BEST enables an IS auditor to detect security vulnerabilities within an application?
Question143: Which of the following is the PRIMARY advantage of using visualization technology for corporate applications?
Question144: In a 24/7 processing environment, a database contains several privileged application accounts with passwords set to never expire. Which of the following recommendations would BEST address the risk with minimal disruption to the business?
Question145: Which of the following is MOST critical to the success of an information security program?
Question146: Which of the following is the BEST audit procedure to determine whether a firewall is configured in compliance with the organization's security policy?
Question147: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?
Question148: Which of the following findings should be of GREATEST concern to an IS auditor assessing the risk associated with end-user computing (EUC) in an organization?
Question149: Which of the following is the MOST effective way for an organization to project against data loss?
Question150: Which of the following would provide an IS auditor with the GREATEST assurance that data disposal controls support business strategic objectives?
Question151: Which of the following will BEST ensure that archived electronic information of permanent importance remains accessible over time?
Question152: The PRIMARY focus of a post-implementation review is to verify that:
Question153: Which of the following should be used to evaluate an IT development project before an investment is committed?
Question154: Which of the following is the BEST method to maintain an audit trail of changes made to the source code of a program?
Question155: The FIRST step in an incident response plan is to:
Question156: An IS auditor is assigned to perform a post-implementation review of an application system. Which of the following would impair the auditor's independence?
Question157: An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor's NEXT course of action?
Question158: Which of the following would be of GREATEST concern when reviewing an organization's security information and event management (SIEM) solution?
Question159: A small IT department has embraced DevOps, which allows members of this group to deploy code to production and maintain some development access to automate releases. Which of the following is the MOST effective control?
Question160: Which of the following occurs during the issues management process for a system development project?
Question161: An IS auditor has been asked to assess the security of a recently migrated database system that contains personal and financial data for a bank's customers. Which of the following controls is MOST important for the auditor to confirm is in place?
Question162: Backup procedures for an organization's critical data are considered to be which type of control?
Question163: Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?
Question164: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?
Question165: Which of the following should be of GREATEST concern to an IS auditor reviewing system interfaces used to transfer publicly available information?
Question166: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's mobile device policies and controls in its corporate environment?
Question167: In the case of a disaster where the data center is no longer available, which of the following tasks should be done FIRST?
Question168: An IS auditor is reviewing database fields updated in real-time and displayed through other applications in multiple organizational functions. When validating business approval for these various use cases, which of the following sources of information would be the BEST starting point?
Question169: Which of the following is the BEST metric to measure the alignment of IT and business strategy?
Question170: Which of the following is the GREATEST risk associated with lack of IT involvement in the organization's strategic planning initiatives?
Question171: Which of the following would be MOST helpful to an IS auditor performing a risk assessment of an application programming interface (API) that feeds credit scores from a well-known commercial credit agency into an organizational system?
Question172: What should be the PRIMARY basis for selecting which IS audits to perform in the coming year?
Question173: Which of the following findings would be of GREATEST concern to an IS auditor assessing an organization's patch management process?
Question174: What would be an IS auditor's BEST recommendation upon finding that a third-party IT service provider hosts the organization's human resources (HR) system in a foreign country?
Question175: An IS auditor is reviewing processes for importing market price data from external data providers. Which of the following findings should the auditor consider MOST critical?
Question176: During a review, an IS auditor discovers that corporate users are able to access cloud-based applications and data any Internet-connected web browser. Which Of the following is the auditor's BEST recommendation to prevent unauthorized access?
Question177: Which of the following control measures is the MOST effective against unauthorized access of confidential information on stolen or lost laptops?
Question178: An IS auditor finds that a key Internet-facing system is vulnerable to attack and that patches are not available.
What should the auditor recommend be done FIRST?
Question179: Which of the following would BEST indicate the effectiveness of a security awareness training program?
Question180: When reviewing an organization's information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of:
Question181: Which of the following is the BEST control to help ensure the completeness of outbound transactions?
Question182: Which of the following would provide the BEST evidence of an IT strategy corrections effectiveness?
Question183: Which of the following network communication protocols is used by network devices such as routers to send error messages and operational information indicating success or failure when communicating with another IP address?
Question184: Which of the following job scheduling schemes for operating system updates is MOST likely to adequately balance protection of workstations with user requirements?
Question185: During which phase of the software development life cycle is it BEST to initiate the discussion of application controls?
Question186: During a project assessment, an IS auditor finds that business owners have been removed from the project initiation phase. Which of the following should be the auditor's GREATEST concern with this situation?
Question187: An IS auditor determines that the vendor's deliverables do not include the source code for a newly acquired product. To address this issue, which of the following should the auditor recommend be included in the contract?
Question188: Which type of threat can utilize a large group of automated social media accounts to steal data, send spam, or launch distributed denial of service (DDoS) attacks?
Question189: Which of the following controls BEST ensures appropriate segregation of duties within an accounts payable department?
Question190: An IS auditor wants to determine who has oversight of staff performing a specific task and is referencing the organization's RACI chart. Which of the following roles within the chart would provide this information?
Question191: Which of the following is the GREATEST advantage of outsourcing the development of an e-banking solution when in-house technical expertise is not available?
Question192: Which of the following BEST indicates a need to review an organization's information security policy?
Question193: A national bank recently migrated a large number of business-critical applications to the cloud. Which of the following is MOST important to ensuring the resiliency of the applications?
Question194: An IS auditor discovers that due to resource constraints a database administrator (DBA) is responsible for developing and executing changes into the production environment Which ot the following should the auditor do FIRSTS
Question195: Which of the following is the BEST detective control for a job scheduling process involving data transmission?
Question196: An IS auditor is verifying the adequacy of an organization's internal controls and is concerned about potential circumvention of regulations. Which of the following is the BEST sampling method to use?
Question197: Which of the following should be an IS auditor's GREATEST concern when a data owner assigns an incorrect classification level to data?
Question198: If concurrent update transactions to an account are not processed properly, which of the following will be affected?
Question199: Which of the following presents the GREATEST risk associated with end-user computing (EUC) applica- tions over financial reporting?
Question200: A telecommunications company has recently created a new fraud department with three employees and acquired a fraud detection system that uses artificial intelligence (AI) modules. Which of the following would be of GREATEST concern to an IS auditor reviewing the system?
Question201: Which of the following is the BEST reason for an organization to use clustering?
Question202: Which of the following would be of GREATEST concern to an IS auditor reviewing an IT strategy document?
Question203: An IS auditor is reviewing logical access controls for an organization's financial business application Which of the following findings should be of GREATEST concern to the auditor?
Question204: Which of the following system attack methods is executed by entering malicious code into the search box of a vulnerable website, causing the server to reveal restricted information?
Question205: Which of the following is PRIMARILY used in blockchain technology to create a distributed immutable ledger?
Question206: A CFO has requested an audit of IT capacity management due to a series of finance system slowdowns during month-end reporting. What would be MOST important to consider before including this audit in the program?
Question207: Management has requested a post-implementation review of a newly implemented purchasing package to determine the extent that business requirements are being met. Which of the following is MOST likely to be assessed?
Question208: in a post-implantation Nation review of a recently purchased system it is MOST important for the iS auditor to determine whether the:
Question209: Which of the following BEST addresses the availability of an online store?
Question210: An organization has introduced a capability maturity model to the system development life cycle (SDLC) to measure improvements. Which of the following is the BEST indication of successful process improvement?
Question211: Who is responsible for defining data access permissions?
Question212: Which of the following is the GREATEST risk associated with security patches being automatically downloaded and applied to production servers?
Question213: Which of the following is the MOST important course of action to ensure a cloud access security broker (CASB) effectively detects and responds to threats?
Question214: When planning a review of IT governance, an IS auditor is MOST likely to:
Question215: Which of the following controls is MOST important for ensuring the integrity of system interfaces?
Question216: In response to an audit finding regarding a payroll application, management implemented a new automated control. Which of the following would be MOST helpful to the IS auditor when evaluating the effectiveness of the new control?
Question217: An IS auditor is concerned that unauthorized access to a highly sensitive data center might be gained by piggybacking or tailgating. Which of the following is the BEST recommendation? (Choose Correct answer and give explanation from CISA Certification - Information Systems Auditor official book)
Question218: Which of the following should be the GREATEST concern for an IS auditor performing a post- implementation review for a major system upgrade?
Question219: Which of the following provides the BEST evidence that system requirements are met when evaluating a project before implementation?
Question220: Which of the following constitutes an effective detective control in a distributed processing environment?
Question221: A network analyst is monitoring the network after hours and detects activity that appears to be a brute-force attempt to compromise a critical server. After reviewing the alerts to ensure their accuracy, what should be done NEXT?
Question222: Which of the following provides the MOST reliable method of preventing unauthonzed logon?
Question223: Which of the following is MOST useful for determining the strategy for IT portfolio management?
Question224: The use of control totals satisfies which of the following control objectives?
Question225: Which of the following is the BEST way to enforce the principle of least privilege on a server containing data with different security classifications?
Question226: Which of the following BEST describes the role of the IS auditor in a control self-assessment (CSA)?
Question227: The IS auditor has recommended that management test a new system before using it in production mode. The BEST approach for management in developing a test plan is to use processing parameters that are:
Question228: Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?
Question229: When is it MOST important for an IS auditor to apply the concept of materiality in an audit?
Question230: Which of the following concerns is MOST effectively addressed by implementing an IT framework for alignment between IT and business objectives?
Question231: Which of the following would be MOST useful when analyzing computer performance?
Question232: If enabled within firewall rules, which of the following services would present the GREATEST risk?
Question233: Audit frameworks can assist the IS audit function by:
Question234: Which of the following is the MOST efficient way to identify fraudulent activity on a set of transactions?
Question235: During the implementation of an upgraded enterprise resource planning (ERP) system, which of the following is the MOST important consideration for a go-live decision?
Question236: During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:
Question237: Following an IT audit, management has decided to accept the risk highlighted in the audit report. Which of the following would provide the MOST assurance to the IS auditor that management is adequately balancing the needs of the business with the need to manage risk?
Question238: An IS audit manager is preparing the staffing plan for an audit engagement of a cloud service provider. What should be the manager's PRIMARY concern when being made aware that a new auditor in the department previously worked for this provider?
Question239: Upon completion of audit work, an IS auditor should:
Question240: When designing a data analytics process, which of the following should be the stakeholder's role in automating data extraction and validation?
Question241: Which type of control has been established when an organization implements a security information and event management (SIEM) system?
Question242: Which of the following statements appearing in an organization's acceptable use policy BEST demonstrates alignment with data classification standards related to the protection of information assets?
Question243: Which of the following provides re BEST evidence that outsourced provider services are being properly managed?
Question244: Recovery facilities providing a redundant combination of Internet connections to the local communications loop is an example of which type of telecommunications continuity?
Question245: Which of the following provides an IS auditor the BEST evidence that a third-party service provider's information security controls are effective?
Question246: When building or upgrading enterprise cryptographic infrastructure, which of the following is the MOST critical requirement for growing business environments?
Question247: An organization is permanently transitioning from onsite to fully remote business operations. When should the existing business impact analysis (BIA) be reviewed?
Question248: An organization is considering allowing users to connect personal devices to the corporate network. Which of the following should be done FIRST?
Question249: Which of the following is MOST likely to be reduced when implementing optimal risk management strategies?
Question250: Which of the following is the BEST methodology to use for estimating the complexity of developing a large business application?
Question251: The PRIMARY advantage of object-oriented technology is enhanced:
Question252: Which of the following would lead an IS auditor to conclude that the evidence collected during a digital forensic investigation would not be admissible in court?
Question253: Which of the following provides the BEST evidence of the validity and integrity of logs in an organization's security information and event management (SIEM) system?
Question254: The PRIMARY advantage of using open-source-based solutions is that they:
Question255: An IS auditor is conducting an IT governance audit and notices many initiatives are managed informally by isolated project managers. Which of the following recommendations would have the GREATEST impact on improving the maturity of the IT team?
Question256: Which of the following is the PRIMARY purpose of a rollback plan for a system change?
Question257: The PRIMARY responsibility of a project steering committee is to:
Question258: Which of the following is the GREATEST benefit of adopting an international IT governance framework rather than establishing a new framework based on the actual situation of a specific organization1?
Question259: An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?
Question260: Which of the following is MOST helpful to an IS auditor reviewing the alignment of planned IT budget with the organization's goals and strategic objectives?
Question261: An IS auditor has been asked to advise on measures to improve IT governance within the organization. Which of the following IS the BEST recommendation?
Question262: An organization's sensitive data is stored in a cloud computing environment and is encrypted. Which of the following findings should be of GREATEST concern to an IS auditor?
Question263: Which of the following is the GREATEST risk of project dashboards being set without sufficiently defined criteria?
Question264: Which of the following is the MOST effective way to identify exfiltration of sensitive data by a malicious insider?
Question265: During an operational audit on the procurement department, the audit team encounters a key system that uses an artificial intelligence (Al) algorithm. The audit team does not have the necessary knowledge to proceed with the audit. Which of the following is the BEST way to handle this situation?
Question266: Which of the following is the BEST method to safeguard data on an organization's laptop computers?
Question267: When a data center is attempting to restore computing facilities at an alternative site following a disaster, which of the following should be restored FIRST?
Question268: Which of the following is the BEST way for management to ensure the effectiveness of the cybersecurity incident response process?
Question269: Which of the following fire suppression systems needs to be combined with an automatic switch to shut down the electricity supply in the event of activation?
Question270: What is the MOST effective way to detect installation of unauthorized software packages by employees?
Question271: Which of the following is the MOST important advantage of participating in beta testing of software products?
Question272: During an IS audit of a data center, it was found that programmers are allowed to make emergency fixes to operational programs. Which of the following should be the IS auditor's PRIMARY recommendation?
Question273: Which of the following security risks can be reduced by a property configured network firewall?
Question274: An incident response team has been notified of a virus outbreak in a network subnet. Which of the following should be the NEXT step?
Question275: An IS auditor has been asked to review an event log aggregation system to ensure risk management practices have been applied. Which of the following should be of MOST concern to the auditor?
Question276: A transaction processing system interfaces with the general ledger. Data analytics has identified that some transactions are being recorded twice in the general ledger. While management states a system fix has been implemented, what should the IS auditor recommend to validate the interface is working in the future?
Question277: The PRIMARY objective of a follow-up audit is to:
Question278: An organization has both an IT strategy committee and an IT steering committee. When reviewing the minutes of the IT steering committee, an IS auditor would expect to find that the committee:
Question279: Which of the following is an IS auditor's BEST course of action when the auditee indicates that a corrective action plan for a high-risk finding will take longer than expected?
Question280: An organizations audit charier PRIMARILY:
Question281: Which of the following is the BEST source of information to determine the required level of data protection on a file server?
Question282: An IS auditor finds that a number of key patches have not been applied in a timely manner due to re-source constraints. Which of the following is the GREATEST risk to the organization in this situation?
Question283: During the walk-through procedures for an upcoming audit, an IS auditor notes that the key application in scope is part of a Software as a Service (SaaS) agreement. What should the auditor do NEXT?
Question284: Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization's data loss prevention (DLP) controls?
Question285: Which of the following findings related to segregation of duties should be of GREATEST concern to an IS auditor?
Question286: Which of the following is the BEST way to strengthen the security of smart devices to prevent data leakage?
Question287: Which of the following is the MAJOR advantage of automating internal controls?
Question288: Which of the following would BEST protect the confidentiality of sensitive data in transit between multiple offices?
Question289: An organization wants to use virtual desktops to deliver corporate applications to its end users. Which of the following should an IS auditor recommend to prevent domain name system (DNS) poisoning in their cloud environment?
Question290: An external attacker spoofing an internal Internet Protocol (IP) address can BEST be detected by which of the following?
Question291: Which of the following is MOST important for an IS auditor to verify when evaluating an organization's data conversion and infrastructure migration plan?
Question292: Which of the following demonstrates the use of data analytics for a loan origination process?
Question293: The PRIMARY role of a control self-assessment (CSA) facilitator is to:
Question294: Which of the following would be an IS auditor's BEST recommendation to senior management when several IT initiatives are found to be misaligned with the organization's strategy?
Question295: Which of the following is the BEST reason for an IS auditor to emphasize to management the importance of using an IT governance framework?
Question296: Which of the following features would BEST address risk associated with data at rest when evaluating a data loss prevention (DLP) solution?
Question297: Which of the following technology trends can lead to more robust data loss prevention (DLP) tools?
Question298: When reviewing hard disk utilization reports, an IS auditor observes that utilization is routinely above 95%.
Which of the following should be the GREATEST concern to the IS auditor?
Question299: Which of the following is a PRIMARY benefit of using risk assessments to determine areas to be included in an audit plan?
Question300: Which of the following is the MOST important factor when an organization is developing information security policies and procedures?
Question301: An organization is modernizing its technology policy framework to demonstrate compliance with external industry standards. Which of the following would be MOST useful to an IS auditor for validating the outcome?
Question302: An organization relies on an external vendor that uses a cloud-based Software as a Service (SaaS) model to back up its data. Which of the following is the GREATEST risk to the organization related to data backup and retrieval?
Question303: Which of the following will provide the GREATEST assurance to IT management that a quality management system (QMS) is effective?
Question304: A data breach has occurred due lo malware. Which of the following should be the FIRST course of action?
Question305: When reviewing an organization's enterprise architecture (EA), which of the following is an IS auditor MOST likely to find within the EA documentation?
Question306: Which of the following presents the GREATEST challenge to the alignment of business and IT?
Question307: An organization has recently implemented a Voice-over IP (VoIP) communication system. Which ot the following should be the IS auditor's PRIMARY concern?
Question308: An IS auditor is asked to review an organization's technology relationships, interfaces, and data. Which of the following enterprise architecture (EA) areas is MOST appropriate this review? (Choose Correct answer and give explanation from CISA Certification - Information Systems Auditor official book)
Question309: A business application's database is copied to a replication server within minutes. Which of the following processes taking place during business hours will MOST benefit from this architecture?
Question310: Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?
Question311: Which of the following provides the MOST assurance over the completeness and accuracy ol loan application processing with respect to the implementation of a new system?
Question312: An IS auditor is planning an audit of an organization's risk management practices. Which of the following would provide the MOST useful information about risk appetite?
Question313: In a RAO model, which of the following roles must be assigned to only one individual?
Question314: Afire alarm system has been installed in the computer room The MOST effective location for the fire alarm control panel would be inside the
Question315: During a routine internal software licensing review, an IS auditor discovers instances where employees shared license keys to critical pieces of business software. Which of the following would be the auditor's BEST course of action?
Question316: Which of the following types of firewalls provides the GREATEST degree of control against hacker intrusion?
Question317: Which of the following controls helps to reduce fraud risk associated with robotic process automation (RPA)?
Question318: Which of the following is the MOST important responsibility of user departments associated with program changes?
Question319: Which of the following BEST enables an IS auditor to prioritize financial reporting spreadsheets for an end- user computing (EUC) audit?
Question320: Which of the following is an IS auditor's BEST recommendation to mitigate the risk of eavesdropping associated with an application programming interface (API) integration implementation?
Question321: Which of the following tests is MOST likely to detect an error in one subroutine resulting from a recent change in another subroutine?
Question322: A warehouse employee of a retail company has been able to conceal the theft of inventory items by entering adjustments of either damaged or lost stock items lo the inventory system. Which control would have BEST prevented this type of fraud in a retail environment?
Question323: Which of the following BEST enables an IS auditor to combine and compare access control lists from various applications and devices?
Question324: Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organization's information security policy?
Question325: Which of the following would MOST effectively ensure the integrity of data transmitted over a network?
Question326: Which of the following would an IS auditor recommend as the MOST effective preventive control to reduce the risk of data leakage?
Question327: During the planning phase of a data loss prevention (DLP) audit, management expresses a concern about mobile computing. Which of the following should the IS auditor identify as the associated risk?
Question328: Which of the following should be given GREATEST consideration when implementing the use of an open-source product?
Question329: The FIRST step in auditing a data communication system is to determine:
Question330: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's IT process performance reports over the last quarter?
Question331: To confirm integrity for a hashed message, the receiver should use:
Question332: During a pre-implementation review, an IS auditor notes that some scenarios have not been tested.
Management has indicated that the project is critical and cannot be postponed. Which of the following is the auditor's BEST course of action?
Question333: Which of the following is the BEST evidence that an organization's IT strategy is aligned lo its business objectives?
Question334: An IS auditor has been asked to review the integrity of data transfer between two business-critical systems that have not been tested since implementation. Which of the following would provide the MOST useful information to plan an audit?
Question335: An organization that has suffered a cyber-attack is performing a forensic analysis of the affected users' computers. Which of the following should be of GREATEST concern for the IS auditor reviewing this process?
Question336: Which of the following is the BEST way to detect unauthorized copies of licensed software on systems?
Question337: Which of the following should be an IS auditor's PRIMARY focus when auditing the implementation of a new IT operations performance monitoring system?
Question338: Users are complaining that a newly released enterprise resource planning (ERP) system is functioning too slowly. Which of the following tests during the quality assurance (QA) phase would have identified this concern?
Question339: Which of the following would be of GREATEST concern to an IS auditor reviewing the resiliency of an organizational network that has two internet connections?
Question340: Which of the following would be MOST effective to protect information assets in a data center from theft by a vendor?
Question341: Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?
Question342: An organization recently migrated Us data warehouse from a legacy system to a different architecture in the cloud. Which of the following should be of GREATEST concern to the IS auditor reviewing the new data architecture?
Question343: An IS auditor is reviewing desktop software profiles and notes that a user has downloaded and installed several games that are not approved by the company. Which of the following is the MOST significant risk that could result from this situation?
Question344: Which of the following are BEST suited for continuous auditing?
Question345: The PRIMARY objective of a control self-assessment (CSA) is to:
Question346: An IS auditor finds a segregation of duties issue in an enterprise resource planning (ERP) system. Which of the following is the BEST way to prevent the misconfiguration from recurring?
Question347: Which of the following would be MOST useful to an IS auditor when making recommendations to enable continual improvement of IT processes over time?
Question348: Which of the following backup schemes is the BEST option when storage media is limited?
Question349: Retention periods and conditions for the destruction of personal data should be determined by the.
Question350: In an area susceptible to unexpected increases in electrical power, which of the following would MOST effectively protect the system?
Question351: An organization that has decided to approve the use of end-user computing (EUC) should FIRST ensure:
Question352: Which of the following is a detective control?
Question353: Which of the following is the BEST control to help ensure that security requirements are considered throughout the life cycle of an agile software development project?
Question354: Which of the following is MOST helpful to an IS auditor when assessing the effectiveness of controls?
Question355: Which of the following is an effective way to ensure the integrity of file transfers in a peer-to-peer (P2P) computing environment?
Question356: Which of the following is MOST important to the effectiveness of smoke detectors installed in a data processing facility?
Question357: An IS auditor evaluating the change management process must select a sample from the change log. What is the BEST way to the auditor to confirm the change log is complete?
Question358: What is the Most critical finding when reviewing an organization's information security management?
Question359: A core system fails a week after a scheduled update, causing an outage that impacts service. Which of the following is MOST important for incident management to focus on when addressing the issue?
Question360: During recent post-implementation reviews, an IS auditor has noted that several deployed applications are not being used by the business. The MOST likely cause would be the lack of:
Question361: A finance department has a two-year project to upgrade the enterprise resource planning (ERP) system hosting the general ledger in year one the system version upgrade will be applied and in year two business processes will be updated to implement new system functionality. Which of the following should be the PRIMARY focus of an IS auditor reviewing the second year of the implementation'?
Question362: Which of the following should be the IS auditor's PRIMARY focus when evaluating an organizations offsite storage facility?
Question363: Which of the following is MOST helpful in identifying system performance constraints?
Question364: Which of the following security measures is MOST important for protecting Internet of Things (IoT) devices from potential cyberattacks?
Question365: An external audit firm was engaged to perform a validation and verification review for a systems implementation project. The IS auditor identifies that regression testing is not part of the project plan and was not performed by the systems implementation team. According to the team, the parallel testing being performed is sufficient, making regression testing unnecessary. What should be the auditor's NEXT step?
Question366: An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives. Which of the following findings should be the IS auditor's GREATEST concern?
Question367: A review of an organization's IT portfolio revealed several applications that are not in use. The BEST way to prevent this situation from recurring would be to implement.
Question368: Which of the following would be the BEST criteria for monitoring an IT vendor's service levels?
Question369: An IS auditor is tasked to review an organization's plan-do-check-act (PDCA) method for improving IT-related processes and wants to determine the accuracy of defined targets to be achieved. Which of the following steps in the PDCA process should the auditor PRIMARILY focus on in this situation?
Question370: When reviewing a business case for a proposed implementation of a third-party system, which of the following should be an IS auditor's GREATEST concern?
Question371: An organization has outsourced its data processing function to a service provider. Which of the following would BEST determine whether the service provider continues to meet the organization s objectives?
Question372: In which of the following system development life cycle (SDLC) phases would an IS auditor expect to find that controls have been incorporated into system specifications?
Question373: Which of the following is the MOST important control for virtualized environments?
Question374: An IS auditor reviewing a job scheduling tool notices performance and reliability problems. Which of the following is MOST likely affecting the tool?
Question375: An IS auditor is reviewing an organizations release management practices and observes inconsistent and inaccurate estimation of the size and complexity of business application development projects. Which of the following should the auditor recommend to address this issue?
Question376: As part of an audit response, an auditee has concerns with the recommendations and is hesitant to implement them. Which of the following is the BEST course of action for the IS auditor?
Question377: Which of the following indicates that an internal audit organization is structured to support the independence and clarity of the reporting process?
Question378: Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?
Question379: Which of the following should be considered when examining fire suppression systems as part of a data center environmental controls review?
Question380: In which phase of the audit life cycle process should an IS auditor initially discuss observations with management?
Question381: In which of the following sampling methods is the entire sample considered to be irregular if a single error is found?
Question382: A programmer has made unauthorized changes lo key fields in a payroll system report. Which of the following control weaknesses would have contributed MOST to this problem?
Question383: Which of the following is the MOST efficient control to reduce the risk associated with a systems administrator having network administrator responsibilities?
Question384: A startup organization wants to develop a data loss prevention (DLP) program. The FIRST step should be to implement:
Question385: Which type of attack poses the GREATEST risk to an organization's most sensitive data?
Question386: While auditing a small organization's data classification processes and procedures, an IS auditor noticed that data is often classified at the incorrect level. What is the MOST effective way for the organization to improve this situation?
Question387: Which of the following security testing techniques is MOST effective for confirming that inputs to a web application have been properly sanitized?
Question388: Which of the following threats is mitigated by a firewall?
Question389: A contract for outsourcing IS functions should always include:
Question390: When protecting the confidentiality of information assets, the MOST effective control practice is the:
Question391: One advantage of managing an entire collection of projects as a portfolio is that it highlights the need to:
Question392: Which of the following would present the GREATEST concern during a review of internal audit quality assurance (QA) and continuous improvement processes?
Question393: An IS auditor learns that an in-house system development life cycle (SDLC) project has not met user specifications. The auditor should FIRST examine requirements from which of the following phases?
Question394: What is the MAIN reason to use incremental backups?
Question395: Which of the following should be an IS auditor's PRIMARY consideration when determining which issues to include in an audit report?
Question396: Which of the following is the BEST recommendation by an IS auditor to prevent unauthorized access to Internet of Things (loT) devices'?
Question397: An IS auditor discovers an option in a database that allows the administrator to directly modify any table. This option is necessary to overcome bugs in the software, but is rarely used. Changes to tables are automatically logged. The IS auditor's FIRST action should be to:
Question398: During an incident management audit, an IS auditor finds that several similar incidents were logged during the audit period. Which of the following is the auditor's MOST important course of action?
Question399: Which of the following audit procedures would be MOST conclusive in evaluating the effectiveness of an e- commerce application system's edit routine?
Question400: Which of the following is the PRIMARY objective of enterprise architecture (EA)?
Question401: During the review of a system disruption incident, an IS auditor notes that IT support staff were put in a position to make decisions beyond their level of authority.
Which of the following is the BEST recommendation to help prevent this situation in the future?
Question402: When auditing the closing stages of a system development protect which of the following should be the MOST important consideration?
Question403: A source code repository should be designed to:
Question404: Which of the following would BEST help to ensure that an incident receives attention from appropriate personnel in a timely manner?
Question405: Which of the following is the GREATEST concern associated with a high number of IT policy exceptions approved by management?
Question406: When verifying the accuracy and completeness of migrated data for a new application system replacing a legacy system. It is MOST effective for an IS auditor to review;
Question407: In a small IT web development company where developers must have write access to production, the BEST recommendation of an IS auditor would be to:
Question408: What is the purpose of hashing a document?
Question409: An IS audit team is evaluating documentation of the most recent application user access review. It is determined that the user list was not system generated. Which of the following should be of MOST concern?
Question410: Which of the following weaknesses would have the GREATEST impact on the effective operation of a perimeter firewall?
Question411: Which of the following would be an appropriate role of internal audit in helping to establish an organization's privacy program?
Question412: Stress testing should ideally be carried out under a:
Question413: An organization has recently acquired and implemented intelligent-agent software for granting loans to customers. During the post-implementation review, which of the following is the MOST important procedure for the IS auditor to perform?
Question414: An auditee disagrees with a recommendation for corrective action that appears in the draft engagement report.
Which of the following is the IS auditor's BEST course of action when preparing the final report?
Question415: A credit card company has decided to outsource the printing of customer statements It Is MOST important for the company to verify whether:
Question416: Which of the following would BEST facilitate the successful implementation of an IT-related framework?
Question417: A review of IT interface controls finds an organization does not have a process to identify and correct records that do not get transferred to the receiving system. Which of the following is the IS auditor's BEST recommendation?
Question418: An IS auditor Is reviewing a recent security incident and is seeking information about me approval of a recent modification to a database system's security settings Where would the auditor MOST likely find this information?
Question419: Which of the following is the GREATEST risk related to the use of virtualized environments?
Question420: An organization has replaced all of the storage devices at its primary data center with new higher-capacity units The replaced devices have been installed at the disaster recovery site to replace older units An IS auditor s PRIMARY concern would be whether
Question421: Which of the following is the MOST effective control for protecting the confidentiality and integrity of data stored unencrypted on virtual machines?
Question422: Which of the following is the MOST efficient way to identify fraudulent activity on a set of transactions?
Question423: A global bank plans to use a cloud provider for backup of customer financial data. Which of the following should be the PRIMARY focus of this project?
Question424: Which of the following technologies is BEST suited to fulfill a business requirement for nonrepudiation of business-to-business transactions with external parties without the need for a mutually trusted entity?
Question425: Which of the following strategies BEST optimizes data storage without compromising data retention practices?
Question426: Which of the following is MOST important to determine when conducting an audit Of an organization's data privacy practices?
Question427: Which of the following should be the FIRST step when conducting an IT risk assessment?
Question428: Which of the following should be the GREATEST concern for an IS auditor reviewing recent disaster recovery operations?
Question429: Which of the following is the MOST important task of an IS auditor during an application post- implementation review?
Question430: An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported the auditee has stated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?
Question431: If a source code is not recompiled when program changes are implemented, which of the following is a compensating control to ensure synchronization of source and object?
Question432: The business case for an information system investment should be available for review until the:
Question433: An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Question434: Which of the following should be performed FIRST before key performance indicators (KPIs) can be implemented?
Question435: Management has decided to accept a risk in response to a draft audit recommendation. Which of the following should be the IS auditor's NEXT course of action?
Question436: During a disaster recovery audit, an IS auditor finds that a business impact analysis (BIA) has not been performed. The auditor should FIRST
Question437: Which of the following BEST enables an organization to improve the visibility of end-user computing (EUC) applications that support regulatory reporting?
Question438: Which of the following is an IS auditor's BEST recommendation to help an organization increase the efficiency of computing resources?
Question439: Which of the following would BEST ensure that a backup copy is available for restoration of mission critical data after a disaster''
Question440: Which of the following is an IS auditor's BEST approach when low-risk anomalies have been identified?
Question441: Which of the following would be of GREATEST concern to an IS auditor reviewing an IT-related customer service project?
Question442: Which of the following is the PRIMARY reason for using a digital signature?
Question443: Which of the following is an example of shadow IT?
Question444: When evaluating information security governance within an organization, which of the following findings should be of MOST concern to an IS auditor?
Question445: An organization is planning to implement a control self-assessment (CSA) program tor selected business processes Which of the following should be the role of the internal audit team for this program?
Question446: An IS auditor is planning a review of an organizations cybersecurity incident response maturity Which of the following methodologies would provide the MOST reliable conclusions?
Question447: Which of the following is the GREATEST risk associated with utilizing spreadsheets for financial reporting in end-user computing (EUC)?
Question448: Which of the following is a social engineering attack method?
Question449: Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization's information security governance?
Question450: Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?
Question451: An IS auditor learns that an organization's business continuity plan (BCP) has not been updated in the last 18 months and that the organization recently closed a production plant. Which of the following is the auditor's BEST course of action?
Question452: Which of the following is a method to prevent disclosure of classified documents printed on a shared printer?
Question453: Which of the following should be the PRIMARY basis for prioritizing follow-up audits?
Question454: Which of the following is the GREATEST concern related to an organization's data classification processes?
Question455: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?
Question456: An IS auditor is performing a follow-up audit for findings identified in an organization's user provisioning process. Which of the following is the MOST appropriate population to sample from when testing for remediation?
Question457: Which of the following is the MOST important area of focus for an IS auditor when developing a risk-based audit strategy?
Question458: An organization's strategy to source certain IT functions from a software as a service (SaaS) provider should be approved by the:
Question459: Which of the following is the GREATEST risk associated with storing customer data on a web server?
Question460: An IS auditor observes that a business-critical application does not currently have any level of fault tolerance.
Which of the following is the GREATEST concern with this situation?
Question461: Which of the following is the BEST recommendation to drive accountability for achieving the desired outcomes specified in a benefits realization plan for an IT project?
Question462: An IS auditor finds a user account where privileged access is not appropriate for the user's role. Which of the following would provide the BEST evidence to determine whether the risk of this access has been exploited?
Question463: An IS auditor discovers that a developer has used the same key to grant access to multiple applications making calls to an application programming interface (API). Which of the following is the BEST recommendation to address this situation?
Question464: Which of the following is the MOST important consideration when establishing operational log management?
Question465: An IS auditor is reviewing an organization's cloud access security broker (CASB) solution. Which ofthe following is MOST important for the auditor to verify?
Question466: Which of the following is MOST important to define within a disaster recovery plan (DRP)?
Question467: An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that
Question468: Which of the following provides a new IS auditor with the MOST useful information to evaluate overall IT performance?
Question469: During an exit meeting, an IS auditor highlights that backup cycles
are being missed due to operator error and that these exceptions
are not being managed. Which of the following is the BEST way to
help management understand the associated risk?
Question470: The PRIMARY reason for an IS auditor to use data analytics techniques is to reduce which type of audit risk?
Question471: An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
Question472: Which of the following should be the PRIMARY objective of conducting an audit follow-up of management action plans?
Question473: Which of the following BEST facilitates the legal process in the event of an incident?
Question474: With regard to resilience, which of the following is the GREATEST risk to an organization that has implemented a new critical system?
Question475: Which of the following BEST indicates that the effectiveness of an organization's security awareness program has improved?
Question476: In the development of a new financial application, the IS auditor's FIRST involvement should be in the:
Question477: An IS auditor should ensure that an application's audit trail:
Question478: Which of the following is the BEST reason for software developers to use automated testing versus manual testing?
Question479: Providing security certification for a new system should include which of the following prior to the system's implementation?
Question480: An IS auditor is reviewing a medical device that is attached to a patient's body, which automatically takes and uploads measurements to a cloud server. Treatment may be updated based on the measurements. Which of the following should be the auditor's PRIMARY focus?
Question481: The BEST way to evaluate the effectiveness of a newly developed application is to:
Question482: When reviewing a project to replace multiple manual data entry systems with an artificial intelligence (Al) system, the IS auditor should be MOST concerned with the impact Al will have on
Question483: Which of the following is the PRIMARY objective of cyber resiliency?
Question484: A steering committee established to oversee an organization's digital transformation program is MOSTlikely to be involved with which of the following activities?
Question485: An organization establishes capacity utilization thresholds and monitors for instances when thresholds are exceeded. Which of the following is BEST supported by this activity?
Question486: An IS auditor can BEST evaluate the business impact of system failures by:
Question487: An IS auditor has completed the fieldwork phase of a network security review and is preparing the initial following findings should be ranked as the HIGHEST risk?
Question488: An IS auditor is reviewing an organization's primary router access control list. Which of the following should result in a finding?
Question489: During a follow-up audit, an IS auditor finds that some critical recommendations have the IS auditor's BEST course of action?
Question490: Which of the following is the PRIMARY advantage of using virtualization technology for corporate applications?
Question491: Which of the following is the MOST important consideration when evaluating the data retention policy for a global organization with regional offices in multiple countries?
Question492: Which of the following would be MOST impacted if an IS auditor were to assist with the implementation of recommended control enhancements?
Question493: IT disaster recovery time objectives (RTOs) should be based on the:
Question494: A new system development project is running late against a critical implementation deadline. Which of the following is the MOST important activity?
Question495: Coding standards provide which of the following?
Question496: Which of the following is a concern associated with virtualization?
Question497: An IS auditor discovers a box of hard drives in a secured location that are overdue for physical destruction.
The vendor responsible for this task was never made aware of these hard drives.
Which of the following is the BEST course of action to address this issue?
Question498: Which of the following is the BEST way to verify the effectiveness of a data restoration process?
Question499: During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective. Which of the following is the auditor's BEST action?
Question500: An organization is planning to implement a work-from-home policy that allows users to work remotely as needed. Which of the following is the BEST solution for ensuring secure remote access to corporate resources?
Question501: An organization used robotic process automation (RPA) technology to develop software bots that extract data from various sources for input into a legacy financial application. Which of the following should be of GREATEST concern to an IS auditor when reviewing the software bot job scheduling and production process automation?
Question502: Which of the following should be an IS auditor's PRIMARY focus when evaluating the response process for cybercrimes?
Question503: An IT governance body wants to determine whether IT service delivery is based on consistently effective processes. Which of the following is the BEST approach?
Question504: Which of the following should an IS auditor use when verifying a three-way match has occurred in an enterprise resource planning (ERR) system?
Question505: Having knowledge in which of the following areas is MOST relevant for an IS auditor reviewing public key infrastructure (PKI)?
Question506: An IS auditor is reviewing the security of a web-based customer relationship management (CRM) system that is directly accessed by customers via the Internet, which of the following should be a concern for the auditor?
Question507: When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?
Question508: A web proxy server for corporate connections to external resources reduces organizational risk by:
Question509: Which of the following findings should be of GREATEST concern to an IS auditor performing a review of IT operations?
Question510: Which of the following is the MOST efficient solution for a multi-location healthcare organization that wants to be able to access patient data wherever patients present themselves for care?
Question511: Which of the following provides the MOST protection against emerging threats?
Question512: Which of the following BEST guards against the risk of attack by hackers?
Question513: Demonstrated support from which of the following roles in an organization has the MOST influence over information security governance?
Question514: Management is concerned about sensitive information being intentionally or unintentionally emailed as attachments outside the organization by employees. What is the MOST important task before implementing any associated email controls?
Question515: Which of the following is the BEST metric to measure the quality of software developed in an organization?
Question516: Which of the following should be an IS auditor's GREATEST concern when an international organization intends to roll out a global data privacy policy?
Question517: Which of the following provides an IS auditor assurance that the interface between a point-of-sale (POS) system and the general ledger is transferring sales data completely and accurately?
Question518: Which of the following types of environmental equipment will MOST likely be deployed below the floor tiles of a data center?
Question519: Control self-assessments (CSAs) can be used to:
Question520: Which of the following is a threat to IS auditor independence?
Question521: Which of the following is the BEST indicator of the effectiveness of signature-based intrusion detection systems (lDS)?
Question522: An organization has assigned two new IS auditors to audit a new system implementation. One of the auditors has an IT-related degree, and one has a business degree. Which of the following is MOST important to meet the IS audit standard for proficiency?
Question523: An IS auditor has been tasked with analyzing an organization's capital expenditures against its repair and maintenance costs. Which of the following is the BEST reason to use a data analytics tool for this purpose?
Question524: Which of the following BEST enables an IS auditor to confirm the batch processing to post transactions from an input source is successful?
Question525: Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:
Question526: To reduce operational costs, IT management plans to reduce the number of servers currently used to run business applications. Which of the following is MOST helpful to review when identifying which servers are no longer required?
Question527: The PRIMARY reason to assign data ownership for protection of data is to establish:
Question528: What should an IS auditor recommend to management as the MOST important action before selecting a Software as a Service (SaaS) vendor?
Question529: Effective separation of duties in an online environment can BEST be achieved by utilizing:
Question530: Which of the following BEST mitigates the risk associated with the deployment of a new production system?
Question531: Which of the following BEST minimizes performance degradation of servers used to authenticate users of an e-commerce website?
Question532: Management receives information indicating a high level of risk associated with potential flooding near the organization's data center within the next few years. As a result, a decision has been made to move data center operations to another facility on higher ground. Which approach has been adopted?
Question533: Which of the following controls helps to ensure that data extraction queries run by the database administrator (DBA) are monitored?
Question534: Which of the following tasks would cause the GREATEST segregation of duties (SoD) concern if performed by the person who reconciles the organization's device inventory?
Question535: Email required for business purposes is being stored on employees' personal devices.
Which of the following is an IS auditor's BEST recommendation?
Question536: In an annual audit cycle, the audit of an organization's IT department resulted in many findings. Which of the following would be the MOST important consideration when planning the next audit?
Question537: When auditing IT organizational structure, which of the following findings presents the GREATEST risk to an organization?
Question538: During a follow-up engagement, an IS auditor confirms evidence of a problem that was not an issue in the original audit. Which of the following is the auditor's BEST course of action?
Question539: Which of the following is the MOST important prerequisite for implementing a data loss prevention (DLP) tool?
Question540: Following a merger, a review of an international organization determines the IT steering committee's decisions do not extend to regional offices as required in the consolidated IT operating model. Which of the following is the IS auditor's BEST recommendation?
Question541: Which of the following should be of GREATEST concern to an IS auditor when auditing an organization's IT strategy development process?
Question542: Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?
Question543: As part of the architecture of virtualized environments, in a bare metal or native visualization the hypervisor runs without:
Question544: During which stage of the penetration test cycle does the tester utilize identified vulnerabilities to attempt to access the target system?
Question545: Which of the following concerns is BEST addressed by securing production source libraries?
Question546: Which of the following backup methods is MOST appropriate when storage space is limited?
Question547: Which of the following would BEST guide an IS auditor when determining an appropriate time to schedule the follow-up of agreed corrective actions for reported audit issues?
Question548: Which of the following is MOST important to consider when assessing the scope of privacy concerns for an IT project?
Question549: An IS auditor notes that several employees are spending an excessive amount of time using social media sites for personal reasons. Which of the following should the auditor recommend be performed FIRST?
Question550: Which of the following is the PRIMARY reason to involve IS auditors in the software acquisition process?
Question551: Which of the following is MOST important to determine during the planning phase of a cloud-based messaging and collaboration platform acquisition?
Question552: An IS auditor is reviewing an organization's information asset management process. Which of the following would be of GREATEST concern to the auditor?
Question553: Which of the following BEST describes a digital signature?
Question554: During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:
Question555: Which of the following is MOST important to consider when reviewing an organization's defined data backup and restoration procedures?
Question556: Which of the following is the BEST approach for determining the overall IT risk appetite of an organization when business units use different methods formanaging IT risks?
Question557: Which of the following is the PRIMARY advantage of using an automated security log monitoring tool over a manual review to monitor the use of privileged access?
Question558: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?
Question559: What type of control has been implemented when secure code reviews are conducted as part of a deployment program?