EMT Practice Test

1. Question Content...


Question List

Question1: An IS audit reveals an IT application is experiencing poor performance including data inconsistency and integrity issues. What is the MOST likely cause?

Question2: Which of the following should be of GREATEST concern to an IS auditor reviewing a network printer disposal process?

Question3: Which of the following should be done FIRST to minimize the risk of unstructured data?

Question4: An IS auditor identifies that a legacy application to be decommissioned in three months cannot meet the security requirements established by the current policy. What is the BEST way (or the auditor to address this issue?

Question5: An IS auditor discovers that backups of critical systems are not being performed in accordance with the recovery point objective (RPO) established in the business continuity plan (BCP). What should the auditor do NEXT?

Question6: An organization requires the use of a key card to enter its data center. Recently, a control was implemented that requires biometric authentication for each employee. Which type of control has been added?

Question7: Which of the following provides an IS auditor assurance that the interface between a point-of-sale (POS) system and the general ledger is transferring sales data completely and accurately?

Question8: An organization wants to use virtual desktops to deliver corporate applications to its end users. Which of the following should an IS auditor recommend to prevent domain name system (DNS) poisoning in their cloud environment?

Question9: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?

Question10: In which phase of the internal audit process is contact established with the individuals responsible for the business processes in scope for review?

Question11: IT disaster recovery time objectives (RTOs) should be based on the:

Question12: Which of the following should be the GREATEST concern to an IS auditor reviewing the information security framework of an organization?

Question13: Which of the following would be the GREATEST concern for an IS auditor conducting a pre-implementation review of a data loss prevention (DLP> tool?

Question14: Which of the following is MOST important for an effective control self-assessment (CSA) program?

Question15: What is the PRIMARY benefit of using one-time passwords?

Question16: In an area susceptible to unexpected increases in electrical power, which of the following would MOST effectively protect the system?

Question17: When protecting the confidentiality of information assets, the MOST effective control practice is the:

Question18: What should an IS auditor recommend to management as the MOST important action before selecting a Software as a Service (SaaS) vendor?

Question19: When an intrusion into an organization's network is detected, which of the following should be done FIRST?

Question20: Which of the following is the MOST important factor when an organization is developing information security policies and procedures?

Question21: The MOST important measure of the effectiveness of an organization's security program is the:

Question22: An organization's information security policies should be developed PRIMARILY on the basis of:

Question23: An IS auditor is assigned to review the IS department s quality procedures. Upon contacting the IS manager, the auditor finds that there is an informal unwritten set of standards Which of the following should be the auditor's NEXT action1?

Question24: An organization has assigned two new IS auditors to audit a new system implementation. One of the auditors has an IT-related degree, and one has a business degree. Which of the following is MOST important to meet the IS audit standard for proficiency?

Question25: An external attacker spoofing an internal Internet Protocol (IP) address can BEST be detected by which of the following?

Question26: Which of the following is the BEST methodology to use for estimating the complexity of developing a large business application?

Question27: An IS audit manager is preparing the staffing plan for an audit engagement of a cloud service provider. What should be the manager's PRIMARY concern when being made aware that a new auditor in the department previously worked for this provider?

Question28: Which of the following would be the GREATEST concern during a financial statement audit?

Question29: Which of the following audit procedures would provide the BEST assurance that an application program is functioning as designed?

Question30: An IS auditor has been tasked with auditing the inventory control process for a large organization that processes millions of data transactions. Which of the following is the BEST testing strategy to adopt?

Question31: Which of the following presents the GREATEST risk associated with end-user computing (EUC) applica- tions over financial reporting?

Question32: Which of the following is the PRIMARY reason to involve IS auditors in the software acquisition process?

Question33: The PRIMARY purpose of requiring source code escrow in a contractual agreement is to:

Question34: Which of the following is the GREATEST advantage of utilizing guest operating systems m a virtual environment?

Question35: A configuration management audit identified that predefined automated procedures are used when deploying and configuring application infrastructure in a cloud-based environment. Which of the following is MOST important for the IS auditor to review?

Question36: The waterfall life cycle model of software development is BEST suited for which of the following situations?

Question37: An organization has outsourced its data processing function to a service provider. Which of the following would BEST determine whether the service provider continues to meet the organization s objectives?

Question38: The record-locking option of a database management system (DBMS) serves to.

Question39: Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organization's information security policy?

Question40: Which of the following is MOST effective for controlling visitor access to a data center?

Question41: Which of the following methods will BEST reduce the risk associated with the transition to a new system using technologies that are not compatible with the old system?

Question42: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?

Question43: Which of the following is the BEST preventive control to protect the confidentiality of data on a corporate smartphone in the event it is lost?

Question44: Which of the following can BEST reduce the impact of a long-term power failure?

Question45: An IS auditor discovers that due to resource constraints a database administrator (DBA) is responsible for developing and executing changes into the production environment Which ot the following should the auditor do FIRSTS

Question46: What is MOST important to verify during an external assessment of network vulnerability?

Question47: During audit planning, the IS audit manager is considering whether to budget for audits of entities regarded by the business as having low risk. Which of the following is the BEST course of action in this situation?

Question48: In which of the following sampling methods is the entire sample considered to be irregular if a single error is found?

Question49: Which of the following BEST enables the timely identification of risk exposure?

Question50: Which of the following should an IS auditor be MOST concerned with when a system uses RFID?

Question51: An IS auditor is reviewing an organization's primary router access control list. Which of the following should result in a finding?

Question52: Which of the following is the PRIMARY role of key performance indicators (KPIs) in supporting business process effectiveness?

Question53: Which of the following staff should an IS auditor interview FIRST to obtain a general overview of the various technologies used across different programs?

Question54: An organization's security policy mandates that all new employees must receive appropriate security awareness training. Which of the following metrics would BEST assure compliance with this policy?

Question55: Which of the following technology trends can lead to more robust data loss prevention (DLP) tools?

Question56: Which of the following is the MOST important task of an IS auditor during an application post- implementation review?

Question57: During an audit of a financial application, it was determined that many terminated users' accounts were not disabled. Which of the following should be the IS auditor's NEXT step?

Question58: Which of the following findings related to segregation of duties should be of GREATEST concern to an IS auditor?

Question59: Which of the following is the PRIMARY reason to follow a configuration management process to maintain application?

Question60: Which of the following is the MOST effective control for protecting the confidentiality and integrity of data stored unencrypted on virtual machines?

Question61: Which of the following is MOST important to ensure when developing an effective security awareness program?

Question62: An IS auditor is preparing a plan for audits to be carried out over a specified period. Which of the following activities should the IS auditor perform FIRST?

Question63: Which of the following would the IS auditor MOST likely review to determine whether modifications to the operating system parameters were authorized?

Question64: Which of the following findings should be of GREATEST concern to an IS auditor performing a review of IT operations?

Question65: Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organization's information security policy?

Question66: Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?

Question67: An IS auditor should be MOST concerned if which of the following fire suppression systems is utilized to protect an asset storage closet?

Question68: During an audit, the IS auditor finds that in many cases excessive rights were not removed from a system.
Which of the following is the auditor's BEST recommendation?

Question69: Which of the following would BEST protect the confidentiality of sensitive data in transit between multiple offices?

Question70: When physical destruction IS not practical, which of the following is the MOST effective means of disposing of sensitive data on a hard disk?

Question71: Which of the following is the MOST appropriate responsibility of an IS auditor involved in a data center renovation project?

Question72: An IS auditor is reviewing an artificial intelligence (Al) and expert system application. The system has produced several critical errors with severe impact. Which of the following should the IS auditor do NEXT to understand the cause of the errors?

Question73: The operations team of an organization has reported an IS security attack Which of the following should be the FIRST step for the security incident response team?

Question74: A security review focused on data loss prevention (DLP) revealed the organization has no visibility to data stored in the cloud. What is the IS auditor's BEST recommendation to address this issue?

Question75: Which of the following is the MAIN objective of enterprise architecture (EA) governance?

Question76: Which of the following provides the MOST reliable method of preventing unauthonzed logon?

Question77: An IS auditor learns a server administration team regularly applies workarounds to address repeated failures of critical data processing services Which of the following would BEST enable the organization to resolve this issue?

Question78: Which of the following BEST describes an audit risk?

Question79: The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure:

Question80: Which of the following is the PRIMARY objective of enterprise architecture (EA)?

Question81: Which of the following would be of GREATEST concern to an IS auditor reviewing the feasibility study for a new application system?

Question82: Which of the following protocols should be used when transferring data via the internet?

Question83: Which of the following will MOST likely compromise the control provided By a digital signature created using RSA encryption?

Question84: Which of the following measures BEST mitigates the risk of data exfiltration during a cyberattack?

Question85: When a data center is attempting to restore computing facilities at an alternative site following a disaster, which of the following should be restored FIRST?

Question86: Which of the following is the MOST effective accuracy control for entry of a valid numeric part number?

Question87: An IS auditor is planning a review of an organizations cybersecurity incident response maturity Which of the following methodologies would provide the MOST reliable conclusions?

Question88: How does a continuous integration/continuous development (CI/CD) process help to reduce software failure risk?

Question89: Which of the following application input controls would MOST likely detect data input errors in the customer account number field during the processing of an accounts receivable transaction?

Question90: An IS auditor finds that an organization's data loss prevention (DLP) system is configured to use vendor default settings to identify violations. The auditor's MAIN concern should be that:

Question91: Which of the following are used in a firewall to protect the entity's internal resources?

Question92: Which of the following should an IS auditor recommend be done FIRST when an organization is planning to implement an IT compliance program?

Question93: Which of the following would minimize the risk of losing transactions as a result of a disaster?

Question94: Which of the following BEST supports the effectiveness of a compliance program?

Question95: Which of the following is found in an audit charter?

Question96: Which of the following BEST indicates a need to review an organization's information security policy?

Question97: Which of the following is the BEST way to mitigate risk to an organization's network associated with devices permitted under a bring your own device (BYOD) policy?

Question98: A new system is being developed by a vendor for a consumer service organization. The vendor will provide its proprietary software once system development is completed Which of the following is the MOST important requirement to include In the vendor contract to ensure continuity?

Question99: Which of the following should be the PRIMARY focus when communicating an IS audit issue to management?

Question100: An IS auditor is reviewing a decision to consolidate processing for multiple applications onto a single large server. Which of the following is the MOST significant impact from this decision?

Question101: An organization's strategy to source certain IT functions from a software as a service (SaaS) provider should be approved by the:

Question102: An organization has shifted from a bottom-up approach to a top-down approach in the development of IT policies. This should result in:

Question103: Which of the following represents the HIGHEST level of maturity of an information security program?

Question104: Which of the following should be an IS auditor's GREATEST concern when an international organization intends to roll out a global data privacy policy?

Question105: An IS auditor is supporting a forensic investigation. An image of affected storage media has been captured while collecting digital forensic evidence. Which of the following techniques would BEST enable an IS auditor to verify that the captured image is an exact, unchanged replica of the original media?

Question106: Which of the following components of a risk assessment is MOST helpful to management in determining the level of risk mitigation to apply?

Question107: Which of the following is the BEST source of information for examining the classification of new data?

Question108: Backup procedures for an organization's critical data are considered to be which type of control?

Question109: Which of the following is the BEST indication to an IS auditor that management's post-implementation review was effective?

Question110: In an IT organization where many responsibilities are shared which of the following is the BEST control for detecting unauthorized data changes?

Question111: When reviewing the functionality of an intrusion detection system (IDS), the IS auditor should be MOST concerned if:

Question112: Which of the following should be considered when examining fire suppression systems as part of a data center environmental controls review?

Question113: Who is responsible for defining data access permissions?

Question114: Audit frameworks can assist the IS audit function by:

Question115: What is the BEST way to reduce the risk of inaccurate or misleading data proliferating through business intelligence systems?

Question116: An organization has recently acquired and implemented intelligent-agent software for granting loans to customers. During the post-implementation review, which of the following is the MOST important procedure for the IS auditor to perform?

Question117: An IS auditor is reviewing database fields updated in real-time and displayed through other applications in multiple organizational functions. When validating business approval for these various use cases, which of the following sources of information would be the BEST starting point?

Question118: Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?

Question119: During which phase of the software development life cycle is it BEST to initiate the discussion of application controls?

Question120: Which of the following fire suppression systems needs to be combined with an automatic switch to shut down the electricity supply in the event of activation?

Question121: Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?

Question122: Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:

Question123: Which of the following is the MOST important reason to classify a disaster recovery plan (DRP) as confidential?

Question124: Of the following who should be responsible for cataloging and inventorying robotic process automation (RPA) processes?

Question125: During a routine internal software licensing review, an IS auditor discovers instances where employees shared license keys to critical pieces of business software. Which of the following would be the auditor's BEST course of action?

Question126: When reviewing a project to replace multiple manual data entry systems with an artificial intelligence (Al) system, the IS auditor should be MOST concerned with the impact Al will have on

Question127: Which of the following is MOST important to ensure when planning a black box penetration test?

Question128: Which of the following should be of GREATEST concern to an IS auditor reviewing project documentation for a client relationship management (CRM) system migration project?

Question129: In an environment where data virtualization is used, which of the following provides the BEST disaster recovery solution?

Question130: Which of the following findings should be of GREATEST concern for an IS auditor when auditing the effectiveness of a phishing simu-lation test administered for staff members?

Question131: Which of the following BEST describes a digital signature?

Question132: An IS auditor is assigned to perform a post-implementation review of an application system. Which of the following would impair the auditor's independence?

Question133: A small organization is experiencing rapid growth and plans to create a new information security policy.
Which of the following is MOST relevant to creating the policy?

Question134: An incident response team has been notified of a virus outbreak in a network subnet. Which of the following should be the NEXT step?

Question135: A web application is developed in-house by an organization. Which of the following would provide the BEST evidence to an IS auditor that the application is secure from external attack?

Question136: An internal audit department recently established a quality assurance (QA) program. Which of the following activities Is MOST important to include as part of the QA program requirements?

Question137: During a physical security audit, an IS auditor was provided a proximity badge that granted access to three specific floors in a corporate office building. Which of the following issues should be of MOST concern?

Question138: Which of the following control measures is the MOST effective against unauthorized access of confidential information on stolen or lost laptops?

Question139: Which of the following is the MAJOR advantage of automating internal controls?

Question140: Which of the following is the MOST important consideration of any disaster response plan?

Question141: Which of the following concerns is BEST addressed by securing production source libraries?

Question142: Which of the following BEST ensures that effective change management is in place in an IS environment?

Question143: Which of the following would MOST effectively ensure the integrity of data transmitted over a network?

Question144: Which of the following tests would provide the BEST assurance that a health care organization is handling patient data appropriately?

Question145: An IS auditor finds that a key Internet-facing system is vulnerable to attack and that patches are not available.
What should the auditor recommend be done FIRST?

Question146: Which of the following is the MOST important reason for an IS auditor to examine the results of a post- incident review performed after a security incident?

Question147: An organization's business continuity plan (BCP) should be:

Question148: Which of the following backup methods is MOST appropriate when storage space is limited?

Question149: Which of the following would BEST determine whether a post-implementation review (PIR) performed by the project management office (PMO) was effective?

Question150: Which of the following would be an appropriate role of internal audit in helping to establish an organization's privacy program?

Question151: Audit frameworks cart assist the IS audit function by:

Question152: An IS auditor is providing input to an RFP to acquire a financial application system. Which of the following is MOST important for the auditor to recommend?

Question153: The following findings are the result of an IS auditor's post-implementation review of a newly implemented system. Which of the following findings is of GREATEST significance?

Question154: In order for a firewall to effectively protect a network against external attacks, what fundamental practice must be followed?

Question155: Which of the following criteria is MOST important for the successful delivery of benefits from an IT project?

Question156: Which of the following would provide the BEST evidence of an IT strategy corrections effectiveness?

Question157: An organization's security team created a simulated production environment with multiple vulnerable applications. What would be the PRIMARY purpose of creating such an environment?

Question158: Which of the following BEST enables an IS auditor to confirm the batch processing to post transactions from an input source is successful?

Question159: An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?

Question160: An organization outsourced its IS functions to meet its responsibility for disaster recovery, the organization should:

Question161: Which of the following technologies has the SMALLEST maximum range for data transmission between devices?

Question162: Which of the following is MOST important during software license audits?

Question163: Following an IT audit, management has decided to accept the risk highlighted in the audit report. Which of the following would provide the MOST assurance to the IS auditor that management is adequately balancing the needs of the business with the need to manage risk?

Question164: An organization's sensitive data is stored in a cloud computing environment and is encrypted. Which of the following findings should be of GREATEST concern to an IS auditor?

Question165: When drafting a disaster recovery strategy, what should be the MOST important outcome of a business impact analysis (BIA)?

Question166: An IS auditor is tasked to review an organization's plan-do-check-act (PDCA) method for improving IT-related processes and wants to determine the accuracy of defined targets to be achieved. Which of the following steps in the PDCA process should the auditor PRIMARILY focus on in this situation?

Question167: Transaction records from a business database were inadvertently deleted, and system operators decided to restore from a snapshot copy. Which of the following provides assurance that the BEST transactions were recovered successfully?

Question168: Which of the following is the BEST method to maintain an audit trail of changes made to the source code of a program?

Question169: Which of the following cloud capabilities BEST enables an organization to meet unexpectedly high service demand?

Question170: Which of the following BEST facilitates the legal process in the event of an incident?

Question171: Which of the following controls would BEST help a forensic investigator prevent modifications in digital evidence?

Question172: A bank has a combination of corporate customer accounts (higher monetary value) and small business accounts (lower monetary value) as part of online banking. Which of the following is the BEST sampling approach for an IS auditor to use for these accounts?

Question173: What is the Most critical finding when reviewing an organization's information security management?

Question174: Which of the following is the GREATEST advantage of vulnerability scanning over penetration testing?

Question175: Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?

Question176: Which of the following should be an IS auditor's GREATEST concern when a data owner assigns an incorrect classification level to data?

Question177: Which of the following is the MOST important consideration for patching mission critical business application servers against known vulnerabilities?

Question178: A review of Internet security disclosed that users have individual user accounts with Internet service providers (ISPs) and use these accounts for downloading business data. The organization wants to ensure that only the corporate network is used. The organization should FIRST:

Question179: Which of the following BEST enables an organization to improve the effectiveness of its incident response team?

Question180: An IS auditor wants to verify alignment of the organization's business continuity plan (BCP) with the business strategy. Which of the following would be MOST helpful to review?

Question181: Which of the following is the BEST method to safeguard data on an organization's laptop computers?

Question182: Which type of testing is used to identify security vulnerabilities in source code in the development environment?

Question183: Which of the following should be an IS auditor's PRIMARY focus when auditing the implementation of a new IT operations performance monitoring system?

Question184: Which of the following is the PRIMARY role of the IS auditor m an organization's information classification process?

Question185: Which of the following issues associated with a data center's closed-circuit television (CCTV) surveillance cameras should be of MOST concern to an IS auditor?

Question186: Which of the following should be an IS auditor's PRIMARY focus when developing a risk-based IS audit program?

Question187: Which of the following should be of GREATEST concern for an IS auditor reviewing an organization's disaster recovery plan (DRP)?

Question188: Which of the following is MOST important for an IS auditor to look
for in a project feasibility study?

Question189: If a source code is not recompiled when program changes are implemented, which of the following is a compensating control to ensure synchronization of source and object?

Question190: An organization is modernizing its technology policy framework to demonstrate compliance with external industry standards. Which of the following would be MOST useful to an IS auditor for validating the outcome?

Question191: A security administrator is called in the middle of the night by the on-call programmer A number of programs have failed, and the programmer has asked for access to the live system. What IS the BEST course of action?

Question192: An IS auditor is following up on prior period items and finds management did not address an audit finding.
Which of the following should be the IS auditor's NEXT course of action?

Question193: Which of the following should be an IS auditor's GREATEST concern when an international organization intends to roll out a global data privacy policy?

Question194: An organization implemented a cybersecurity policy last year Which of the following is the GREATE ST indicator that the policy may need to be revised?

Question195: Which of the following is the MOST important consideration to facilitate prosecution of a perpetrator after a cybercrime?

Question196: Which of the following weaknesses would have the GREATEST impact on the effective operation of a perimeter firewall?

Question197: An IS auditor will be testing accounts payable controls by performing data analytics on the entire population of transactions. Which of the following is MOST important for the auditor to confirm when sourcing the population data?

Question198: Which of the following areas of responsibility would cause the GREATEST segregation of duties conflict if the individual who performs the related tasks also has approval authority?

Question199: Which of the following backup schemes is the BEST option when storage media is limited?

Question200: Which of the following is MOST helpful for measuring benefits realization for a new system?

Question201: During audit framework. an IS auditor teams that employees are allowed to connect their personal devices to company-owned computers. How can the auditor BEST validate that appropriate security controls are in place to prevent data loss?

Question202: An IS auditor is reviewing how password resets are performed for users working remotely. Which type of documentation should be requested to understand the detailed steps required for this, activity?

Question203: Which of the following is the MOST appropriate testing approach when auditing a daily data flow between two systems via an automated interface to confirm that it is complete and accurate?

Question204: Which of the following BEST protects evidence in a forensic investigation?

Question205: An IS auditor performs a follow-up audit and learns the approach taken by the auditee to fix the findings differs from the agreed-upon approach confirmed during the last audit. Which of the following should be the auditor's NEXT course of action?

Question206: An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner. Which of the following is the auditor's BEST recommendation?

Question207: During an audit of a multinational bank's disposal process, an IS auditor notes several findings. Which of the following should be the auditor's GREATEST concern?

Question208: A steering committee established to oversee an organization's digital transformation program is MOSTlikely to be involved with which of the following activities?

Question209: Which of the following provides IS audit professionals with the BEST source of direction for performing audit functions?

Question210: The performance, risks, and capabilities of an IT infrastructure are BEST measured using a:

Question211: In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?

Question212: What would be an IS auditor's BEST course of action when an auditee is unable to close all audit recommendations by the time of the follow-up audit?

Question213: Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?

Question214: Which of the following is the PRIMARY basis on which audit objectives are established?

Question215: Which of the following should an IS auditor recommend be done FIRST when an organization is made aware of a new regulation that is likely to impact IT security requirements?

Question216: An IS auditor is reviewing an organization that performs backups on local database servers every two weeks and does not have a formal policy to govern data backup and restoration procedures. Which of the following findings presents the GREATEST risk to the organization?

Question217: Which of the following should be the FIRST consideration when deciding whether data should be moved to a cloud provider for storage?

Question218: An IS auditor engaged in developing the annual internal audit plan learns that the chief information officer (CIO) has requested there be no IS audits in the upcoming year as more time is needed to address a large number of recommendations from the previous year. Which of the following should the auditor do FIRST

Question219: Which of the following provides the BEST audit evidence that a firewall is configured in compliance with the organization's security policy?

Question220: Which of the following is the PRIMARY purpose of obtaining a baseline image during an operating system audit?

Question221: Which of the following physical controls provides the GREATEST assurance that only authorized individuals can access a data center?

Question222: Which of the following is the GREATEST risk associated with hypervisors in virtual environments?

Question223: Which of the following is MOST helpful to an IS auditor reviewing the alignment of planned IT budget with the organization's goals and strategic objectives?

Question224: When planning an audit, it is acceptable for an IS auditor to rely on a third-party provider's external audit report on service level management when the

Question225: An IS auditor has been tasked to review the processes that prevent fraud within a business expense claim system. Which of the following stakeholders is MOST important to involve in this review?

Question226: During which stage of the penetration test cycle does the tester utilize identified vulnerabilities to attempt to access the target system?

Question227: An IS auditor is evaluating an organization's IT strategy and plans. Which of the following would be of GREATEST concern?

Question228: Which of the following BEST enables an organization to standardize its IT infrastructure to align with business goals?

Question229: Which of the following approaches will ensure recovery time objectives (RTOs) are met for an organization's disaster recovery plan (DRP)?

Question230: An auditee disagrees with a recommendation for corrective action that appears in the draft engagement report.
Which of the following is the IS auditor's BEST course of action when preparing the final report?

Question231: During a database management evaluation an IS auditor discovers that some accounts with database administrator (DBA) privileges have been assigned a default password with an unlimited number of failed login attempts Which of the following is the auditor's BEST course of action?

Question232: What would be the PRIMARY reason an IS auditor would recommend replacing universal PIN codes with an RFID access card system at a data center?

Question233: Which of the following should be identified FIRST during the risk assessment process?

Question234: An organization allows programmers to change production systems in emergency situations without seeking prior approval. Which of the following controls should an IS auditor consider MOST important?

Question235: Which of the following would MOST effectively help to reduce the number of repealed incidents in an organization?

Question236: Which of the following is the BEST way to enforce the principle of least privilege on a server containing data with different security classifications?

Question237: An organization is disposing of a system containing sensitive data and has deleted all files from the hard disk.
An IS auditor should be concerned because:

Question238: Which of the following should be of GREATEST concern to an IS auditor who is assessing an organization's configuration and release management process?

Question239: An IS auditor Is renewing the deployment of a new automated system Which of the following findings presents the MOST significant risk?

Question240: Which of the following provides the BEST providence that outsourced provider services are being properly managed?

Question241: Which of the following findings would be of GREATEST concern to an IS auditor assessing an organization's patch management process?

Question242: Which type of review is MOST important to conduct when an IS auditor is informed that a recent internal exploitation of a bug has been discovered in a business application?

Question243: Which of the following is a PRIMARY benefit of using risk assessments to determine areas to be included in an audit plan?

Question244: An IS auditor is reviewing the security of a web-based customer relationship management (CRM) system that is directly accessed by customers via the Internet, which of the following should be a concern for the auditor?

Question245: A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?

Question246: An IS auditor has been asked to review the integrity of data transfer between two business-critical systems that have not been tested since implementation. Which of the following would provide the MOST useful information to plan an audit?

Question247: A vendor requires privileged access to a key business application. Which of the following is the BEST recommendation to reduce the risk of data leakage?

Question248: When planning an audit to assess application controls of a cloud-based system, it is MOST important tor the IS auditor to understand the.

Question249: Which of the following BEST enables an organization to improve the visibility of end-user computing (EUC) applications that support regulatory reporting?

Question250: An organization plans to replace its nightly batch processing backup to magnetic tape with real-time replication to a second data center. Which of the following is the GREATEST risk associated with this change?

Question251: An IS auditor is evaluating the progress of a web-based customer service application development project.
Which of the following would be MOST helpful for this evaluation?

Question252: Which of the following is the GREATEST risk associated with lack of IT involvement in the organization's strategic planning initiatives?

Question253: An IS auditor determines that the vendor's deliverables do not include the source code for a newly acquired product. To address this issue, which of the following should the auditor recommend be included in the contract?

Question254: An IS auditor observes that a large number of departed employees have not been removed from the accounts payable system. Which of the following is MOST important to determine in order to assess the risk1?

Question255: Which of the following would BEST guide an IS auditor when determining an appropriate time to schedule the follow-up of agreed corrective actions for reported audit issues?

Question256: Which of the following would be an IS auditor's BEST recommendation to senior management when several IT initiatives are found to be misaligned with the organization's strategy?

Question257: Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?

Question258: A company requires that all program change requests (PCRs) be approved and all modifications be automatically logged. Which of the following IS audit procedures will BEST determine whether unauthorized changes have been made to production programs?

Question259: Which of the following responses to risk associated with segregation of duties would incur the LOWEST initial cost?

Question260: The PRIMARY focus of a post-implementation review is to verify that:

Question261: The implementation of an IT governance framework requires that the board of directors of an organization:

Question262: An external audit firm was engaged to perform a validation and verification review for a systems implementation project. The IS auditor identifies that regression testing is not part of the project plan and was not performed by the systems implementation team. According to the team, the parallel testing being performed is sufficient, making regression testing unnecessary. What should be the auditor's NEXT step?

Question263: Which of the following is the BEST way to minimize sampling risk?

Question264: Which of the following are BEST suited for continuous auditing?

Question265: Which of the following would be MOST effective to protect information assets in a data center from theft by a vendor?

Question266: A disaster recovery plan (DRP) should include steps for:

Question267: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?

Question268: Which of the following BEST addresses the availability of an online store?

Question269: An IS auditor has learned that access privileges are not periodically reviewed or updated. Which of the following would provide the BEST evidence to determine whether transactions have been executed by authorized employees?

Question270: Which of the following is the PRIMARY benefit of operational log management?

Question271: Which of the following security measures will reduce the risk of propagation when a cyberattack occurs?

Question272: Which of the following is MOST important to verify when determining the completeness of the vulnerability scanning process?

Question273: During a follow-up audit, it was found that a complex security vulnerability of low risk was not resolved within the agreed-upon timeframe. IT has stated that the system with the identified vulnerability is being replaced and is expected to be fully functional in two months Which of the following is the BEST course of action?

Question274: Which of the following BEST describes the role of a document owner when implementing a data classification policy in an organization?

Question275: Which of the following should an IS auditor expect to see in a network vulnerability assessment?

Question276: Which of the following should be of GREATEST concern to an IS auditor performing a review of information security controls?

Question277: Which of the following would be of GREATEST concern to an IS auditor reviewing the resiliency of an organizational network that has two internet connections?

Question278: Which of the following is the PRIMARY advantage of using an automated security log monitoring tool instead of conducting a manual review to monitor the use of privileged access?

Question279: Which of the following is MOST important to consider when scheduling follow-up audits?

Question280: With regard to resilience, which of the following is the GREATEST risk to an organization that has implemented a new critical system?

Question281: An IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer payments. The IS auditor should FIRST

Question282: An IS auditor is reviewing a data conversion project Which of the following is the auditor's BEST recommendation prior to go-live?

Question283: Which of the following findings would be of GREATEST concern to an IS auditor reviewing firewall security for an organization's corporate network?

Question284: Which of the following would be of GREATEST concern when reviewing an organization's security information and event management (SIEM) solution?

Question285: A mission-critical application utilizes a one-node database server. On multiple occasions, the database service has been stopped to perform routine patching, causing application outages. Which of the following should be the IS auditor's GREATEST concern?

Question286: The PRIMARY objective of a follow-up audit is to:

Question287: A credit card company has decided to outsource the printing of customer statements It Is MOST important for the company to verify whether:

Question288: An IS auditor is reviewing security controls related to collaboration tools for a business unit responsible for intellectual property and patents. Which of the following observations should be of MOST concern to the auditor?

Question289: A programmer has made unauthorized changes to key fields in a payroll system report. Which of the following control weaknesses would have contributed MOST to this problem?

Question290: An organization is permanently transitioning from onsite to fully remote business operations. When should the existing business impact analysis (BIA) be reviewed?

Question291: During a closing meeting, the IT manager disagrees with a valid audit finding presented by the IS auditor and requests the finding be excluded from the final report. Which of the following is the auditor's BEST course of action?

Question292: Following the sale of a business division, employees will be transferred to a new organization, but they will retain access to IT equipment from the previous employer. An IS auditor has recommended that both organizations agree to and document an acceptable use policy for the equipment. What type of control has been recommended?

Question293: The BEST way to evaluate the effectiveness of a newly developed application is to:

Question294: During the planning phase of a data loss prevention (DLP) audit, management expresses a concern about mobile computing. Which of the following should the IS auditor identity as the associated risk?

Question295: Which of the following must be in place before an IS auditor initiates audit follow-up activities?

Question296: A hearth care organization utilizes Internet of Things (loT) devices to improve patient outcomes through real- time patient monitoring and advanced diagnostics. Which of the following would BEST assist in isolating these devices from corporate network traffic?

Question297: Capacity management enables organizations to:

Question298: While conducting a follow-up on an asset management audit, the IS auditor finds paid invoices for IT devices not recorded in the organization's inventory. Which of the following is the auditor's BEST course of action?

Question299: An organization relies on an external vendor that uses a cloud-based Software as a Service (SaaS) model to back up its data. Which of the following is the GREATEST risk to the organization related to data backup and retrieval?

Question300: Which of the following BEST protects an organization's proprietary code during a joint-development activity involving a third party?

Question301: In a RAO model, which of the following roles must be assigned to only one individual?

Question302: Which of the following is a threat to IS auditor independence?

Question303: Which of the following is MOST important when creating a forensic image of a hard drive?

Question304: Which of the following is the BEST way to mitigate the impact of ransomware attacks?

Question305: Which of the following controls is MOST important for ensuring the integrity of system interfaces?

Question306: Which of the following is the PRIMARY reason to perform a risk assessment?

Question307: A review of IT interface controls finds an organization does not have a process to identify and correct records that do not get transferred to the receiving system. Which of the following is the IS auditor's BEST recommendation?

Question308: Which of the following is MOST important when defining the IS audit scope?

Question309: During an audit which of the following would be MOST helpful in establishing a baseline for measuring data quality?

Question310: Which of the following types of firewalls provide the GREATEST degree of control against hacker intrusion?

Question311: An IS audit reveals that an organization is not proactively addressing known vulnerabilities. Which of the following should the IS auditor recommend the organization do FIRST?

Question312: Which of the following would BEST detect that a distributed denial of service (DDoS) attack is occurring?

Question313: As part of the architecture of virtualized environments, in a bare metal or native visualization the hypervisor runs without:

Question314: When reviewing an IT strategic plan, the GREATEST concern would be that

Question315: Which of the following documents should specify roles and responsibilities within an IT audit organization?

Question316: Which of the following would be MOST important to include in an IS audit report?

Question317: Who is accountable for an organization's enterprise risk management (ERM) program?

Question318: Which of the following is the BEST data integrity check?

Question319: The PRIMARY purpose of an incident response plan is to:

Question320: Which of the following is the BEST reason to implement a data retention policy?

Question321: During the audit of an enterprise resource planning (ERP) system, an IS auditor found an applicationpatch was applied to the production environment. It is MOST important for the IS auditor to verify approval from the:

Question322: An organization with many desktop PCs is considering moving to a thin client architecture. Which of the following is the MAJOR advantage?

Question323: Which of the following is the BEST way to prevent social engineering incidents?

Question324: In a 24/7 processing environment, a database contains several privileged application accounts with passwords set to never expire. Which of the following recommendations would BEST address the risk with minimal disruption to the business?

Question325: An IS auditor would MOST likely recommend that IT management use a balanced scorecard to:

Question326: Management receives information indicating a high level of risk associated with potential flooding near the organization's data center within the next few years. As a result, a decision has been made to move data center operations to another facility on higher ground. Which approach has been adopted?

Question327: In a public key cryptographic system, which of the following is the PRIMARY requirement to address the risk of man-in-the-middle attacks through spoofing?

Question328: Which of the following observations would an IS auditor consider the GREATEST risk when conducting an audit of a virtual server farm tor potential software vulnerabilities?

Question329: To help determine whether a controls-reliant approach to auditing financial systems in a company should be used, which sequence of IS audit work is MOST appropriate?

Question330: An IS auditor is analyzing a sample of accounts payable transactions for a specific vendor and identifies one transaction with a value five times as high as the average transaction. Which of the following should the auditor do NEXT?

Question331: Which of the following is the BEST metric to measure the quality of software developed in an organization?

Question332: Which of the following is the GREATEST risk of project dashboards being set without sufficiently defined criteria?

Question333: An organization conducted an exercise to test the security awareness level of users by sending an email offering a cash reward 10 those who click on a link embedded in the body of the email. Which of the following metrics BEST indicates the effectiveness of awareness training?

Question334: An IS auditor should look for which of the following to ensure the risk associated with scope creep has been mitigated during software development?

Question335: Which of the following is the BEST performance indicator for the effectiveness of an incident management program?

Question336: Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?

Question337: What would be an IS auditor's BEST recommendation upon finding that a third-party IT service provider hosts the organization's human resources (HR) system in a foreign country?

Question338: Which of the following is MOST important to determine when conducting an audit Of an organization's data privacy practices?

Question339: An IS auditor can BEST evaluate the business impact of system failures by:

Question340: Which of the following BEST enables a benefits realization process for a system development project?

Question341: Which of the following data would be used when performing a business impact analysis (BIA)?

Question342: Which of the following is MOST useful when planning to audit an organization's compliance with cybersecurity regulations in foreign countries?

Question343: Which of the following should be the FRST step when developing a data toes prevention (DIP) solution for a large organization?

Question344: The PRIMARY reason to perform internal quality assurance (QA) for an internal audit function is to ensure:

Question345: Which of the following would BEST ensure that a backup copy is available for restoration of mission critical data after a disaster''

Question346: Which of the following is MOST important with regard to an application development acceptance test?

Question347: Which of the following should be of GREATEST concern to an IS auditor conducting an audit of an organization that recently experienced a ransomware attack?

Question348: An IS auditor notes that the previous year's disaster recovery test was not completed within the scheduled time frame due to insufficient hardware allocated by a third-party vendor. Which of the following provides the BEST evidence that adequate resources are now allocated to successfully recover the systems?

Question349: Which of the following is the BEST way to foster continuous improvement of IS audit processes and practices?

Question350: Which of the following is MOST important when planning a network audit?

Question351: An IS auditor is performing a follow-up audit for findings identified in an organization's user provisioning process. Which of the following is the MOST appropriate population to sample from when testing for remediation?

Question352: Which of the following responsibilities of an organization's quality assurance (QA) function should raise concern for an IS auditor?

Question353: Before the release of a new application into an organization's production environment, which of the following should be in place to ensure that proper testing has occurred and rollback plans are in place?

Question354: An organization offers an e-commerce platform that allows consumer-to-consumer transactions. The platform now uses blockchain technology to ensure the parties are unable to deny the transactions. Which of the following attributes BEST describes the risk element that this technology is addressing?

Question355: Recovery facilities providing a redundant combination of Internet connections to the local communications loop is an example of which type of telecommunications continuity?

Question356: Management has requested a post-implementation review of a newly implemented purchasing package to determine to what extent business requirements are being met. Which of the following is MOST likely to be assessed?

Question357: To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?

Question358: Stress testing should ideally be earned out under a:

Question359: An organization has engaged a third party to implement an application to perform business-critical calculations. Which of the following is the MOST important process to help ensure the application provides accurate calculations?

Question360: During a new system implementation, an IS auditor has been assigned to review risk management at each milestone. The auditor finds that several risks to project benefits have not been addressed. Who should be accountable for managing these risks?

Question361: A company has implemented an IT segregation of duties policy. In a role-based environment, which of the following roles may be assigned to an application developer?

Question362: Demonstrated support from which of the following roles in an organization has the MOST influence over information security governance?

Question363: Which of the following network communication protocols is used by network devices such as routers to send error messages and operational information indicating success or failure when communicating with another IP address?

Question364: An organization is planning to implement a control self-assessment (CSA) program tor selected business processes Which of the following should be the role of the internal audit team for this program?

Question365: A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?

Question366: Which of the following attack techniques will succeed because of an inherent security weakness in an Internet firewall?

Question367: In data warehouse (DW) management, what is the BEST way to prevent data quality issues caused by changes from a source system?

Question368: Which of the following would be MOST useful when analyzing computer performance?

Question369: A current project to develop IT-based solutions will need additional funding to meet changes in business requirements. Who is BEST suited to obtain this additional funding?

Question370: Which of the following approaches would present the GREATEST concern for the implementation of a quality assurance (QA) function?

Question371: When implementing Internet Protocol security (IPsec) architecture, the servers involved in application delivery:

Question372: A new regulation has been enacted that mandates specific information security practices for the protection of customer data. Which of the following is MOST useful for an IS auditor to review when auditing against the regulation?

Question373: Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's job scheduling practices?

Question374: Which of the following is the MAIN purpose of an information security management system?

Question375: An IS auditor is evaluating the risk associated with moving from one database management system (DBMS) to another. Which of the following would be MOST helpful to ensure the integrity of the system throughout the change?

Question376: Which of the following is an analytical review procedure for a payroll system?

Question377: A now regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?

Question378: Management has learned the implementation of a new IT system will not be completed on time and has requested an audit. Which of the following audit findings should be of GREATEST concern?

Question379: Which of the following should be of MOST concern to an IS auditor reviewing the information systems acquisition, development, and implementation process?

Question380: A source code repository should be designed to:

Question381: An IS auditor is reviewing logical access controls for an organization's financial business application Which of the following findings should be of GREATEST concern to the auditor?

Question382: Which of the following is the PRIMARY reason for an IS audit manager to review the work performed by a senior IS auditor prior to presentation of a report?

Question383: One benefit of return on investment (ROI) analysts in IT decision making is that it provides the:

Question384: Which of the following is the MOST important responsibility of user departments associated with program changes?

Question385: Which of the following threats is mitigated by a firewall?

Question386: Which of the following is MOST important for an IS auditor to confirm when reviewing an organization's incident response management program?

Question387: Which of the following is the BEST method for converting system-generated log files into a format suitable for data analysis?

Question388: Which of the following would be of GREATEST concern to an IS auditor reviewing an IT-related customer service project?

Question389: An organization has recently implemented a Voice-over IP (VoIP) communication system. Which ot the following should be the IS auditor's PRIMARY concern?

Question390: Which of the following statements appearing in an organization's acceptable use policy BEST demonstrates alignment with data classification standards related to the protection of information assets?

Question391: An organization allows employees to retain confidential data on personal mobile devices. Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?

Question392: Which of the following is the GREATEST risk associated with storing customer data on a web server?

Question393: Which of the following is the BEST approach for determining the overall IT risk appetite of an organization when business units use different methods formanaging IT risks?

Question394: A database administrator (DBA) should be prevented from having end user responsibilities:

Question395: Which of the following is the BEST control to help ensure the completeness of outbound transactions?

Question396: Which of the following provides an IS auditor the BEST evidence that a third-party service provider's information security controls are effective?

Question397: Which of the following types of environmental equipment will MOST likely be deployed below the floor tiles of a data center?

Question398: The GREATEST concern for an IS auditor reviewing vulnerability assessments by the auditee would be if the assessments are:

Question399: Which of the following is the BEST way to ensure that an application is performing according to its specifications?

Question400: An IS auditor finds that a new network connection allows communication between the Internet and the internal enterprise resource planning (ERP) system. Which of the following is the PRIMARY business impact to include when presenting this observation to management?

Question401: Which of the following would provide management with the MOST reasonable assurance that a new data warehouse will meet the needs of the organization?

Question402: Which of the following is a PRIMARY function of an intrusion detection system (IDS)?

Question403: An IS auditor is asked to review an organization's technology relationships, interfaces, and data. Which of the following enterprise architecture (EA) areas is MOST appropriate this review? (Choose Correct answer and give explanation from CISA Certification - Information Systems Auditor official book)

Question404: Which of the following is MOST important when creating a forensic image of a hard drive?

Question405: An IS auditor is reviewing the service agreement with a technology company that provides IT help desk services to the organization. Which of the following monthly performance metrics is the BEST indicator of service quality?

Question406: A new regulation in one country of a global organization has recently prohibited cross-border transfer of personal data. An IS auditor has been asked to determine the organization's level of exposure In the affected country. Which of the following would be MOST helpful in making this assessment?

Question407: An IS auditor has been asked to advise on measures to improve IT governance within the organization. Which at the following is the BEST recommendation?

Question408: Which of the following would BEST enable an organization to address the security risks associated with a recently implemented bring your own device (BYOD) strategy?

Question409: Which of the following features would BEST address risk associated with data at rest when evaluating a data loss prevention (DLP) solution?

Question410: Who is PRIMARILY responsible for the design of IT controls to meet control objectives?

Question411: Which of the following is a method to prevent disclosure of classified documents printed on a shared printer?

Question412: Which of the following should be of GREATEST concern to an |$ auditor reviewing data conversion and migration during the implementation of a new application system?

Question413: Which of the following should be the GREATEST concern for an IS auditor performing a post- implementation review for a major system upgrade?

Question414: During an organization's implementation of a data loss prevention (DLP) solution, which of the following activities should be completed FIRST?

Question415: Which of the following BEST addresses the availability of an online store?

Question416: What type of control has been implemented when secure code reviews are conducted as part of a deployment program?

Question417: An IS auditor is reviewing an organization's business intelligence infrastructure. The BEST recommendation to help the organization achieve a reasonable level of data quality would be to:

Question418: Which of the following would be a result of utilizing a top-down maturity model process?

Question419: When evaluating information security governance within an organization, which of the following findings should be of MOST concern to an IS auditor?

Question420: Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization's vulnerability scanning program''

Question421: When auditing the closing stages of a system development protect which of the following should be the MOST important consideration?

Question422: An IT governance body wants to determine whether IT service delivery is based on consistently effective processes. Which of the following is the BEST approach?

Question423: An organization is ready to implement a new IT solution consisting of multiple modules. The last module updates the processed data into the database. Which of the following findings should be of MOST concern to the IS auditor?

Question424: During an audit of an organization's risk management practices, an IS auditor finds several documented IT risk acceptances have not been renewed in a timely manner after the assigned expiration date When assessing the seventy of this finding, which mitigating factor would MOST significantly minimize the associated impact?

Question425: During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:

Question426: Which of the following is the MOST effective control to mitigate against the risk of inappropriate activity by employees?

Question427: An IS auditor wants to gain a better understanding of an organization's selected IT operating system software.
Which of the following would be MOST helpful to review?

Question428: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?

Question429: Which of the following is the STRONGEST indication of a mature risk management program?

Question430: IS management has recently disabled certain referential integrity controls in the database management system (DBMS) software to provide users increased query performance. Which of the following controls will MOST effectively compensate for the lack of referential integrity?

Question431: Which of the following is a concern associated with virtualization?

Question432: Which of the following is the BEST indication that an information security awareness program is effective?

Question433: An organization is concerned with meeting new regulations for protecting data confidentiality and asks an IS auditor to evaluate their procedures for transporting data. Which of the following would BEST support the organization's objectives?

Question434: What should an IS auditor do FIRST when management responses
to an in-person internal control questionnaire indicate a key internal
control is no longer effective?

Question435: An IS auditor finds a segregation of duties issue in an enterprise resource planning (ERP) system. Which of the following is the BEST way to prevent the misconfiguration from recurring?

Question436: Which of the following is an IS auditor's BEST recommendation to help an organization increase the efficiency of computing resources?

Question437: What should be the PRIMARY basis for selecting which IS audits to perform in the coming year?

Question438: Which type of review is MOST important to conduct when an IS auditor is informed that a recent internal exploitation of a bug has been discovered in a business application?

Question439: Which of the following is the MOST important regulatory consideration for an organization determining whether to use its customer data to train AI algorithms?

Question440: Which of the following strategies BEST optimizes data storage without compromising data retention practices?

Question441: A core system fails a week after a scheduled update, causing an outage that impacts service. Which of the following is MOST important for incident management to focus on when addressing the issue?

Question442: Which of the following poses the GREATEST risk to an organization related to system interfaces?

Question443: To develop meaningful recommendations 'or findings, which of the following is MOST important 'or an IS auditor to determine and understand?

Question444: An organization that has suffered a cyber-attack is performing a forensic analysis of the affected users' computers. Which of the following should be of GREATEST concern for the IS auditor reviewing this process?

Question445: Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's method to transport sensitive data between offices?

Question446: Which of the following is MOST useful for determining the strategy for IT portfolio management?

Question447: Which of the following is an IS auditor's BEST recommendation to mitigate the risk of eavesdropping associated with an application programming interface (API) integration implementation?

Question448: Which of the following should be done FIRST when planning to conduct internal and external penetration testing for a client?

Question449: The PRIMARY reason to assign data ownership for protection of data is to establish:

Question450: Which of the following is MOST important to include in security awareness training?

Question451: Which of the following BEST enables an IS auditor to confirm the batch processing to post transactions from an input source is successful?

Question452: An organization has implemented a new data classification scheme and asks the IS auditor to evaluate its effectiveness. Which of the following would be of GREATEST concern to the auditor?

Question453: Which of the following helps to ensure the integrity of data for a system interface?

Question454: The BEST way to prevent fraudulent payments is to implement segregation of duties between the vendor setup and:

Question455: Which of the following security measures will reduce the risk of propagation when a cyberattack occurs?

Question456: Which of the following is MOST useful for determining whether the goals of IT are aligned with the organization's goals?

Question457: Which of the following is a core functionality of a configuration and release management system?

Question458: When reviewing an organization's information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of:

Question459: Which of the following will provide the GREATEST assurance to IT management that a quality management system (QMS) is effective?

Question460: Which of the following procedures for testing a disaster recovery plan (DRP) is MOST effective?

Question461: Which of the following should be performed FIRST before key performance indicators (KPIs) can be implemented?

Question462: What is the PRIMARY purpose of documenting audit objectives when preparing for an engagement?

Question463: Which of the following practices associated with capacity planning provides the GREATEST assurance that future incidents related to existing server performance will be prevented?

Question464: An IS auditor has been asked to audit the proposed acquisition of new computer hardware. The auditor's PRIMARY concern Is that:

Question465: Which of the following controls is the BEST recommendation to prevent the skimming of debit or credit card data in point of sale (POS) systems?

Question466: Which of the following is the BEST recommendation to drive accountability for achieving the desired outcomes specified in a benefits realization plan for an IT project?

Question467: Which of the following is the MOST effective control over visitor access to highly secured areas?

Question468: In which phase of the audit life cycle process should an IS auditor initially discuss observations with management?

Question469: Which of the following is an example of a preventative control in an accounts payable system?

Question470: A characteristic of a digital signature is that it

Question471: An IS auditor has been tasked with analyzing an organization's capital expenditures against its repair and maintenance costs. Which of the following is the BEST reason to use a data analytics tool for this purpose?

Question472: Which of the following BEST enables an IS auditor to assess whether jobs were completed according to the job schedule?

Question473: If a recent release of a program has to be backed out of production, the corresponding changes within the delta version of the code should be:

Question474: Which of the following is MOST important for an IS auditor to verify when evaluating an organization's data conversion and infrastructure migration plan?

Question475: An IS auditor is reviewing enterprise governance and finds there is no defined organizational structure for technology risk governance. Which of the following is the GREATEST concern with this lack of structure?

Question476: An IS department is evaluated monthly on its cost-revenue ratio user satisfaction rate, and computer downtime This is BEST zed as an application of.

Question477: Which of the following is the MOST important consideration when developing tabletop exercises within a cybersecurity incident response plan?

Question478: Which of the following findings from an IT governance review should be of GREATEST concern?

Question479: Which of the following presents the GREATEST challenge to the alignment of business and IT?

Question480: Which of the following is MOST important to consider when developing a service level agreement (SLAP)?

Question481: An IS auditor is reviewing an organization's information asset management process. Which of the following would be of GREATEST concern to the auditor?

Question482: A business has requested an audit to determine whether information stored in an application is adequately protected. Which of the following is the MOST important action before the audit work begins?

Question483: An organization has replaced all of the storage devices at its primary data center with new higher-capacity units The replaced devices have been installed at the disaster recovery site to replace older units An IS auditor s PRIMARY concern would be whether

Question484: An organization is concerned about duplicate vendor payments on a complex system with a high volume of transactions. Which of the following would be MOST helpful to an IS auditor to determine whether duplicate vendor payments exist?

Question485: in a controlled application development environment, the MOST important segregation of duties should be between the person who implements changes into the production environment and the:

Question486: An IS auditor should ensure that an application's audit trail:

Question487: An IS auditor is assessing the adequacy of management's remediation action plan. Which of the following should be the MOST important consideration?

Question488: A contract for outsourcing IS functions should always include:

Question489: When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?

Question490: A small business unit is implementing a control self-assessment (CSA) program and leveraging the internal audit function to test its internal controls annually. Which of the following is the MOST significant benefit of this approach?

Question491: Which of the following controls BEST ensures appropriate segregation of dudes within an accounts payable department?

Question492: Which of the following is MOST important for an IS auditor to confirm when reviewing an organization's plans to implement robotic process automation (RPA> to automate routine business tasks?

Question493: Which of the following provides a new IS auditor with the MOST useful information to evaluate overall IT performance?

Question494: An IS audit manager is reviewing workpapers for a recently completed audit of the corporate disaster recovery test. Which of the following should the IS audit manager specifically review to substantiate the conclusions?

Question495: An IS auditor finds that the cost of developing an application is now projected to significantly exceed the budget. Which of the following is the GREATEST risk to communicate to senior management?

Question496: Which of the following technologies is BEST suited to fulfill a business requirement for nonrepudiation of business-to-business transactions with external parties without the need for a mutually trusted entity?

Question497: Which of the following is the PRIMARY reason for an IS auditor to conduct post-implementation reviews?

Question498: Which of the following should an IS auditor use when verifying a three-way match has occurred in an enterprise resource planning (ERR) system?

Question499: When reviewing past results of a recurring annual audit, an IS auditor notes that findings may not have been reported and independence may not have been maintained. Which of the following is the auditor's BEST course of action?

Question500: While evaluating the data classification process of an organization, an IS auditor's PRIMARY focus should be on whether:

Question501: Which of the following documents should define roles and responsibilities within an IT audit organization?

Question502: An organization's IT department and internal IS audit function all report to the chief information officer (CIO). Which of the following is the GREATEST concern associated with this reporting structure?

Question503: An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?

Question504: Which of the following is MOST important for an IS auditor to determine during the detailed design phase of a system development project?

Question505: Which of the following is the BEST indication that there are potential problems within an organization's IT service desk function?

Question506: An IS auditor has been asked to review an event log aggregation system to ensure risk management practices have been applied. Which of the following should be of MOST concern to the auditor?

Question507: Which of the following is the PRIMARY reason for using a digital signature?

Question508: An IS auditor has been asked to provide support to the control self-assessment (CSA) program. Which of the following BEST represents the scope of the auditor's role in the program?

Question509: Which of the following would a digital signature MOST likely prevent?

Question510: The FIRST step in auditing a data communication system is to determine:

Question511: A bank wants to outsource a system to a cloud provider residing in another country. Which of the following would be the MOST appropriate IS audit recommendation?

Question512: Which of the following is the MOST effective way to identify exfiltration of sensitive data by a malicious insider?

Question513: When an intrusion into an organization network is deleted, which of the following should be done FIRST?

Question514: When planning an internal penetration test, which of the following is the MOST important step prior to finalizing the scope of testing?

Question515: An online retailer is receiving customer complaints about receiving different items from what they ordered on the organization's website. The root cause has been traced to poor data quality. Despite efforts to clean erroneous data from the system, multiple data quality issues continue to occur. Which of the following recommendations would be the BEST way to reduce the likelihood of future occurrences?

Question516: An organization that has decided to approve the use of end-user computing (EUC) should FIRST ensure:

Question517: Which of the following controls BEST ensures appropriate segregation of duties within an accounts payable department?

Question518: Which of the following is MOST helpful for evaluating benefits realized by IT projects?

Question519: An IS auditor is reviewing an organization's system development life cycle (SDLC) Which of the following MUST be included in the review?

Question520: Which of the following is the BEST way to address potential data privacy concerns associated with inadvertent disclosure of machine identifier information contained within security logs?

Question521: Which of the following should be done FIRST when creating a data protection program?

Question522: Which of the following is the MOST important activity in the data classification process?

Question523: In a large organization, IT deadlines on important projects have been missed because IT resources are not prioritized properly. Which of the following is the BEST recommendation to address this problem?

Question524: The decision to accept an IT control risk related to data quality should be the responsibility of the:

Question525: Which type of attack targets security vulnerabilities in web applications to gain access to data sets?

Question526: An IS auditor finds that one employee has unauthorized access to confidential data. The IS auditor's BEST recommendation should be to:

Question527: During the implementation of a new system, an IS auditor must assess whether certain automated calculations comply with the regulatory requirements Which of the following is the BEST way to obtain this assurance?

Question528: Aligning IT strategy with business strategy PRIMARILY helps an organization to:

Question529: During the walk-through procedures for an upcoming audit, an IS auditor notes that the key application in scope is part of a Software as a Service (SaaS) agreement. What should the auditor do NEXT?

Question530: A global bank plans to use a cloud provider for backup of customer financial data. Which of the following should be the PRIMARY focus of this project?

Question531: Which of the following is the PRIMARY reason an IS auditor should discuss observations with management before delivering a final report?

Question532: Which of the following is the MOST significant risk that IS auditors are required to consider for each engagement?

Question533: What is the PRIMARY reason for an organization to classify the data stored on its internal networks?

Question534: An IS auditor is conducting a post-implementation review of an enterprise resource planning (ERP) system.
End users indicated concerns with the accuracy of critical automatic calculations made by the system. The auditor's FIRST course of action should be to:

Question535: Which of the following is the BEST control to mitigate the malware risk associated with an instant messaging (IM) system?

Question536: An IS auditor is evaluating the access controls for a shared customer relationship management (CRM) system.
Which of the following would be the GREATEST concern?

Question537: An IS auditor is reviewing documentation from a change that was applied to an application. Which of the following findings would be the GREATEST concern?

Question538: An externally facing system containing sensitive data is configured such that users have either read-only or administrator rights. Most users of the system have administrator access. Which of the following is the GREATEST risk associated with this situation?

Question539: As part of an audit response, an auditee has concerns with the recommendations and is hesitant to implement them. Which of the following is the BEST course of action for the IS auditor?

Question540: Which of the following should be of GREATEST concern for an IS auditor when reviewing user account policies?

Question541: An IS auditor notes that not all security tests were completed for an online sales system recently promoted to production. Which of the following is the auditor's BEST course of action?

Question542: Which of the following controls is MOST effective at preventing system failures when implementing a new web application?

Question543: Which of the following provides the BE ST method for maintaining the security of corporate applications pushed to employee-owned mobile devices?

Question544: Which of the following is the BEST audit procedure to determine whether a firewall is configured in compliance with the organization's security policy?

Question545: Which of the following is the BEST way to prevent social engineering incidents?

Question546: Which of the following types of firewalls provides the GREATEST degree of control against hacker intrusion?

Question547: Based on best practices, which types of accounts should be disabled for interactive login?

Question548: What is the BEST control to address SQL injection vulnerabilities?

Question549: Which of the following should an IS auditor review FIRST when planning a customer data privacy audit?

Question550: Which of the following should an IS auditor be MOST concerned with during a post-implementation review?

Question551: Which of the following is MOST important to define within a disaster recovery plan (DRP)?

Question552: Which of the following findings would be of GREATEST concern when auditing an organization's end-user computing (EUC)?

Question553: Which of the following risk scenarios is BEST addressed by implementing policies and procedures related to full disk encryption?

Question554: Data from a system of sensors located outside of a network is received by the open ports on a server. Which of the following is the BEST way to ensure the integrity of the data being collected from the sensor system?

Question555: An organization is establishing a steering committee for the implementation of a new enterprise resource planning (ERP) system that uses Agile project management methodology. What is the MOST important criterion for the makeup of this committee?

Question556: IT management has accepted the risk associated with an IS auditor's finding due to the cost and complexity of the corrective actions. Which of the following should be the auditor's NEXT course of action?

Question557: Which of the following is the MOST efficient way to identify fraudulent activity on a set of transactions?