EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following is the BEST approach for determining the overall IT risk appetite of an organization when business units use different methods formanaging IT risks?

Question2: Which of the following is the MOST important reason to implement version control for an end-user computing (EUC) application?

Question3: An organization implemented a cybersecurity policy last year Which of the following is the GREATE ST indicator that the policy may need to be revised?

Question4: Which of the following provides the BEST evidence that system requirements are met when evaluating a project before implementation?

Question5: In a RAO model, which of the following roles must be assigned to only one individual?

Question6: Which of the following would be of GREATEST concern to an IS auditor reviewing an IT strategy document?

Question7: An IS auditor reviewing incident response management processes notices that resolution times for reoccurring incidents have not shown improvement. Which of the following is the auditor's BEST recommendation?

Question8: Which of the following is the MOST important task of an IS auditor during an application post- implementation review?

Question9: An organization is planning to implement a control self-assessment (CSA) program tor selected business processes Which of the following should be the role of the internal audit team for this program?

Question10: Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?

Question11: An organization is modernizing its technology policy framework to demonstrate compliance with external industry standards. Which of the following would be MOST useful to an IS auditor for validating the outcome?

Question12: Which of the following can only be provided by asymmetric encryption?

Question13: Which of the following is the GREATEST risk associated with security patches being automatically downloaded and applied to production servers?

Question14: During an audit of payment services of a branch based in a foreign country, a large global bank's audit team identifies an opportunity to use data analytics techniques to identify abnormal payments. Which of the following is the team's MOST important course of action?

Question15: An organization has both an IT strategy committee and an IT steering committee. When reviewing the minutes of the IT steering committee, an IS auditor would expect to find that the committee:

Question16: Which of the following is an IS auditor's BEST recommendation to mitigate the risk of eavesdropping associated with an application programming interface (API) integration implementation?

Question17: An IS auditor finds that a new network connection allows communication between the Internet and the internal enterprise resource planning (ERP) system. Which of the following is the PRIMARY business impact to include when presenting this observation to management?

Question18: An IS auditor has been asked to advise on measures to improve IT governance within the organization. Which at the following is the BEST recommendation?

Question19: An IS auditor is assessing the adequacy of management's remediation action plan. Which of the following should be the MOST important consideration?

Question20: Which of the following areas of responsibility would cause the GREATEST segregation of duties conflict if the individual who performs the related tasks also has approval authority?

Question21: A global organization's policy states that all workstations must be scanned for malware each day. Which of the following would provide an IS auditor with the BEST evidence of continuous compliance with this policy?

Question22: What should an IS auditor do FIRST upon discovering that a service provider did not notify its customers of a security breach?

Question23: Effective separation of duties in an online environment can BEST be achieved by utilizing:

Question24: Which of the following is the BEST way to ensure email confidentiality in transit?

Question25: When reviewing a business case for a proposed implementation of a third-party system, which of the following should be an IS auditor's GREATEST concern?

Question26: Which of the following should be of MOST concern to an IS auditor reviewing an organization's business impact analysis (BIA)?

Question27: Which of the following should be the FIRST step in a data migration project?

Question28: An IS auditor reviewing the system development life cycle (SDLC) finds there is no requirement for business cases. Which of the following should be offGREATEST concern to the organization?

Question29: Which of the following should an IS auditor recommend be done FIRST when an organization is made aware of a new regulation that is likely to impact IT security requirements?

Question30: Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?

Question31: An IT strategic plan that BEST leverages IT in achieving organizational goals will include:

Question32: Which of the following would be a result of utilizing a top-down maturity model process?

Question33: Which type of attack poses the GREATEST risk to an organization's most sensitive data?

Question34: Which of the following presents the GREATEST risk of data leakage in the cloud environment?

Question35: As part of business continuity planning, which of the following is MOST important to assess when conducting a business impact analysis (B1A)?

Question36: Which of the following is the BEST way to enforce the principle of least privilege on a server containing data with different security classifications?

Question37: An organizations audit charier PRIMARILY:

Question38: Which of the following provides an IS auditor the BEST evidence that a third-party service provider's information security controls are effective?

Question39: During an audit of a multinational bank's disposal process, an IS auditor notes several findings. Which of the following should be the auditor's GREATEST concern?

Question40: In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?

Question41: Which of the following are BEST suited for continuous auditing?

Question42: An IS auditor notes that the previous year's disaster recovery test was not completed within the scheduled time frame due to insufficient hardware allocated by a third-party vendor. Which of the following provides the BEST evidence that adequate resources are now allocated to successfully recover the systems?

Question43: Which of the following is the BEST approach to help organizations address risks associated with shadow IT?

Question44: A bank performed minor changes to the interest calculation computer program. Which of the following techniques would provide the STRONGEST evidence to determine whether the interest calculations are correct?

Question45: During the course of fieldwork, an internal IS auditor observes a critical vulnerability within a newly deployed application. What is the auditor's BEST course of action?

Question46: Which of the following should be the PRIMARY objective of conducting an audit follow-up of management action plans?

Question47: Which of the following is the BEST preventive control to protect the confidentiality of data on a corporate smartphone in the event it is lost?

Question48: Which of the following is the BEST way to sanitize a hard disk for reuse to ensure the organization's information cannot be accessed?

Question49: When reviewing hard disk utilization reports, an IS auditor observes that utilization is routinely above 95%.
Which of the following should be the GREATEST concern to the IS auditor?

Question50: During which stage of the penetration test cycle does the tester utilize identified vulnerabilities to attempt to access the target system?

Question51: Which of the following is the MOST likely root cause of shadow IT in an organization?

Question52: Which of the following should be of GREATEST concern to an IS auditor who is assessing an organization's configuration and release management process?

Question53: An IS auditor has been asked to provide support to the control self-assessment (CSA) program. Which of the following BEST represents the scope of the auditor's role in the program?

Question54: Which of the following provides the MOST reliable method of preventing unauthonzed logon?

Question55: The PRIMARY advantage of object-oriented technology is enhanced:

Question56: Which of the following user actions poses the GREATEST risk for inadvertently introducing malware into a local network?

Question57: Which of the following is MOST helpful for an IS auditor to review when evaluating an organizations business process that are supported by applications and IT systems?

Question58: When building or upgrading enterprise cryptographic infrastructure, which of the following is the MOST critical requirement for growing business environments?

Question59: Which of the following is the BEST way to address potential data privacy concerns associated with inadvertent disclosure of machine identifier information contained within security logs?

Question60: Which of the following is the BEST metric to measure the alignment of IT and business strategy?

Question61: Which of the following is the MOST effective way to detect as many abnormalities as possible during an IS audit?

Question62: During the audit of an enterprise resource planning (ERP) system, an IS auditor found an applicationpatch was applied to the production environment. It is MOST important for the IS auditor to verify approval from the:

Question63: An IS auditor is reviewing a network diagram. Which of the following would be the BEST location for placement of a firewall?

Question64: Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization's vulnerability scanning program''

Question65: Which of the following methods will BEST reduce the risk associated with the transition to a new system using technologies that are not compatible with the old system?

Question66: Which of the following is MOST important to define within a disaster recovery plan (DRP)?

Question67: Which of the following BEST describes the role of the IS auditor in a control self-assessment (CSA)?

Question68: A firewall between internal network segments improves security and reduces risk by:

Question69: The BEST way to prevent fraudulent payments is to implement segregation of duties between the vendor setup and:

Question70: Which of the following is the BEST reason to implement a data retention policy?

Question71: An IS auditor wants to gain a better understanding of an organization's selected IT operating system software.
Which of the following would be MOST helpful to review?

Question72: A telecommunications company has recently created a new fraud department with three employees and acquired a fraud detection system that uses artificial intelligence (AI) modules. Which of the following would be of GREATEST concern to an IS auditor reviewing the system?

Question73: An IS auditor is reviewing an organization's business continuity plan (BCP) following a change in organizational structure with significant impact to business processes. Which of the following findings should be the auditor's GREATEST concern?

Question74: Which of the following is the BEST way to verify the effectiveness of a data restoration process?

Question75: Which of the following system attack methods is executed by entering malicious code into the search box of a vulnerable website, causing the server to reveal restricted information?

Question76: Which of the following is the MOST important consideration when evaluating the data retention policy for a global organization with regional offices in multiple countries?

Question77: An incident response team has been notified of a virus outbreak in a network subnet. Which of the following should be the NEXT step?

Question78: Which of the following is the MOST appropriate and effective fire suppression method for an unstaffed computer room?

Question79: A configuration management audit identified that predefined automated procedures are used when deploying and configuring application infrastructure in a cloud-based environment. Which of the following is MOST important for the IS auditor to review?

Question80: Which of the following protocols should be used when transferring data via the internet?

Question81: Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?

Question82: An organization's security policy mandates that all new employees must receive appropriate security awareness training. Which of the following metrics would BEST assure compliance with this policy?

Question83: An IS auditor is reviewing security controls related to collaboration tools for a business unit responsible for intellectual property and patents. Which of the following observations should be of MOST concern to the auditor?

Question84: An IS auditor is evaluating the risk associated with moving from one database management system (DBMS) to another. Which of the following would be MOST helpful to ensure the integrity of the system throughout the change?

Question85: In which phase of the audit life cycle process should an IS auditor initially discuss observations with management?

Question86: Which of the following is the BEST sampling method to use when relatively few errors are expected to be found in a population?

Question87: An IS auditor discovers that validation controls m a web application have been moved from the server side into the browser to boost performance This would MOST likely increase the risk of a successful attack by.

Question88: An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?

Question89: During the planning stage of a compliance audit, an IS auditor discovers that a bank's inventory of compliance requirements does not include recent regulatory changes related to managing data risk. What should the auditor do FIRST?

Question90: Which of the following provides the MOST useful information to an IS auditor when selecting projects for inclusion in an IT audit plan?

Question91: Which of the following BEST enables an organization to standardize its IT infrastructure to align with business goals?

Question92: Which of the following is MOST critical to the success of an information security program?

Question93: The PRIMARY role of an IS auditor in the remediation of problems found during an audit engagement is to:

Question94: Which of the following is MOST important to ensure when developing an effective security awareness program?

Question95: During a follow-up audit, an IS auditor finds that some critical recommendations have the IS auditor's BEST course of action?

Question96: An IS auditor is preparing for a review of controls associated with a manufacturing plant's implementation of industrial Internet of Things (loT) infrastructure Which of the following vulnerabilities would present the GREATEST security risk to the organization?

Question97: During which process is regression testing MOST commonly used?

Question98: An IS auditor should look for which of the following to ensure the risk associated with scope creep has been mitigated during software development?

Question99: A white box testing method is applicable with which of the following testing processes?

Question100: Which of the following BEST enables alignment of IT with business objectives?

Question101: During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective. Which of the following is the auditor's BEST action?

Question102: Which of the following network topologies will provide the GREATEST fault tolerance?

Question103: Which of the following BEST indicates that the effectiveness of an organization's security awareness program has improved?

Question104: An IS auditor is conducting a physical security audit of a healthcare facility and finds closed-circuit television (CCTV) systems located in a patient care area. Which of the following is the GREATEST concern?

Question105: Which of the following should be of GREATEST concern to an IS auditor when using data analytics?

Question106: An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?

Question107: Which of the following would be an appropriate rote of internal audit in helping to establish an organization's privacy program?

Question108: Which of the following applications has the MOST inherent risk and should be prioritized during audit planning?

Question109: What is the PRIMARY reason to adopt a risk-based IS audit strategy?

Question110: An IS auditor finds that an organization's data loss prevention (DLP) system is configured to use vendor default settings to identify violations. The auditor's MAIN concern should be that:

Question111: Which of the following should be done FIRST when creating a data protection program?

Question112: In a public key cryptographic system, which of the following is the PRIMARY requirement to address the risk of man-in-the-middle attacks through spoofing?

Question113: Which of the following is MOST helpful for evaluating benefits realized by IT projects?

Question114: An IS auditor is reviewing enterprise governance and finds there is no defined organizational structure for technology risk governance. Which of the following is the GREATEST concern with this lack of structure?

Question115: Which of the following security testing techniques is MOST effective for confirming that inputs to a web application have been properly sanitized?

Question116: Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization's data loss prevention (DLP) controls?

Question117: During audit framework. an IS auditor teams that employees are allowed to connect their personal devices to company-owned computers. How can the auditor BEST validate that appropriate security controls are in place to prevent data loss?

Question118: Which of the following provides the MOST assurance of the integrity of a firewall log?

Question119: A small organization is experiencing rapid growth and plans to create a new information security policy.
Which of the following is MOST relevant to creating the policy?

Question120: An organization uses public key infrastructure (PKI) to provide email security. Which of the following would be the MOST efficient method to determine whether email messages have been modified in transit?

Question121: During a pre-deployment assessment, what is the BEST indication that a business case will lead to the achievement of business objectives?

Question122: Which of the following is a core functionality of a configuration and release management system?

Question123: An organization's senior management thinks current security controls may be excessive and requests an IS auditor's advice on how to assess the adequacy of current measures. What is the auditor's BEST recommendation to management?

Question124: Which of the following BEST reflects a mature strategic planning process?

Question125: Which of the following security measures will reduce the risk of propagation when a cyberattack occurs?

Question126: The PRIMARY reason for an IS auditor to use data analytics techniques is to reduce which type of audit risk?

Question127: What is the Most critical finding when reviewing an organization's information security management?

Question128: An organization has implemented a new data classification scheme and asks the IS auditor to evaluate its effectiveness. Which of the following would be of GREATEST concern to the auditor?

Question129: An IS auditor notes that IT and the business have different opinions on the availability of their application servers. Which of the following should the IS auditor review FIRST in order to understand the problem?

Question130: Which of the following activities would allow an IS auditor to maintain independence while facilitating a control sell-assessment (CSA)?

Question131: An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner. Which of the following is the auditor's BEST recommendation?

Question132: Which of the following security measures is MOST important for protecting Internet of Things (IoT) devices from potential cyberattacks?

Question133: Which of the following should be used to evaluate an IT development project before an investment is committed?

Question134: During the discussion of a draft audit report IT management provided suitable evidence that a process has been implemented for a control that had been concluded by the IS auditor as ineffective Which of the following is the auditor's BEST action?

Question135: An IS auditor finds that a recently deployed application has a number of developers with inappropriate update access left over from the testing environment. Which of the following would have BEST prevented the update access from being migrated?

Question136: Following a merger, a review of an international organization determines the IT steering committee's decisions do not extend to regional offices as required in the consolidated IT operating model. Which of the following is the IS auditor's BEST recommendation?

Question137: Which of the following is the GREATEST benefit of adopting an Agile audit methodology?

Question138: Which of the following is the MOST important consideration when implementing a Zero Trust strategy for mobile, wireless, and Internet of Things (IoT) devices?

Question139: When a data center is attempting to restore computing facilities at an alternative site following a disaster, which of the following should be restored FIRST?

Question140: Which of the following BEST demonstrates to senior management and the board that an audit function is compliant with standards and the code of ethics?

Question141: During a pre-implementation review, an IS auditor notes that some scenarios have not been tested.
Management has indicated that the project is critical and cannot be postponed. Which of the following is the auditor's BEST course of action?

Question142: Which of the following is the BEST way to ensure an organization's data classification policies are preserved during the process of data transformation?

Question143: Which of the following is a detective control?

Question144: A project team has decided to switch to an agile approach to develop a replacement for an existing business application. Which of the following should an IS auditor do FIRST to ensure the effectiveness of the protect audit?

Question145: An organization is shifting to a remote workforce In preparation the IT department is performing stress and capacity testing of remote access infrastructure and systems What type of control is being implemented?

Question146: Of the following who should be responsible for cataloging and inventorying robotic process automation (RPA) processes?

Question147: A new system is being developed by a vendor for a consumer service organization. The vendor will provide its proprietary software once system development is completed Which of the following is the MOST important requirement to include In the vendor contract to ensure continuity?

Question148: An IS auditor suspects an organization's computer may have been used to commit a crime. Which of the following is the auditor's BEST course of action?

Question149: A transaction processing system interfaces with the general ledger. Data analytics has identified that some transactions are being recorded twice in the general ledger. While management states a system fix has been implemented, what should the IS auditor recommend to validate the interface is working in the future?

Question150: A disaster recovery plan (DRP) should include steps for:

Question151: Which of the following should be of GREATEST concern for an IS auditor reviewing an organization's disaster recovery plan (DRP)?

Question152: What should be an IS auditor's PRIMARY focus when reviewing a patch management procedure in an environment where availability is a top priority?

Question153: What is the PRIMARY benefit of using one-time passwords?

Question154: When auditing the closing stages of a system development protect which of the following should be the MOST important consideration?

Question155: In an online application, which of the following would provide the MOST information about the transaction audit trail?

Question156: Which of the following is MOST important when creating a forensic image of a hard drive?

Question157: During an audit of a financial application, it was determined that many terminated users' accounts were not disabled. Which of the following should be the IS auditor's NEXT step?

Question158: An IS auditor is reviewing an organization's incident management processes. Which of the following observations should be the auditor's GREATEST concern?

Question159: When testing the adequacy of tape backup procedures, which step BEST verifies that regularly scheduled Backups are timely and run to completion?

Question160: Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?

Question161: Audit frameworks cart assist the IS audit function by:

Question162: An organization has developed mature risk management practices that are followed across all departments What is the MOST effective way for the audit team to leverage this risk management maturity?

Question163: Email required for business purposes is being stored on employees' personal devices.
Which of the following is an IS auditor's BEST recommendation?

Question164: Which of the following is an IS auditor's BEST course of action when the auditee indicates that a corrective action plan for a high-risk finding will take longer than expected?

Question165: Which of the following would BEST facilitate the successful implementation of an IT-related framework?

Question166: An IS auditor finds a segregation of duties issue in an enterprise resource planning (ERP) system. Which of the following is the BEST way to prevent the misconfiguration from recurring?

Question167: Which of the following is the MOST important outcome of an information security program?

Question168: In order for a firewall to effectively protect a network against external attacks, what fundamental practice must be followed?

Question169: Which of the following would provide management with the MOST reasonable assurance that a new data warehouse will meet the needs of the organization?

Question170: Which of the following components of a risk assessment is MOST helpful to management in determining the level of risk mitigation to apply?

Question171: Which of the following is MOST useful when planning to audit an organization's compliance with cybersecurity regulations in foreign countries?

Question172: Which of the following tests would provide the BEST assurance that a health care organization is handling patient data appropriately?

Question173: An IS auditor is analyzing a sample of accounts payable transactions for a specific vendor and identifies one transaction with a value five times as high as the average transaction. Which of the following should the auditor do NEXT?

Question174: Which of the following BEST enables a benefits realization process for a system development project?

Question175: Aligning IT strategy with business strategy PRIMARILY helps an organization to:

Question176: Which of the following is MOST important for an IS auditor to determine during the detailed design phase of a system development project?

Question177: Which of the following is the BEST source of information for assessing the effectiveness of IT process monitoring?

Question178: An IS auditor has been asked to audit the proposed acquisition of new computer hardware. The auditor's PRIMARY concern Is that:

Question179: Which of the following is the MOST effective way for an organization to project against data loss?

Question180: An IS auditor has been asked to review the quality of data in a general ledger system. Which of the following would provide the auditor with the MOST meaningful results?

Question181: Which of the following is the GREATEST advantage of maintaining an internal IS audit function within an organization?

Question182: A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?

Question183: What should be the PRIMARY basis for selecting which IS audits to perform in the coming year?

Question184: Which of the following is MOST important to define within a disaster recovery plan (DRP)?

Question185: Which of the following should be an IS auditor's GREATEST concern when a data owner assigns an incorrect classification level to data?

Question186: Which of the following is MOST important to include in security awareness training?

Question187: An IS auditor discovers an option in a database that allows the administrator to directly modify any table. This option is necessary to overcome bugs in the software, but is rarely used. Changes to tables are automatically logged. The IS auditor's FIRST action should be to:

Question188: When reviewing the functionality of an intrusion detection system (IDS), the IS auditor should be MOST concerned if:

Question189: When planning an audit to assess application controls of a cloud-based system, it is MOST important tor the IS auditor to understand the.

Question190: When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?

Question191: Cross-site scripting (XSS) attacks are BEST prevented through:

Question192: Which of the following is necessary for effective risk management in IT governance?

Question193: Which of the following is the MOST important benefit of involving IS audit when implementing governance of enterprise IT?

Question194: Upon completion of audit work, an IS auditor should:

Question195: Which of the following provides the BEST evidence that a third-party service provider's information security controls are effective?

Question196: Which of the following would be MOST useful to an IS auditor when making recommendations to enable continual improvement of IT processes over time?

Question197: Which of the following would BEST indicate the effectiveness of a security awareness training program?

Question198: Malicious program code was found in an application and corrected prior to release into production. After the release, the same issue was reported. Which of the following is the IS auditor's BEST recommendation?

Question199: A mission-critical application utilizes a one-node database server. On multiple occasions, the database service has been stopped to perform routine patching, causing application outages. Which of the following should be the IS auditor's GREATEST concern?

Question200: Coding standards provide which of the following?

Question201: Which of the following is MOST helpful for understanding an organization's key driver to modernize application platforms?

Question202: The PRIMARY purpose of requiring source code escrow in a contractual agreement is to:

Question203: Which of the following is the MOST important success factor for implementing a data loss prevention (DLP) tool?

Question204: Which of the following is the BEST way to prevent social engineering incidents?

Question205: Which of the following BEST demonstrates that IT strategy Is aligned with organizational goals and objectives?

Question206: During which phase of the software development life cycle is it BEST to initiate the discussion of application controls?

Question207: A hearth care organization utilizes Internet of Things (loT) devices to improve patient outcomes through real- time patient monitoring and advanced diagnostics. Which of the following would BEST assist in isolating these devices from corporate network traffic?

Question208: During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:

Question209: During a follow-up audit, an IS auditor finds that senior management has implemented a different remediation action plan than what was previously agreed upon. Which of the following is the auditor's BEST course of action?

Question210: One advantage of monetary unit sampling is the fact that

Question211: Which of the following should be of GREATEST concern for an IS auditor when reviewing user account policies?

Question212: An organization is implementing a data loss prevention (DLP) system in response to a new regulatory requirement Reviewing. which of the following would be MOST helpful in evaluating the system's design?

Question213: When auditing an organization's software acquisition process the BEST way for an IS auditor to understand the software benefits to the organization would be to review the

Question214: Which type of control has been established when an organization implements a security information and event management (SIEM) system?

Question215: An IS auditor is conducting an IT governance audit and notices many initiatives are managed informally by isolated project managers. Which of the following recommendations would have the GREATEST impact on improving the maturity of the IT team?

Question216: Which of the following poses the GREATEST potential concern for an organization that decides to consolidate mission-critical applications on a large server as part of IT capacity management?

Question217: When an intrusion into an organization's network is detected, which of the following should be done FIRST?

Question218: A review of IT interface controls finds an organization does not have a process to identify and correct records that do not get transferred to the receiving system. Which of the following is the IS auditor's BEST recommendation?

Question219: Which of the following would be an IS auditor's GREATEST concern when reviewing the organization's business continuity plan (BCP)?

Question220: Which of the following is MOST useful for determining the strategy for IT portfolio management?

Question221: Which of the following would be MOST important to include in an IS audit report?

Question222: Audit frameworks can assist the IS audit function by:

Question223: Which of the following would BEST help to ensure that potential security issues are considered by the development team as part of incremental changes to agile-developed software?

Question224: Which of the following is the BEST way to identify whether the IT help desk is meeting service level agreements (SLAS)?

Question225: An organization produces control reports with a desktop application that accesses data in the central production database. Which of the following would give an IS auditor concern about the reliability of these reports?

Question226: Which of the following is the BEST indicator for measuring performance of IT help desk function?

Question227: Which of the following is MOST important for an effective control self-assessment (CSA) program?

Question228: Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's IT process performance reports over the last quarter?

Question229: The PRIMARY benefit of information asset classification is that it:

Question230: Which of the following is the BEST approach to validate whether a streaming site can continue to provide service during a period of live streaming with an anticipated high volume of viewers?

Question231: Which of the following is the BEST control to help ensure that security requirements are considered throughout the life cycle of an agile software development project?

Question232: Which of the following is the BEST metric to measure the quality of software developed in an organization?

Question233: During an IT governance audit, an IS auditor notes that IT policies and procedures are not regularly reviewed and updated. The GREATEST concern to the IS auditor is that policies and procedures might not:

Question234: Which of the following is the MOST significant impact to an organization that does not use an IT governance framework?

Question235: Which of the following BEST describes a digital signature?

Question236: Which of the following should be of GREATEST concern to an IS auditor assessing an organization's patch management program?

Question237: When designing metrics for information security, the MOST important consideration is that the metrics:

Question238: in a post-implantation Nation review of a recently purchased system it is MOST important for the iS auditor to determine whether the:

Question239: Which of the following would be the BEST process for continuous auditing to a large financial Institution?

Question240: Which of the following is the STRONGEST indication of a mature risk management program?

Question241: A web application is developed in-house by an organization. Which of the following would provide the BEST evidence to an IS auditor that the application is secure from external attack?

Question242: Which of the following is the BEST security control to validate the integrity of data communicated between production databases and a big data analytics system?

Question243: An IS auditor observes that a business-critical application does not currently have any level of fault tolerance.
Which of the following is the GREATEST concern with this situation?

Question244: During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?

Question245: The use of control totals reduces the risk of:

Question246: The GREATEST concern for an IS auditor reviewing vulnerability assessments by the auditee would be if the assessments are:

Question247: An employee loses a mobile device resulting in loss of sensitive corporate data. Which o( the following would have BEST prevented data leakage?

Question248: The BEST way for an IS auditor to validate that separation of duties has been implemented is to perform:

Question249: Which of the following is the BEST way to detect unauthorized copies of licensed software on systems?

Question250: Which of the following is an example of a preventive control for physical access?

Question251: Which of the following is the BEST control to minimize the risk of unauthorized access to lost company-owned mobile devices?

Question252: An IS auditor is reviewing how password resets are performed for users working remotely. Which type of documentation should be requested to understand the detailed steps required for this, activity?

Question253: Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?

Question254: Which of the following is an executive management concern that could be addressed by the implementation of a security metrics dashboard?

Question255: Retention periods and conditions for the destruction of personal data should be determined by the.

Question256: An organization is establishing a steering committee for the implementation of a new enterprise resource planning (ERP) system that uses Agile project management methodology. What is the MOST important criterion for the makeup of this committee?

Question257: Who should be the FIRST to evaluate an audit report prior to issuing it to the project steering committee?

Question258: Which of the following constitutes an effective detective control in a distributed processing environment?

Question259: Which of the following poses the GREATEST risk to an organization related to system interfaces?

Question260: Which of the following is the BEST testing approach to facilitate rapid identification of application interface errors?

Question261: When developing customer-facing IT applications, in which stage of the system development life cycle (SDLC) is it MOST beneficial to consider data privacy principles?

Question262: An IS department is evaluated monthly on its cost-revenue ratio user satisfaction rate, and computer downtime This is BEST zed as an application of.

Question263: An IS auditor has been asked to review an event log aggregation system to ensure risk management practices have been applied. Which of the following should be of MOST concern to the auditor?

Question264: During an information security review, an IS auditor learns an organizational policy requires all employ-ees to attend information security training during the first week of each new year. What is the auditor's BEST recommendation to ensure employees hired after January receive adequate guid-ance regarding security awareness?

Question265: An organization is disposing of a system containing sensitive data and has deleted all files from the hard disk.
An IS auditor should be concerned because:

Question266: Which of the following is the MAIN purpose of an information security management system?

Question267: Which of the following is MOST important for an IS auditor to confirm when reviewing an organization's incident response management program?

Question268: An IS auditor is conducting a review of a data center. Which of the following observations could indicate an access control Issue?

Question269: While evaluating the data classification process of an organization, an IS auditor's PRIMARY focus should be on whether:

Question270: A vendor requires privileged access to a key business application. Which of the following is the BEST recommendation to reduce the risk of data leakage?

Question271: Which of the following is MOST effective for controlling visitor access to a data center?

Question272: Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?

Question273: An internal audit team is deciding whether to use an audit management application hosted by a third party in a different country.
What should be the MOST important consideration related to the uploading of payroll audit documentation in the hosted application?

Question274: Which of the following is the PRIMARY benefit of effective implementation of appropriate data classification?

Question275: If a source code is not recompiled when program changes are implemented, which of the following is a compensating control to ensure synchronization of source and object?

Question276: In order to be useful, a key performance indicator (KPI) MUST

Question277: An IS auditor discovers that due to resource constraints a database administrator (DBA) is responsible for developing and executing changes into the production environment Which ot the following should the auditor do FIRSTS

Question278: What is the PRIMARY benefit of an audit approach which requires reported findings to be issued together with related action plans, owners, and target dates?

Question279: Which of the following should be of MOST concern to an IS auditor reviewing the public key infrastructure (PKI) for enterprise email?

Question280: Which of the following business continuity activities prioritizes the recovery of critical functions?

Question281: Which of the following network communication protocols is used by network devices such as routers to send error messages and operational information indicating success or failure when communicating with another IP address?

Question282: To mitigate the risk of exposing data through application programming interface (API) queries. which of the following design considerations is MOST important?

Question283: Which of the following is the BEST way to mitigate the risk associated with unintentional modifications of complex calculations in end-user computing (EUC)?

Question284: Which of the following is the PRIMARY reason for an IS auditor to perform a risk assessment?

Question285: An organization is permanently transitioning from onsite to fully remote business operations. When should the existing business impact analysis (BIA) be reviewed?

Question286: Which of the following is the BEST way to determine whether a test of a disaster recovery plan (DRP) was successful?

Question287: Which of the following is the MOST appropriate control to ensure integrity of online orders?

Question288: To confirm integrity for a hashed message, the receiver should use:

Question289: Users are complaining that a newly released enterprise resource planning (ERP) system is functioning too slowly. Which of the following tests during the quality assurance (QA) phase would have identified this concern?

Question290: Which of the following observations should be of GREATEST concern to an IS auditor assessing access controls for the accounts payable module of a finance system?

Question291: During an operational audit on the procurement department, the audit team encounters a key system that uses an artificial intelligence (Al) algorithm. The audit team does not have the necessary knowledge to proceed with the audit. Which of the following is the BEST way to handle this situation?

Question292: Which of the following presents the GREATEST challenge to the alignment of business and IT?

Question293: One advantage of managing an entire collection of projects as a portfolio is that it highlights the need to:

Question294: Which of the following BEST facilitates the legal process in the event of an incident?

Question295: An IS auditor wants to verify alignment of the organization's business continuity plan (BCP) with the business strategy. Which of the following would be MOST helpful to review?

Question296: Which of the following should be an IS auditor's PRIMARY focus when auditing the implementation of a new IT operations performance monitoring system?

Question297: What should an IS auditor do FIRST when management responses
to an in-person internal control questionnaire indicate a key internal
control is no longer effective?

Question298: An IS auditor is evaluating the progress of a web-based customer service application development project.
Which of the following would be MOST helpful for this evaluation?

Question299: Management is concerned about sensitive information being intentionally or unintentionally emailed as attachments outside the organization by employees. What is the MOST important task before implementing any associated email controls?

Question300: An IS auditor can BEST evaluate the business impact of system failures by:

Question301: An IS auditor should ensure that an application's audit trail:

Question302: An organization is planning to implement a work-from-home policy that allows users to work remotely as needed. Which of the following is the BEST solution for ensuring secure remote access to corporate resources?

Question303: Which of the following will BEST ensure that a proper cutoff has been established to reinstate transactions and records to their condition just prior to a computer system failure?

Question304: Which of the following should be the FIRST consideration when deciding whether data should be moved to a cloud provider for storage?

Question305: Which of the following is MOST important for an IS auditor to do during an exit meeting with an auditee?

Question306: A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?

Question307: In a review of the organization standards and guidelines for IT management, which of the following should be included in an IS development methodology?

Question308: Which of the following is the MOST appropriate testing approach when auditing a daily data flow between two systems via an automated interface to confirm that it is complete and accurate?

Question309: The PRIMARY advantage of using open-source-based solutions is that they:

Question310: Which of the following is the MOST efficient control to reduce the risk associated with a systems administrator having network administrator responsibilities?

Question311: Which of the following metrics is the BEST indicator of the performance of a web application?

Question312: Which of the following is the MOST effective accuracy control for entry of a valid numeric part number?

Question313: A manager Identifies active privileged accounts belonging to staff who have left the organization. Which of the following is the threat actor In this scenario?

Question314: Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?

Question315: Which of the following is the MAJOR advantage of automating internal controls?

Question316: Which of the following BEST indicates a need to review an organization's information security policy?

Question317: During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures. The auditor's NEXT step should be to:

Question318: A review of Internet security disclosed that users have individual user accounts with Internet service providers (ISPs) and use these accounts for downloading business data. The organization wants to ensure that only the corporate network is used. The organization should FIRST:

Question319: Which of the following statements appearing in an organization's acceptable use policy BEST demonstrates alignment with data classification standards related to the protection of information assets?

Question320: Which of the following will BEST ensure that archived electronic information of permanent importance remains accessible over time?

Question321: When is it MOST important for an IS auditor to apply the concept of materiality in an audit?

Question322: Which of the following is the GREATEST risk of using a reciprocal site for disaster recovery?

Question323: During a routine internal software licensing review, an IS auditor discovers instances where employees shared license keys to critical pieces of business software. Which of the following would be the auditor's BEST course of action?

Question324: Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's method to transport sensitive data between offices?

Question325: A contract for outsourcing IS functions should always include:

Question326: Which of the following practices associated with capacity planning provides the GREATEST assurance that future incidents related to existing server performance will be prevented?

Question327: Which of the following is MOST important to the effectiveness of smoke detectors installed in a data processing facility?

Question328: An IS auditor notes the transaction processing times in an order processing system have significantly increased after a major release. Which of the following should the IS auditor review FIRST?

Question329: A steering committee established to oversee an organization's digital transformation program is MOSTlikely to be involved with which of the following activities?

Question330: Which of the following is the BEST compensating control against segregation of duties conflicts in new code development?

Question331: Which of the following should be of GREATEST concern to an IS auditor assessing the effectiveness of an organization's information security governance?

Question332: An IS auditor is reviewing an industrial control system (ICS) that uses older unsupported technology in the scope of an upcoming audit. What should the auditor consider the MOST significant concern?

Question333: Stress testing should ideally be carried out under a:

Question334: Which of the following is the PRIMARY reason to follow a configuration management process to maintain application?

Question335: How does a continuous integration/continuous development (CI/CD) process help to reduce software failure risk?

Question336: The business case for an information system investment should be available for review until the:

Question337: During an IS audit of a data center, it was found that programmers are allowed to make emergency fixes to operational programs. Which of the following should be the IS auditor's PRIMARY recommendation?

Question338: A finance department has a two-year project to upgrade the enterprise resource planning (ERP) system hosting the general ledger in year one the system version upgrade will be applied and in year two business processes will be updated to implement new system functionality. Which of the following should be the PRIMARY focus of an IS auditor reviewing the second year of the implementation'?

Question339: An IS auditor finds that periodic reviews of read-only users for a reporting system are not being performed.
Which of the following should be the IS auditor's NEXT course of action?

Question340: An organization allows its employees lo use personal mobile devices for work. Which of the following would BEST maintain information security without compromising employee privacy?

Question341: Which of the following BEST enables the timely identification of risk exposure?

Question342: An organization has made a strategic decision to split into separate operating entities to improve profitability.
However, the IT infrastructure remains shared between the entities. Which of the following would BEST help to ensure that IS audit still covers key risk areas within the IT environment as part of its annual plan?

Question343: Which of the following is the MOST important area of focus for an IS auditor when developing a risk-based audit strategy?

Question344: Which of the following system redundancy configurations BEST improves system resiliency and reduces the possibility of a single cause of failure impacting system dependability?

Question345: Which of the following would BEST help to ensure that an incident receives attention from appropriate personnel in a timely manner?

Question346: An IS auditor reviewing security incident processes realizes incidents are resolved and closed, but root causes are not investigated. Which of the following should be the MAJOR concern with this situation?

Question347: An IS auditor would MOST likely recommend that IT management use a balanced scorecard to:

Question348: The use of which of the following is an inherent risk in the application container infrastructure?

Question349: Which of the following controls is MOST effective at preventing system failures when implementing a new web application?

Question350: Which of the following should be the GREATEST concern for an IS auditor assessing an organization's disaster recovery plan (DRP)?

Question351: Which of the following is the GREATEST concern associated with a high number of IT policy exceptions approved by management?

Question352: During a project audit, an IS auditor notes that project reporting does not accurately reflect current progress.
Which of the following is the GREATEST resulting impact?

Question353: During which IT project phase is it MOST appropriate to conduct a benefits realization analysis?

Question354: Which of the following is the MOST effective control to mitigate unintentional misuse of authorized access?

Question355: Which of the following is MOST important for an IS auditor to review when determining whether IT investments are providing value to tie business?

Question356: Management has learned the implementation of a new IT system will not be completed on time and has requested an audit. Which of the following audit findings should be of GREATEST concern?

Question357: A CFO has requested an audit of IT capacity management due to a series of finance system slowdowns during month-end reporting. What would be MOST important to consider before including this audit in the program?

Question358: An organization has assigned two new IS auditors to audit a new system implementation. One of the auditors has an IT-related degree, and one has a business degree. Which of the following is MOST important to meet the IS audit standard for proficiency?

Question359: An IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer payments. The IS auditor should FIRST

Question360: An IS auditor assessing the controls within a newly implemented call center would First

Question361: A security administrator is called in the middle of the night by the on-call programmer A number of programs have failed, and the programmer has asked for access to the live system. What IS the BEST course of action?

Question362: Which of the following BEST minimizes performance degradation of servers used to authenticate users of an e-commerce website?

Question363: Which of the following BEST ensures that effective change management is in place in an IS environment?

Question364: Which of the following findings would be of GREATEST concern to an IS auditor reviewing firewall security for an organization's corporate network?

Question365: Which of the following issues associated with a data center's closed-circuit television (CCTV) surveillance cameras should be of MOST concern to an IS auditor?

Question366: Which type of attack targets security vulnerabilities in web applications to gain access to data sets?

Question367: Using swipe cards to limit employee access to restricted areas requires implementing which additional control?

Question368: Which of the following should an IS auditor be MOST concerned with when a system uses RFID?

Question369: Which of the following should be the GREATEST concern for an IS auditor performing a post- implementation review for a major system upgrade?

Question370: Which of following is MOST important to determine when conducting a post-implementation review?

Question371: An IS auditor reviewing an information processing environment decides to conduct external penetration testing. Which of the following is MOST appropriate to include in the audit scope for the organization to distinguish between the auditor's penetration attacks and actual attacks?

Question372: Which of the following would BEST help lo support an auditor's conclusion about the effectiveness of an implemented data classification program?

Question373: Providing security certification for a new system should include which of the following prior to the system's implementation?

Question374: Several unattended laptops containing sensitive customer data were stolen from personnel offices Which of the following would be an IS auditor's BEST recommendation to protect data in case of recurrence?

Question375: A new system development project is running late against a critical implementation deadline Which of the following is the MOST important activity?

Question376: Which of the following poses the GREATEST risk to the use of active RFID tags?

Question377: Which of the following is the GREATEST risk if two users have concurrent access to the same database record?

Question378: Which of the following is a PRIMARY benefit of using risk assessments to determine areas to be included in an audit plan?

Question379: Which of the following should be an IS auditor's GREATEST concern when assessing an IT service configuration database?

Question380: Which of the following technologies has the SMALLEST maximum range for data transmission between devices?

Question381: Who is PRIMARILY responsible for the design of IT controls to meet control objectives?

Question382: In an IT organization where many responsibilities are shared which of the following is the BEST control for detecting unauthorized data changes?

Question383: Which of the following is MOST important to consider when assessing the scope of privacy concerns for an IT project?

Question384: Which of the following is the GREATEST advantage of vulnerability scanning over penetration testing?

Question385: An IS auditor is reviewing processes for importing market price data from external data providers. Which of the following findings should the auditor consider MOST critical?

Question386: Which of the following is MOST important to ensure when planning a black box penetration test?

Question387: Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS audit has been asked to conduct a control assessment. the auditor's BEST course of action would be to determine if:

Question388: Which of the following would MOST likely jeopardize the independence of a quality assurance (QA} team and could lead to conflict of interest?

Question389: The implementation of an IT governance framework requires that the board of directors of an organization:

Question390: Which of the following technologies is BEST suited to fulfill a business requirement for nonrepudiation of business-to-business transactions with external parties without the need for a mutually trusted entity?

Question391: A post-implementation review was conducted by issuing a survey to users. Which of the following should be of GREATEST concern to an IS auditor?

Question392: Which of the following is the GREATEST advantage of outsourcing the development of an e-banking solution when in-house technical expertise is not available?

Question393: Which of the following will MOST likely compromise the control provided By a digital signature created using RSA encryption?

Question394: Which of the following findings would be of GREATEST concern to an IS auditor assessing an organization's patch management process?

Question395: One benefit of return on investment (ROI) analysts in IT decision making is that it provides the:

Question396: An IS auditor is assigned to review the IS department s quality procedures. Upon contacting the IS manager, the auditor finds that there is an informal unwritten set of standards Which of the following should be the auditor's NEXT action1?

Question397: Which type of device sits on the perimeter of a corporate of home network, where it obtains a public IP address and then generates private IP addresses internally?

Question398: Which of the following is an example of shadow IT?

Question399: Which of the following is the MOST effective control when granting access to a service provider for a ctoud-
6ased application?

Question400: In a high-volume, real-time system, the MOST effective technique by which to continuously monitor and analyze transaction processing is:

Question401: Which of the following is the PRIMARY advantage of using an automated security log monitoring tool over a manual review to monitor the use of privileged access?

Question402: Which of the following should be an IS auditor's PRIMARY consideration when determining which issues to include in an audit report?

Question403: An IS auditor finds that capacity management for a key system is being performed by IT with no input from the business The auditor's PRIMARY concern would be:

Question404: Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?

Question405: During the forensic investigation of a cyberattack involving credit card data, which of the following is MOST important to ensure?

Question406: While reviewing the effectiveness of an incident response program, an IS auditor notices a high number of reported incidents involving malware originating from removable media found by employees. Which of the following is the MOST appropriate recommendation to management?

Question407: Which task should an IS auditor complete FIRST during the preliminary planning phase of a database security review?

Question408: Which of the following is the MOST effective way to ensure adequate system resources are available for high- priority activities?

Question409: An IS auditor has been tasked with auditing the inventory control process for a large organization that processes millions of data transactions. Which of the following is the BEST testing strategy to adopt?

Question410: During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:

Question411: Which of the following is MOST important for an IS auditor to validate when auditing network device management?

Question412: An IS auditor concludes that an organization has a quality security policy. Which of the following is MOST important to determine next? The policy must be:

Question413: Which of the following should an IS auditor review FIRST when planning a customer data privacy audit?

Question414: Which of the following should be the PRIMARY concern for the it department head when implementing operational log management?

Question415: Which of the following is the BEST reason to implement a data retention policy?

Question416: The PRIMARY objective of a control self-assessment (CSA) is to:

Question417: An IS auditor is planning a review of an organizations cybersecurity incident response maturity Which of the following methodologies would provide the MOST reliable conclusions?

Question418: Which of the following is the MOST important course of action to ensure a cloud access security broker (CASB) effectively detects and responds to threats?

Question419: Which of the following analytical methods would be MOST useful when trying to identify groups with similar behavior or characteristics in a large population?

Question420: Which of the following should be the GREATEST concern to an IS auditor reviewing the information security framework of an organization?

Question421: When verifying the accuracy and completeness of migrated data for a new application system replacing a legacy system. It is MOST effective for an IS auditor to review;

Question422: Which of the following concerns is BEST addressed by securing production source libraries?

Question423: During an audit, the IS auditor finds that in many cases excessive rights were not removed from a system.
Which of the following is the auditor's BEST recommendation?

Question424: An auditee disagrees with a recommendation for corrective action that appears in the draft engagement report.
Which of the following is the IS auditor's BEST course of action when preparing the final report?

Question425: What should be the PRIMARY focus during a review of a business process improvement project?

Question426: Which of the following would present the GREATEST risk within a release management process for a new application?

Question427: Which of the following is the MOST significant risk when an application uses individual end-user accounts to access the underlying database?

Question428: What is the PRIMARY purpose of documenting audit objectives when preparing for an engagement?

Question429: An IS auditor is reviewing an artificial intelligence (Al) and expert system application. The system has produced several critical errors with severe impact. Which of the following should the IS auditor do NEXT to understand the cause of the errors?

Question430: Which of the following would be of GREATEST concern to an IS auditor reviewing the resiliency of an organizational network that has two internet connections?

Question431: The BEST way to provide assurance that a project is adhering to the project plan is to:

Question432: Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?

Question433: A company requires that all program change requests (PCRs) be approved and all modifications be automatically logged. Which of the following IS audit procedures will BEST determine whether unauthorized changes have been made to production programs?

Question434: Which of the following should be given GREATEST consideration when implementing the use of an open-source product?

Question435: Which of the following is the MOST important reason for an IS auditor to examine the results of a post- incident review performed after a security incident?

Question436: Which of the following would BEST prevent an arbitrary application of a patch?

Question437: When reviewing the disaster recovery strategy, IT management identified an application that requires a short recovery point objective (RPO). Which of the following data restoration strategies would BEST enable the organization to meet this objective?

Question438: Which of the following is the MOST important privacy consideration for an organization that uses a cloud service provider to process customer data?

Question439: Which of the following is MOST important for an IS auditor to look
for in a project feasibility study?

Question440: During a follow-up audit, it was found that a complex security vulnerability of low risk was not resolved within the agreed-upon timeframe. IT has stated that the system with the identified vulnerability is being replaced and is expected to be fully functional in two months Which of the following is the BEST course of action?

Question441: Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?

Question442: Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's job scheduling practices?

Question443: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?

Question444: Which of the following should be of MOST concern to an IS auditor reviewing an organization's operational log management?

Question445: An IS auditor has found that a vendor has gone out of business and the escrow has an older version of the source code. What is the auditor's BEST recommendation for the organization?

Question446: How is nonrepudiation supported within a public key infrastructure (PKI) environment?

Question447: Which of the following observations should be of GREATEST concern to an IS auditor reviewing an organization's enterprise architecture (EA) program?

Question448: An IS auditor is evaluating the log management system for an organization with devices and systems in multiple geographic locations. Which of the following is MOST important for the auditor to verify?

Question449: Which of the following BEST addresses the availability of an online store?

Question450: Which of the following is the BEST source of information for an IS auditor to use as a baseline to assess the adequacy of an organization's privacy policy?

Question451: Which of the following BEST enables an organization to improve the visibility of end-user computing (EUC) applications that support regulatory reporting?

Question452: An organization wants to use virtual desktops to deliver corporate applications to its end users. Which of the following should an IS auditor recommend to prevent domain name system (DNS) poisoning in their cloud environment?

Question453: In reviewing the IT strategic plan, the IS auditor should consider whether it identifies the:

Question454: At the end of each business day, a business-critical application generates a report of financial transac-tions greater than a certain value, and an employee then checks these transactions for errors. What type of control is in place?

Question455: Which of the following measures BEST mitigates the risk of data exfiltration during a cyberattack?

Question456: Which of the following is the BEST detective control for a job scheduling process involving data transmission?

Question457: Which of the following activities provides an IS auditor with the MOST insight regarding potential single person dependencies that might exist within the organization?

Question458: Which of the following BEST mitigates the risk of SQL injection attacks against applications exposed to the internet?

Question459: Management is concerned about sensitive information being intentionally or unintentionally emailed as attachments outside the organization by employees. What is the MOST important task before implementing any associated email controls?

Question460: Which of the following is an effective way to ensure the integrity of file transfers in a peer-to-peer (P2P) computing environment?

Question461: Which of the following should be of MOST concern to an IS auditor reviewing the information systems acquisition, development, and implementation process?

Question462: An IS auditor is reviewing a decision to consolidate processing for multiple applications onto a single large server. Which of the following is the MOST significant impact from this decision?

Question463: Which of the following is MOST important for an IS auditor to verify when evaluating an organization's firewall?

Question464: Which of the following is the BEST source of information for examining the classification of new data?

Question465: An IS auditor evaluating the change management process must select a sample from the change log. What is the BEST way to the auditor to confirm the change log is complete?

Question466: Which of the following would BEST enable an organization to address the security risks associated with a recently implemented bring your own device (BYOD) strategy?

Question467: An organization has outsourced the development of a core application. However, the organization plans to bring the support and future maintenance of the application back in-house. Which of the following findings should be the IS auditor's GREATEST concern?

Question468: An IS auditor Is renewing the deployment of a new automated system Which of the following findings presents the MOST significant risk?

Question469: Which of the following would lead an IS auditor to conclude that the evidence collected during a digital forensic investigation would not be admissible in court?

Question470: Which of the following is the BEST indicator that a third-party vendor adheres to the controls required by the organization?

Question471: A third-party consultant is managing the replacement of an accounting system. Which of the following should be the IS auditor's GREATEST concern?

Question472: An IS auditor is reviewing the release management process for an in-house software development solution. In which environment Is the software version MOST likely to be the same as production?

Question473: The PRIMARY benefit lo using a dry-pipe fire-suppression system rather than a wet-pipe system is that a dry- pipe system:

Question474: Which of the following is the PRIMARY benefit of a tabletop exercise for an incident response plan?

Question475: To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?

Question476: An organization is implementing a new data loss prevention (DLP) tool. Which of the following will BEST enable the organization to reduce false positive alerts?

Question477: Which of the following would be the GREATEST concern for an IS auditor conducting a pre-implementation review of a data loss prevention (DLP> tool?

Question478: An IT balanced scorecard is PRIMARILY used for:

Question479: What would be an IS auditor's BEST recommendation upon finding that a third-party IT service provider hosts the organization's human resources (HR) system in a foreign country?

Question480: An organization has established hiring policies and procedures designed specifically to ensure network administrators are well qualified Which type of control is in place?

Question481: In an organization's feasibility study to acquire hardware to support a new web server, omission of which of the following would be of MOST concern?

Question482: A small IT department has embraced DevOps, which allows members of this group to deploy code to production and maintain some development access to automate releases. Which of the following is the MOST effective control?

Question483: Who is responsible for defining data access permissions?

Question484: An IS auditor who was instrumental in designing an application is called upon to review the application. The auditor should:

Question485: The GREATEST benefit of using a polo typing approach in software development is that it helps to:

Question486: An IS auditor finds that the cost of developing an application is now projected to significantly exceed the budget. Which of the following is the GREATEST risk to communicate to senior management?

Question487: Which of the following is the MOST important responsibility of data owners when implementing a data classification process?

Question488: Which of the following would be MOST effective in detecting the presence of an unauthorized wireless access point on an internal network?

Question489: Which of the following is found in an audit charter?

Question490: During an audit which of the following would be MOST helpful in establishing a baseline for measuring data quality?

Question491: Which of the following responses to risk associated with separation of duties would incur the LOWEST initial cost?

Question492: Spreadsheets are used to calculate project cost estimates. Totals for each cost category are then keyed into the job-costing system. What is the BEST control to ensure that data is accurately entered into the system?

Question493: Capacity management enables organizations to:

Question494: Which of the following findings would be of GREATEST concern when reviewing project risk management practices?

Question495: Which of the following should be an IS auditor's GREATEST concern when an international organization intends to roll out a global data privacy policy?

Question496: As part of an audit response, an auditee has concerns with the recommendations and is hesitant to implement them. Which of the following is the BEST course of action for the IS auditor?

Question497: Which of the following is the PRIMARY advantage of using visualization technology for corporate applications?

Question498: Which of the following is an example of a preventative control in an accounts payable system?

Question499: An IS auditor is reviewing an organization's information asset management process. Which of the following would be of GREATEST concern to the auditor?

Question500: Which of the following should an IS auditor use when verifying a three-way match has occurred in an enterprise resource planning (ERR) system?

Question501: Which of the following is an analytical review procedure for a payroll system?

Question502: Which of the following would be the BEST criteria for monitoring an IT vendor's service levels?

Question503: Which of the following is the MOST effective control to mitigate against the risk of inappropriate activity by employees?

Question504: Which of the following would an IS auditor find to be the GREATEST risk associated with the server room in a remote office location?

Question505: The process of applying a hash function to a message and obtaining and ciphering a digest refers to:

Question506: Which of the following issues identified during a formal review of an organization's information security policies presents the GREATEST potential risk to the organization?

Question507: Which of the following parameters reflects the risk threshold for an organization experiencing a service disruption?

Question508: Which of the following is the BEST indication of effective IT investment management?

Question509: Which of the following would MOST likely impair the independence of the IS auditor when performing a post-implementation review of an application system?

Question510: An organization conducted an exercise to test the security awareness level of users by sending an email offering a cash reward 10 those who click on a link embedded in the body of the email. Which of the following metrics BEST indicates the effectiveness of awareness training?

Question511: Which of the following findings related to segregation of duties should be of GREATEST concern to an IS auditor?

Question512: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?

Question513: In which phase of the internal audit process is contact established with the individuals responsible for the business processes in scope for review?

Question514: An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that

Question515: Which of the following key performance indicators (KPIs) provides stakeholders with the MOST useful information about whether information security risk is being managed?

Question516: Which of the following BEST protects an organization's proprietary code during a joint-development activity involving a third party?

Question517: An IS auditor is reviewing the service agreement with a technology company that provides IT help desk services to the organization. Which of the following monthly performance metrics is the BEST indicator of service quality?

Question518: When auditing the security architecture of an online application, an IS auditor should FIRST review the:

Question519: An organization's security team created a simulated production environment with multiple vulnerable applications. What would be the PRIMARY purpose of creating such an environment?

Question520: An audit has identified that business units have purchased cloud-based applications without IPs support. What is the GREATEST risk associated with this situation?

Question521: A startup organization wants to develop a data loss prevention (DLP) program. The FIRST step should be to implement:

Question522: Which of following areas is MOST important for an IS auditor to focus on when reviewing the maturity model for a technology organization?

Question523: An IS auditor is conducting a post-implementation review of an enterprise resource planning (ERP) system.
End users indicated concerns with the accuracy of critical automatic calculations made by the system. The auditor's FIRST course of action should be to:

Question524: In a data center audit, an IS auditor finds that the humidity level is very low. The IS auditor would be MOST concerned because of an expected increase in:

Question525: Which of the following methods would BEST help detect unauthorized disclosure of confidential documents sent over corporate email?

Question526: During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?

Question527: The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure:

Question528: Which of the following would BEST demonstrate that an effective disaster recovery plan (DRP) is in place?

Question529: During a new system implementation, an IS auditor has been assigned to review risk management at each milestone. The auditor finds that several risks to project benefits have not been addressed. Who should be accountable for managing these risks?

Question530: The due date of an audit project is approaching, and the audit manager has determined that only 60% of the audit has been completed. Which of the following should the audit manager do FIRST?

Question531: Which of the following should be the PRIMARY role of an internal audit function in the management of identified business risks?

Question532: A business application's database is copied to a replication server within minutes. Which of the following processes taking place during business hours will MOST benefit from this architecture?

Question533: Which of the following BEST supports the effectiveness of a compliance program?

Question534: During the review of a system disruption incident, an IS auditor notes that IT support staff were put in a position to make decisions beyond their level of authority.
Which of the following is the BEST recommendation to help prevent this situation in the future?

Question535: A now regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?

Question536: Which of the following would be the GREATEST concern during a financial statement audit?

Question537: Which of the following is MOST important during software license audits?

Question538: Management has requested a post-implementation review of a newly implemented purchasing package to determine the extent that business requirements are being met. Which of the following is MOST likely to be assessed?

Question539: Which of the following should be the FIRST step when planning an IS audit of a third-party service provider that monitors network activities?

Question540: Which of the following controls is BEST implemented through system configuration?

Question541: Which of the following BEST indicates that an incident management process is effective?

Question542: An organization has decided to purchase a web-based email service from a third-party vendor and eliminate its own email server infrastructure. What type of cloud computing environment would BEST meet the organization's objective?

Question543: Which of the following is the PRIMARY objective of enterprise architecture (EA)?

Question544: Which of the following will provide the GREATEST assurance to IT management that a quality management system (QMS) is effective?

Question545: Which of the following is the BEST way to ensure that business continuity plans (BCPs) will work effectively in the event of a major disaster?

Question546: Which of the following should be of GREATEST concern to an IS auditor conducting an audit of an organization that recently experienced a ransomware attack?

Question547: Which of the following should be done FIRST to minimize the risk of unstructured data?

Question548: An IS auditor has completed the fieldwork phase of a network security review and is preparing the initial following findings should be ranked as the HIGHEST risk?

Question549: Which of the following is a threat to IS auditor independence?

Question550: Which of the following is the MOST appropriate indicator of change management effectiveness?

Question551: Which of the following should an IS auditor consider the MOST significant risk associated with a new health records system that replaces a legacy system?

Question552: The PRIMARY goal of capacity management is to:

Question553: During recent post-implementation reviews, an IS auditor has noted that several deployed applications are not being used by the business. The MOST likely cause would be the lack of:

Question554: Which of the following is an IS auditor's BEST recommendation to protect an organization from attacks when its file server needs to be accessible to external users?

Question555: Which of the following should be the PRIMARY basis for prioritizing follow-up audits?

Question556: Which of the following would BEST determine whether a post-implementation review (PIR) performed by the project management office (PMO) was effective?

Question557: An external audit firm was engaged to perform a validation and verification review for a systems implementation project. The IS auditor identifies that regression testing is not part of the project plan and was not performed by the systems implementation team. According to the team, the parallel testing being performed is sufficient, making regression testing unnecessary. What should be the auditor's NEXT step?

Question558: Which of the following security risks can be reduced by a property configured network firewall?

Question559: An IS auditor discovers a box of hard drives in a secured location that are overdue for physical destruction.
The vendor responsible for this task was never made aware of these hard drives.
Which of the following is the BEST course of action to address this issue?

Question560: Which of the following would be of GREATEST concern to an IS auditor reviewing an IT strategy document?

Question561: Which of the following should be used as the PRIMARY basis for prioritizing IT projects and initiatives?

Question562: Which of the following poses the GREATEST risk to an organization when employees use public social networking sites?

Question563: Which of the following is the BEST recommendation to include in an organization's bring your own device (BYOD) policy to help prevent data leakage?

Question564: Which of the following is the BEST indication to an IS auditor that management's post-implementation review was effective?

Question565: An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives. Which of the following findings should be the IS auditor's GREATEST concern?

Question566: Stress testing should ideally be earned out under a:

Question567: An IS audit team is evaluating documentation of the most recent application user access review. It is determined that the user list was not system generated. Which of the following should be of MOST concern?

Question568: An IS auditor is providing input to an RFP to acquire a financial application system. Which of the following is MOST important for the auditor to recommend?

Question569: Data from a system of sensors located outside of a network is received by the open ports on a server. Which of the following is the BEST way to ensure the integrity of the data being collected from the sensor system?

Question570: Which of the following is the MAIN risk associated with adding a new system functionality during the development phase without following a project change management process?

Question571: An organization is enhancing the security of a client-facing web application following a proposal to acquire personal information for a business purpose. Which of the following is MOST important to review before implementing this initiative?

Question572: Which of the following should be an IS auditor's PRIMARY focus when developing a risk-based IS audit program?

Question573: Recovery facilities providing a redundant combination of Internet connections to the local communications loop is an example of which type of telecommunications continuity?

Question574: Which of the following should an IS auditor expect to see in a network vulnerability assessment?

Question575: Which of the following metrics would BEST measure the agility of an organization's IT function?

Question576: Which of the following is the GREATEST risk when relying on reports generated by end-user computing (EUC)?

Question577: Which of the following is MOST helpful for measuring benefits realization for a new system?

Question578: During an exit meeting, an IS auditor highlights that backup cycles
are being missed due to operator error and that these exceptions
are not being managed. Which of the following is the BEST way to
help management understand the associated risk?

Question579: Which of the following is the PRIMARY purpose of obtaining a baseline image during an operating system audit?

Question580: An IS auditor is supporting a forensic investigation. An image of affected storage media has been captured while collecting digital forensic evidence. Which of the following techniques would BEST enable an IS auditor to verify that the captured image is an exact, unchanged replica of the original media?

Question581: During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. Which of the following should be recommended as the PRIMARY factor to determine system criticality?

Question582: An IS auditor is asked to review an organization's technology relationships, interfaces, and data. Which of the following enterprise architecture (EA) areas is MOST appropriate this review? (Choose Correct answer and give explanation from CISA Certification - Information Systems Auditor official book)

Question583: Which of the following responses to risk associated with segregation of duties would incur the LOWEST initial cost?

Question584: A post-implementation audit has been completed for the deployment of a sophisticated job scheduling tool Which of the following observations would be of GREATEST concern?

Question585: Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization's data loss prevention (DLP) controls?

Question586: Which of the following should be the IS auditor's PRIMARY focus, when evaluating an organization's offsite storage facility?

Question587: Which of the following is MOST important to determine during the planning phase of a cloud-based messaging and collaboration platform acquisition?

Question588: An IS auditor will be testing accounts payable controls by performing data analytics on the entire population of transactions. Which of the following is MOST important for the auditor to confirm when sourcing the population data?

Question589: The IS quality assurance (OA) group is responsible for:

Question590: Which of the following environments is BEST used for copying data and transformation into a compatible data warehouse format?

Question591: Which of the following indicates that an internal audit organization is structured to support the independence and clarity of the reporting process?

Question592: While auditing a small organization's data classification processes and procedures, an IS auditor noticed that data is often classified at the incorrect level. What is the MOST effective way for the organization to improve this situation?

Question593: An IS auditor reviewing the threat assessment tor a data center would be MOST concerned if:

Question594: Which of the following management decisions presents the GREATEST risk associated with data leakage?

Question595: An IS auditor finds that the process for removing access for terminated employees is not documented What is the MOST significant risk from this observation?

Question596: A warehouse employee of a retail company has been able to conceal the theft of inventory items by entering adjustments of either damaged or lost stock items lo the inventory system. Which control would have BEST prevented this type of fraud in a retail environment?

Question597: Which of the following should be the PRIMARY focus when communicating an IS audit issue to management?