CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 161
1. When should reviewing an audit client's business plan be performed relative to reviewing an organization's IT strategic plan?
A) Reviewing an audit client's business plan should be performed before reviewing an organization's IT strategic plan.
B) Reviewing an audit client's business plan should be performed after reviewing an organization's IT strategic plan.
C) Reviewing an audit client's business plan should be performed during the review of an organization's IT strategic plan.
D) Reviewing an audit client's business plan should be performed without regard to an organization's IT strategic plan.
2. Allowing application programmers to directly patch or change code in production programs increases risk of fraud. True or false?
A) True
B) False
C)
D)
3. Who should be responsible for network security operations?
A) Business unit managers
B) Security administrators
C) Network administrators
D) IS auditors
4. Proper segregation of duties does not prohibit a quality control administrator from also being responsible for change control and problem management. True or false?
A) True
B) False
C)
D)
5. What can be implemented to provide the highest level of protection from external attack?
A) Layering perimeter network protection by configuring the firewall as a screened host in a screened subnet behind the bastion host
B) Configuring the firewall as a screened host behind a router
C) Configuring the firewall as the protecting bastion host
D) Configuring two load-sharing firewalls facilitating VPN access from external hosts to internal hosts
A) Reviewing an audit client's business plan should be performed before reviewing an organization's IT strategic plan.
B) Reviewing an audit client's business plan should be performed after reviewing an organization's IT strategic plan.
C) Reviewing an audit client's business plan should be performed during the review of an organization's IT strategic plan.
D) Reviewing an audit client's business plan should be performed without regard to an organization's IT strategic plan.
2. Allowing application programmers to directly patch or change code in production programs increases risk of fraud. True or false?
A) True
B) False
C)
D)
3. Who should be responsible for network security operations?
A) Business unit managers
B) Security administrators
C) Network administrators
D) IS auditors
4. Proper segregation of duties does not prohibit a quality control administrator from also being responsible for change control and problem management. True or false?
A) True
B) False
C)
D)
5. What can be implemented to provide the highest level of protection from external attack?
A) Layering perimeter network protection by configuring the firewall as a screened host in a screened subnet behind the bastion host
B) Configuring the firewall as a screened host behind a router
C) Configuring the firewall as the protecting bastion host
D) Configuring two load-sharing firewalls facilitating VPN access from external hosts to internal hosts
1. Right Answer: A
Explanation: Reviewing an audit client's business plan should be performed before reviewing an organization's IT strategic plan.
2. Right Answer: A
Explanation: Allowing application programmers to directly patch or change code in production programs increases risk of fraud.
3. Right Answer: B
Explanation: Security administrators are usually responsible for network security operations.
4. Right Answer: A
Explanation: Proper segregation of duties does not prohibit a quality-control administrator from also being responsible for change control and problem management.
5. Right Answer: A
Explanation: Layering perimeter network protection by configuring the firewall as a screened host in a screened subnet behind the bastion host provides a higher level of protection from external attack than all other answers.
Explanation: Reviewing an audit client's business plan should be performed before reviewing an organization's IT strategic plan.
2. Right Answer: A
Explanation: Allowing application programmers to directly patch or change code in production programs increases risk of fraud.
3. Right Answer: B
Explanation: Security administrators are usually responsible for network security operations.
4. Right Answer: A
Explanation: Proper segregation of duties does not prohibit a quality-control administrator from also being responsible for change control and problem management.
5. Right Answer: A
Explanation: Layering perimeter network protection by configuring the firewall as a screened host in a screened subnet behind the bastion host provides a higher level of protection from external attack than all other answers.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment