CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 357
1. Which of the following activities would be MOST important to consider when conducting IS audit planning?
A) Results from previous audits are reviewed.
B) Audit scheduling is based on skill set of audit team.
C) Resources are allocated to areas of high risk.
D) The audit committee agrees on risk rankings.
2. A small startup organization does not have the resources to implement segregation of duties. Which of the following would be the MOST effective compensating control?
A) Rotation of log monitoring and analysis responsibilities
B) Additional management reviews and reconciliations
C) Third-party assessments
D) Mandatory vacations
3. Which of the following BEST facilitates compliance with requirements mandating the security of confidential data?
A) Classification of data
B) Security awareness training
C) Encryption of external data transmissions
D) Standardized escalation protocols for breaches
4. An IS auditor is performing an audit of a large organization's operating system maintenance procedures. Which of the following findings presents the GREATEST risk?
A) Some internal servers cannot be patched due to software incompatibility.
B) The configuration management database is not up-to-date.
C) Vulnerability testing is not performed on the development servers.
D) Critical patches are applied immediately while others follow quarterly release cycles.
5. Which of the following should occur EARLIEST in a business continuity management lifecycle?
A) Defining business continuity procedures
B) Identifying critical business processes
C) Developing a training and awareness program
D) Carrying out a threat and risk assessment
A) Results from previous audits are reviewed.
B) Audit scheduling is based on skill set of audit team.
C) Resources are allocated to areas of high risk.
D) The audit committee agrees on risk rankings.
2. A small startup organization does not have the resources to implement segregation of duties. Which of the following would be the MOST effective compensating control?
A) Rotation of log monitoring and analysis responsibilities
B) Additional management reviews and reconciliations
C) Third-party assessments
D) Mandatory vacations
3. Which of the following BEST facilitates compliance with requirements mandating the security of confidential data?
A) Classification of data
B) Security awareness training
C) Encryption of external data transmissions
D) Standardized escalation protocols for breaches
4. An IS auditor is performing an audit of a large organization's operating system maintenance procedures. Which of the following findings presents the GREATEST risk?
A) Some internal servers cannot be patched due to software incompatibility.
B) The configuration management database is not up-to-date.
C) Vulnerability testing is not performed on the development servers.
D) Critical patches are applied immediately while others follow quarterly release cycles.
5. Which of the following should occur EARLIEST in a business continuity management lifecycle?
A) Defining business continuity procedures
B) Identifying critical business processes
C) Developing a training and awareness program
D) Carrying out a threat and risk assessment
1. Right Answer: C
Explanation:
2. Right Answer: D
Explanation: Reference:https://www.computerweekly.com/tip/Segregation-of-duties-Small-business-best-practices
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: D
Explanation: Reference:https://www.computerweekly.com/tip/Segregation-of-duties-Small-business-best-practices
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment