CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 90
1. A business unit cannot achieve desired segregation of duties between operations and programming due to size constraints. Which of the following is MOST important for the IS auditor to identify?
A) Unauthorized user controls
B) Compensating controls
C) Controls over operational effectiveness
D) Additional control weaknesses
2. An organization has shifted from a bottom-up approach to a top-down approach in the development of IT policies. This should result in:
A) a synthesis of existing operational policies
B) greater consistency across the organization
C) greater adherence to best practices
D) a more comprehensive risk assessment plan
3. Which of the following weaknesses would have the GREATEST impact on the effective operation of a perimeter firewall?
A) Ad-hoc monitoring of firewall activity
B) Potential back doors to the firewall software
C) Misconfiguration on the firewall rules
D) Use of stateful firewalls with default configuration
4. An IS auditor is reviewing database log settings and notices that only INSERT and DELETE operations are being monitored in the database. What is the MOST significant risk?
A) Metadata may not be logged
B) Newly added records may not be logged
C) Purged records may not be logged
D) Changes to existing records may not be logged
5. Adding security requirements late in the software development life cycle would MOST likely result in:
A) cost savings
B) clearer understanding of requirements
C) operational efficiency
D) compensating controls
A) Unauthorized user controls
B) Compensating controls
C) Controls over operational effectiveness
D) Additional control weaknesses
2. An organization has shifted from a bottom-up approach to a top-down approach in the development of IT policies. This should result in:
A) a synthesis of existing operational policies
B) greater consistency across the organization
C) greater adherence to best practices
D) a more comprehensive risk assessment plan
3. Which of the following weaknesses would have the GREATEST impact on the effective operation of a perimeter firewall?
A) Ad-hoc monitoring of firewall activity
B) Potential back doors to the firewall software
C) Misconfiguration on the firewall rules
D) Use of stateful firewalls with default configuration
4. An IS auditor is reviewing database log settings and notices that only INSERT and DELETE operations are being monitored in the database. What is the MOST significant risk?
A) Metadata may not be logged
B) Newly added records may not be logged
C) Purged records may not be logged
D) Changes to existing records may not be logged
5. Adding security requirements late in the software development life cycle would MOST likely result in:
A) cost savings
B) clearer understanding of requirements
C) operational efficiency
D) compensating controls
1. Right Answer: B
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment