DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Pass Your CISA Exam with Practice Tests 2024 Updated, Certified Information Systems Auditor | SPOTO

Looking to ace your CISA exam in 2024? SPOTO provides updated practice tests and resources to help you become a Certified Information Systems Auditor (CISA). Incorporating mock tests into your study plan offers numerous advantages in preparing for certification exams.Mock exams simulate the actual testing environment, allowing you to practice with exam questions and sample questions under timed conditions. This hands-on experience helps you familiarize yourself with the exam format, improve your speed, accuracy, and confidence in answering questions, and identify areas for further study.Access SPOTO's exam materials, including practice tests, exam dumps, and exam simulators, to enhance your exam readiness. Utilize mock exams to refine your exam strategy, assess your strengths and weaknesses, and maximize your chances of passing the CISA exam with success.

Take other online exams
Question #1
Which of the following can degrade network performance?
A. Superfluous use of redundant load-sharing gateways
B. Increasing traffic collisions due to host congestion by creating new collision domains
C. Inefficient and superfluous use of network devices such as switches
D. Inefficient and superfluous use of network devices such as hubs
View answer
Correct Answer: C
Question #2
Which of the following is MOST likely to result from a business process reengineering (BPR) Project?
A. An increased number of people using technology
B. Significant cost saving, through a reduction the complexity of information technology
C. A weaker organizational structures and less accountability
D. Increased information protection (IP) risk will increase
View answer
Correct Answer: D
Question #3
Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks?
A. Check digit
B. Existence check
C. Completeness check
D. Reasonableness check
View answer
Correct Answer: B
Question #4
What often results in project scope creep when functional requirements are not defined as well as they could be?
A. Inadequate software baselining
B. Insufficient strategic planning
C. Inaccurate resource allocation
D. Project delays
View answer
Correct Answer: B
Question #5
Network environments often add to the complexity of program-to-program communication, making the implementation and maintenance of application systems more difficult. True or false?
A. True
B. False
View answer
Correct Answer: D
Question #6
Which of the following term in business continuity determines the maximum acceptable amount of data loss measured in time?
A. RPO
B. RTO
C. WRT
D. MTD
View answer
Correct Answer: D
Question #7
Which of the following term related to network performance refers to the variation in the time of arrival of packets on the receiver of the information?
A. Bandwidth
B. Throughput
C. Latency
D. Jitter
View answer
Correct Answer: C
Question #8
IS auditors are MOST likely to perform compliance tests of internal controls if, after their initial evaluation of the controls, they conclude that control risks are within the acceptable limits. True or false?
A. True
B. False
View answer
Correct Answer: B
Question #9
When performing an IS strategy audit, an IS auditor should review both short-term (one- year) and long-term (three-to five-year) IS strategies, interview appropriate corporate management personnel, and ensure that the external environment has been considered. The auditor should especially focus on procedures in an audit of IS strategy. True or false?
A. True
B. False
View answer
Correct Answer: B
Question #10
Which of the following backup schemes is the BEST option when storage media is limited?
A. Virtual backup
B. Real-time backup
C. Differential backup
D. Full backup
View answer
Correct Answer: A
Question #11
Which of the following statement INCORRECTLY describes device and where they sit within the TCP/IP model?
A. Layer 4 switch work at Network interface layer in TCP/IP model
B. Router works at Network interface layer in TCP/IP model
C. Layer 3 switch work at Network interface layer in TCP/IP model
D. Hub works at LAN or WAN interface layer of a TCP/IP model
View answer
Correct Answer: A
Question #12
A recent audit concluded that an organization’s information security system was weak and that monitoring would likely fail to detect penetration. Which of the following would be the MOST appropriate recommendation?
A. Look continually for new criminal behavior and attacks on sensitive data
B. Establish a clear policy related to security and the handling of sensitive data
C. Encrypt sensitive data while strengthening the system
D. Identify and periodically remove sensitive data that is no longer needed
View answer
Correct Answer: A
Question #13
An organization has outsourced some of its subprocesses to a service provider. When scoping the audit of the provider, the organization’s internal auditor should FIRST:
A. evaluate operational controls of the provider
B. discuss audit objectives with the provider
C. review internal audit reports of the provider
D. review the contract with the provider
View answer
Correct Answer: B
Question #14
The BEST access strategy while configuring a firewall would be to:
A. permit access to all and log the activity
B. deny access to all but permit selected
C. permit access to all but deny selected
D. deny access to all except authorized programs
View answer
Correct Answer: C
Question #15
Following a successful attack on an organization’s web server, which of the following actions should be performed FIRST?
A. Review the boundary configuration rules to ensure that outbound packets are limited
B. Evaluate and deploy an intrusion detection system
C. Periodically scan the network for systems with well-known vulnerabilities
D. Establish reference systems using cryptographic checksum tools
View answer
Correct Answer: B
Question #16
A manufacturing firm wants to automate its invoice payment system. Objectives state that the system should require considerably less time for review and authorization and the system should be capable of identifying errors that require follow up. Which of the following would BEST meet these objectives?
A. Establishing an inter-networked system of client servers with suppliers for increased efficiencies
B. Outsourcing the function to a firm specializing in automated payments and accounts receivable/invoice processing
C. Establishing an EDI system of electronic business documents and transactions with key suppliers, computer to computer, in a standard format
D. Reengineering the existing processing and redesigning the existing system
View answer
Correct Answer: B
Question #17
During a post-incident review. the sequence and correlation of actions must be analyzed PRIMARLY based on:
A. interviews with personnel
B. a consolidated event time line
C. logs from systems involved
D. documents created during the incident
View answer
Correct Answer: C
Question #18
Which of the following layer of an OSI model transmits and receives the bit stream as electrical, optical or radio signals over an appropriate medium or carrier?
A. Transport Layer
B. Network Layer
C. Data Link Layer
D. Physical Layer
View answer
Correct Answer: C
Question #19
When implementing an application software package, which of the following presents the GREATEST risk?
A. Uncontrolled multiple software versions
B. Source programs that are not synchronized with object code
C. incorrectly set parameters
D. Programming errors
View answer
Correct Answer: B
Question #20
Which of the following type of network service stores information about the various resources in a central database on a network and help network devices locate services?
A. DHCP
B. DNS
C. Directory Service
D. Network Management
View answer
Correct Answer: D
Question #21
Which of the following is the BEST indication that an information security program is effective?
A. The number of reported and confirmed security incidents has increased after awareness training
B. The security awareness program was developed following industry best practices
C. The security team has performed a risk assessment to understand the organization’s risk appetite
D. The security team is knowledgeable and uses the best available tools
View answer
Correct Answer: C
Question #22
During a change control audit of a production system, an IS auditor finds that the change management process is not formally documented and that some migration procedures failed. What should the IS auditor do next?
A. Recommend redesigning the change management process
B. Gain more assurance on the findings through root cause analysis
C. Recommend that program migration be stopped until the change process is documented
D. Document the finding and present it to management
View answer
Correct Answer: B
Question #23
The members of an emergency incident response team should be:
A. selected from multiple departments
B. assigned at the time of each incident
C. restricted to IT personnel
D. appointed by the CISO
View answer
Correct Answer: B
Question #24
Which of the following is a benefit of using callback devices?
A. Provide an audit trail
B. Can be used in a switchboard environment
C. Permit unlimited user mobility
D. Allow call forwarding
View answer
Correct Answer: C
Question #25
An organization is within a jurisdiction where new regulations have recently been announced to restrict cross-border data transfer of personally identifiable information (PII). Which of the following IT decisions will MOST likely need to be assessed in the context of this change?
A. Hosting the payroll system at an external cloud service provider
B. Purchasing cyber insurance from an overseas insurance company
C. Applying encryption to database hosting PII data
D. Hiring IT consultants from overseas
View answer
Correct Answer: C
Question #26
An IS auditor is reviewing database log settings and notices that only INSERT and DELETE operations are being monitored in the database. What is the MOST significant risk?
A. Metadata may not be logged
B. Newly added records may not be logged
C. Purged records may not be logged
D. Changes to existing records may not be logged
View answer
Correct Answer: D
Question #27
An employee who denies accusations of sending inappropriate images to other employees has been discharged. For evidential purposes, the mail database for the discharged employee’s computer should be:
A. deleted as it could subject the organization to further legal liability
B. impounded by physically removing the disk drive
C. backed up to the server, where its access can be tightly restricted
D. copied to write-once, read-many media using the computer’s OS tools
View answer
Correct Answer: B
Question #28
What process allows IS management to determine whether the activities of the organization differ from the planned or expected levels?
A. Business impact assessment
B. Risk assessment
C. IS assessment methods
D. Key performance indicators (KPIs)
View answer
Correct Answer: A
Question #29
Which of the following is the protocol data unit (PDU) of application layer in TCP/IP model?
A. Data
B. Segment
C. Packet
D. Frame
View answer
Correct Answer: C
Question #30
The MAIN benefit of using an integrated test facility (ITF) as an online auditing technique is that it enables:
A. a cost-effective approach to application controls audit
B. auditors to investigate fraudulent transactions
C. auditors to test without impacting production data
D. the integration of financial and audit tests
View answer
Correct Answer: C
Question #31
Which of the following is the BEST way to increase the effectiveness of security incident detection?
A. Determining containment activities based on the type of incident
B. Establishing service level agreements (SLAs) with appropriate forensic service providers
C. Educating end users on identifying suspicious activity
D. Documenting root cause analysis procedures
View answer
Correct Answer: B
Question #32
Which of the following is of greatest concern when performing an IS audit?
A. Users' ability to directly modify the database
B. Users' ability to submit queries to the database
C. Users' ability to indirectly modify the database
D. Users' ability to directly view the database
View answer
Correct Answer: D
Question #33
A control that detects transmission errors by appending calculated bits onto the end of each segment of data is known as a:
A. reasonableness check
B. parity check
C. redundancy check
D. check digits
View answer
Correct Answer: D
Question #34
Test and development environments should be separated. True or false?
A. True
B. False
View answer
Correct Answer: C
Question #35
Which of the following fire-suppression methods is considered to be the most environmentally friendly?
A. Halon gas
B. Deluge sprinklers
C. Dry-pipe sprinklers
D. Wet-pipe sprinklers
View answer
Correct Answer: A
Question #36
Which of the following would be of GREATEST concern to an IS auditor receiving an organization’s security incident handling procedures?
A. Annual tabletop exercises are performed instead of functional incident response exercises
B. Roles for computer emergency response team (CERT) members have not been formally documented
C. Guidelines for prioritizing incidents have not been identified
D. Workstation antivirus software alerts are not regularly reviewed
View answer
Correct Answer: D
Question #37
Two organizations will share ownership of a new enterprise resource management (ERM) system. To help ensure the successful implementation of the system, it is MOST important to define:
A. access to data
B. the governance model
C. custody of assetsappropriate procedures As IS auditor discovers that due to resource constraints, a database administrator (DBA) is responsible for developing and executing changes into the production environment
A. Identify whether any compensating controls exist
B. Report a potential segregation of duties (SoD) violation
C. Determine whether another database administrator could make the changes
D. Ensure a change management process is followed prior to implementation
View answer
Correct Answer: D
Question #38
Which audit technique provides the GREATEST assurance that incident management procedures are effective?
A. Determining whether incidents are categorized and addressed
B. Performing comprehensive vulnerability scanning and penetration testing
C. Comparing incident management procedures to best practices
D. Evaluating end-user satisfaction survey results
View answer
Correct Answer: B
Question #39
An advantage of using sanitized live transactions in test data is that:
A. all transaction types will be included
B. every error condition is likely to be tested
C. no special routines are required to assess the results
D. test transactions are representative of live processing
View answer
Correct Answer: C
Question #40
During an exit interview, in cases where there is disagreement regarding the impact of a finding, an IS auditor should:
A. ask the auditee to sign a release form accepting full legal responsibility
B. elaborate on the significance of the finding and the risks of not correcting it
C. report the disagreement to the audit committee for resolution
D. accept the auditee's position since they are the process owners
View answer
Correct Answer: B
Question #41
Which of the following would provide the STRONGEST indication that senior management commitment to information security is lacking within an organization?
A. Inconsistent enforcement of information security policies
B. A reduction in information security investment
C. A high of information security risk acceptance
D. The information security manager reports to the chief risk officer
View answer
Correct Answer: A
Question #42
If a programmer has update access to a live system, IS auditors are more concerned with the programmer's ability to initiate or modify transactions and the ability to access production than with the programmer's ability to authorize transactions. True or false?
A. True
B. False
View answer
Correct Answer: B
Question #43
Which of the following provides for the GREATEST cost reduction in a large data center?
A. Server consolidation
B. Staff rotation
C. Power conditioning
D. Job-scheduling software
View answer
Correct Answer: C
Question #44
Which of the following is MOST important for an IS auditor to determine when reviewing how the organization’s incident response team handles devices that may be involved in criminal activity?
A. Whether devices are checked for malicious applications
B. Whether the access logs are checked before seizing the devices
C. Whether users have knowledge of their devices being examined
D. Whether there is a chain of custody for the devices
View answer
Correct Answer: D
Question #45
Which of the following is the GREATEST risk when implementing a data warehouse?
A. increased response time on the production systems
B. Access controls that are not adequate to prevent data modification
C. Data duplication
D. Data that is not updated or current
View answer
Correct Answer: B
Question #46
Which of the following is the BEST approach to reduce unnecessary duplication of compliance activities?
A. Integrating of assurance efforts
B. Automation of controls
C. Standardization of compliance requirements
D. Documentation of control procedures
View answer
Correct Answer: C
Question #47
What is the primary objective of a control self-assessment (CSA) program?
A. Enhancement of the audit responsibility
B. Elimination of the audit responsibility
C. Replacement of the audit responsibility
D. Integrity of the audit responsibility
View answer
Correct Answer: C
Question #48
When should systems administrators first assess the impact of applications or systems patches?
A. Within five business days following installation
B. Prior to installation
C. No sooner than five business days following installation
D. Immediately following installation
View answer
Correct Answer: C
Question #49
Which of the following should be an IS auditor’s PRIMARY consideration when evaluating the development and design of a privacy program?
A. Data governance and data classification procedures
B. Policies and procedures consistent with privacy guidelines
C. Industry practice and regulatory compliance guidance
D. Information security and incident management practices
View answer
Correct Answer: C
Question #50
Who is ultimately accountable for the development of an IS security policy?
A. The board of directors
B. Middle management
C. Security administrators
D. Network administrators
View answer
Correct Answer: A
Question #51
Code changes are compiled and placed in a change folder by the developer. An implementation team migrates changes to production from the change folder. Which of the following BEST indicates separation of duties is in place during the migration process?
A. A second individual performs code review before the change is released to production
B. The developer approves changes prior to moving them to the change folder
C. The implementation team does not have experience writing code
A. Data recovery capability
B. Inventory of authorized devices
C. Vulnerability remediation
D. Malware defenses
View answer
Correct Answer: B
Question #52
Which of the following is the BEST defense against a brute force attack?
A. Discretionary access control
B. Intruder detection lockout
C. Mandatory access control
D. Time-of-day restrictions
View answer
Correct Answer: A
Question #53
An IS audit of an organization’s data classification policies finds some areas of the policies may not be up-to-date with new data privacy regulations. What should management do FIRST to address the risk of noncompliance?
A. Conduct a privacy impact assessment to identify gaps
B. Reclassify information based on revised information classification labels
C. Mandate training on the new privacy regulations
D. Perform a data discovery exercise to identify all personal data
View answer
Correct Answer: A
Question #54
The use of statistical sampling procedures helps minimize:
A. Detection risk
B. Business risk
C. Controls risk
D. Compliance risk
View answer
Correct Answer: C
Question #55
Which of the following should an IS auditor be MOST concerned with during a post-implementation review?
A. The system does not have a maintenance plan
B. The system contains several minor defects
C. The system was over budget by 15%
D. The system deployment was delayed by three weeks
View answer
Correct Answer: A
Question #56
An IS auditor is analyzing a sample of accesses recorded on the system log of an application. The auditor intends to launch an intensive investigation if one exception is found. Which sampling method would be appropriate?
A. Discovery sampling
B. Variable sampling
C. Stratified sampling
D. Judgmental sampling
View answer
Correct Answer: C
Question #57
A critical server for a hospital has been encrypted by ransomware. The hospital is unable to function effectively without this server. Which of the following would MOST effectively allow the hospital to avoid paying the ransom?
A. A continual server replication process
B. A property tested offline backup system
C. A property configured firewall
D. Employee training on ransomware A Which of the following would be the MOST important information to include in a business case for an information security project in a highly regulated industry?
A. Industry comparison analysis
B. Critical audit findings
C. Compliance risk assessment
D. Number of reported security incidents
View answer
Correct Answer: D
Question #58
Which of the following is the GREATEST threat to Voice-over Internet Protocol (VoIP) related to privacy release?
A. Incorrect routing
B. Eavesdropping
C. Call recording
D. Denial of service
View answer
Correct Answer: C
Question #59
Which of the following audit techniques is MOST appropriate for verifying application program controls?
A. Statistical sampling
B. Code review
C. Confirmation of accounts
D. Use of test data
View answer
Correct Answer: D
Question #60
Which of the following is the MOST important security consideration when using infrastructure as a Service (IaaS)?
A. User access management
B. Compliance with internal standards
C. Segmentation among guests
D. Backup and recovery strategy
View answer
Correct Answer: D
Question #61
Which of the following protocol does NOT work at Network interface layer in TCP/IP model?
A. ICMP
B. DNS
C. ARP
D. Internet protocol
View answer
Correct Answer: B
Question #62
An organization’s senior management is encouraging employees to use social media for promotional purposes. Which of the following should be the information security manager’s FIRST step to support this strategy?
A. Develop a business case for a data loss prevention solution
B. Develop a guideline on the acceptable use of social media
View answer
Correct Answer: A
Question #63
The PRIMARY benefit of a centralized time server is that it:
A. reduces individual time-of-day requests by client applications
B. is required by password synchronization programs
C. allows decentralized logs to be kept in synchronization
D. decreases the likelihood of an unrecoverable systems failure
View answer
Correct Answer: B
Question #64
An IS auditor is reviewing a bank’s service level agreement (SLA) with a third-party provider that hosts the bank’s secondary data center. Which of the following findings should be of GREATEST concern to the auditor?
A. The recovery point objective (RPO) has a shorter duration than documented in the disaster recovery plan
B. The recovery time objective (RTO) has a longer duration than documented in the disaster recovery plan
C. Backup data is hosted online only
D. The SLA has not been reviewed in more than a year
View answer
Correct Answer: B
Question #65
In a cloud technology environment, which of the following would pose the GREATEST challenge to the investigation of security incidents?
A. Data encryption
B. Access to the hardware
C. Compressed customer data
D. Non-standard event logs
View answer
Correct Answer: B
Question #66
Which of the following service is a distributed database that translate host name to IP address to IP address to host name?
A. DNS
B. FTP
C. SSH
D. SMTP
View answer
Correct Answer: D
Question #67
Which of the following statement INCORRECTLY describes circuit switching technique?
A. Packet uses many different dynamic paths to get the same destination
B. Connection oriented virtual links
C. Fixed delays
D. Traffic travels in a predictable and constant manner
View answer
Correct Answer: B
Question #68
What is the MOST important role of a Certificate Authority (CA) when a private key becomes compromised?
A. Issue a new private key to the user
B. Refresh the key information database in the certificate publishing server
C. Publish the certificate revocation lists (CRL) into the repository
D. Refresh the metadata of the certificates
View answer
Correct Answer: D
Question #69
An organization is concerned about duplicate vendor payments on a complex system with a high volume of transactions. Which of the following would be MOST helpful to an IS auditor to determine whether duplicate vendor payments exist?
A. Computer-assisted technique
B. Stop-and-go testing
C. Statistical sampling
D. Judgmental sampling
View answer
Correct Answer: A
Question #70
What should regression testing use to obtain accurate conclusions regarding the effects of changes or corrections to a program, and ensuring that those changes and corrections have not introduced new errors?
A. Contrived data
B. Independently created data
C. Live data
D. Data from previous tests
View answer
Correct Answer: D
Question #71
An organization has made a strategic decision to split into separate operating entities to improve profitability. However, the IT infrastructure remains shared between the entities. Which of the following would BEST help to ensure that IS audit still covers key risk areas within the IT environment as part of its annual plan?
A. Increasing the frequency of risk-based IS audits for each business entity
B. Revising IS audit plans to focus on IT changes introduced after the split
C. Conducting an audit of newly introduced IT policies and procedures
D. Developing a risk-based plan considering each entity’s business processes D An IS auditor determines that an online retailer processing credit card information does not have a data classification process
A. recommend encryption of all sensitive data at rest
B. determine existing controls around sensitive data
C. recommend the implementation of data loss prevention (DLP) tools
D. inquire if there have been any data loss incidents
View answer
Correct Answer: B
Question #72
Which of the following would create the GREATEST risk when migrating a critical legacy system to a new system?
A. Using agile development methodology
B. Following a phased approach
C. Following a direct cut-over approach
D. Maintaining parallel systems
View answer
Correct Answer: C
Question #73
The MOST effective control to detect fraud inside an organization’s network, is to:
A. implement an intrusion detection system (IDS)
B. apply two-factor authentication
C. review access logs
D. segregate duties
View answer
Correct Answer: C
Question #74
An organization was severely impacted after an advanced persistent threat (APT) attack. Afterwards, it was found that the initial breach happened a month prior to the attack. Management’s GREATEST concern should be:
A. results of the past internal penetration test
B. the effectiveness of monitoring processes Explanation/Reference:
C. the installation of critical security patches
D. external firewall policies
View answer
Correct Answer: B
Question #75
Which of the following outsourced services has the GREATEST need for security monitoring?
A. Web site hosting
B. Application development
C. Virtual private network (VPN) services
D. Enterprise infrastructure
View answer
Correct Answer: D
Question #76
If a database is restored from information backed up before the last system image, which of the following is recommended?
A. The system should be restarted after the last transaction
B. The system should be restarted before the last transaction
C. The system should be restarted at the first transaction
D. The system should be restarted on the last transaction
View answer
Correct Answer: A
Question #77
Which of the following is the GREATEST risk associated with the lack of an effective data privacy program?
A. Failure to prevent fraudulent transactions
B. Inability to manage access to private or sensitive data
C. Inability to obtain customer confidence
D. Failure to comply with data-related regulations
View answer
Correct Answer: D
Question #78
An IT department has given a vendor remote access to the internal network for troubleshooting network performance problems. After discovering the remote activity during a firewall log review, which of the following is the BEST course of action for an information security manager?
A. Revoke the access
B. Review the related service level agreement (SLA)
C. Determine the level of access granted
D. Declare a security incident
View answer
Correct Answer: B
Question #79
Assessments of critical information systems are based on a cyclical audit plan that has not been updated for several years. Which of the following should the IS auditor recommend to BEST address this situation?
A. Use a revolving set of audit plans to cover all systems
B. Update the audit plan quarterly to account for delays and deferrals of periodic reviews
C. Regularly validate the audit plan against business risks
D. Do not include periodic reviews in detail as part of the audit plan
View answer
Correct Answer: C
Question #80
A risk analysis for a new system is being performed. For which of the following is business knowledge MORE important than IT knowledge?
A. Vulnerability analysis
B. Cost-benefit analysis
C. Impact analysis
D. Balanced scorecard
View answer
Correct Answer: D
Question #81
Which of the following application input controls would MOST likely detect data input errors in the customer account number field during the processing of an accounts receivable transaction?
A. Validity check
B. Reasonableness check
C. Parity check
D. Limit check
View answer
Correct Answer: C
Question #82
An organization’s IT department is undertaking a large virtualization project to reduce its physical server footprint. Which of the following should be the HIGHEST priority of the information security manager?
A. Determining how incidents will be managed
B. Selecting the virtualization software
C. Being involved as the design stage of the project
D. Ensuring the project has appropriate security funding
View answer
Correct Answer: C
Question #83
An information security manager is developing evidence preservation procedures for an incident response plan. Which of the following would be the BEST source of guidance for requirements associated with the procedures?
A. IT management
B. Executive management
C. Legal counsel
D. Data owners
View answer
Correct Answer: C
Question #84
Which of the following is MOST important for an organization to complete when planning a new marketing platform that targets advertising based on customer behavior?
A. Data privacy impact assessment
B. Data quality assessment
C. Cross-border data transfer assessment
D. Security vulnerability assessment
View answer
Correct Answer: A
Question #85
Which of the following is the MOST effective way to verify an organization’s ability to continue its essential business operations after a disruption event? Analysis of:
A. end-to-end recovery flow
B. recovery point objectives (RPOs)
C. call trees
D. business impact analysis (BIA)
View answer
Correct Answer: C
Question #86
During an IS audit, is discovered that security configurations differ across the organization’s virtual server farm. Which of the following is the IS auditor’s BEST recommendation for improving the control environment?
A. Conduct an independent review of each server’s security configuration
B. Implement a security configuration baseline for virtual servers
C. Implement security monitoring controls for high-risk virtual servers
D. Conduct a standard patch management review across the virtual server farm
View answer
Correct Answer: B
Question #87
A disk management system’s PRIMARY function is to:
A. monitor disk accesses for analytical review
B. deny access to disk resident data files
C. provide data on efficient disk usage
D. provide the method of control for disk usage
View answer
Correct Answer: A
Question #88
An organization is MOST at risk from a new worm being introduced through the intranet when:
A. executable code is run from inside the firewall
B. system software does not undergo integrity checks
C. hosts have static IP addresses
D. desktop virus definition files are not up to date
View answer
Correct Answer: C
Question #89
When conducting a review of security incident management, an IS auditor found there are no defined escalation processes. All incidents are managed by the service desk. Which of the following should be the auditor’s PRIMARY concern?
A. Inefficient use of service desk resources
B. Management’s lack of high impact incidents
C. Delays in resolving low priority trouble tickets
D. Management’s inability to follow up on incident resolution
View answer
Correct Answer: B
Question #90
Senior management has approved employees working off-site by using a virtual private network (VPN) connection. It is MOST important for the information security manager to periodically:
A. review firewall configuration
B. review the security policy
C. perform a cost-benefit analysis
D. perform a risk assessment
View answer
Correct Answer: B
Question #91
An IT management group has developed a standardized security control checklist and distributed it to the control self-assessors in each organizational unit. Which of the following would be the GREATEST risk in this approach?
A. Delayed feedback may increase exposures
B. Over time the checklist may become outdated
C. Assessors may manipulate the results
D. Business-specific vulnerabilities may be overlooked
View answer
Correct Answer: C
Question #92
Which of the following is the MOST effective way for an organization to ensure its third-party service providers are aware of information security requirements and expectations?
A. Providing information security training to third-party personnel
B. Auditing the service delivery of third-party providers
C. Inducting information security clauses within contracts
D. Requiring third parties to sign confidentiality agreements
View answer
Correct Answer: D
Question #93
For several years, a vendor has been providing offsite backup media and record storage for a bank. Due to familiarity with bank employees, the vendor does not consistently require authorization forms from them to retrieve media. Which of the following is the GREATEST risk from this situation?
A. Bank employees can inappropriately obtain sensitive records
B. Backup tapes may not be available
C. Chain of custody could not be validated
D. The vendor provides the incorrect media to employees
View answer
Correct Answer: D
Question #94
An IS auditor is reviewing an organization’s network vulnerability scan results. Which of the following processes would the scan results MOST likely feed into?
A. Firewall maintenance
B. Patch management
C. Incident response
D. Traffic management
View answer
Correct Answer: A
Question #95
A policy has been established requiring users to install mobile device management (MDM) software on their personal devices. Which of the following would BEST mitigate the risk created by noncompliance with this policy?
A. Issuing warnings and documenting noncompliance
B. Disabling remote access from the mobile device
C. Issuing company-configured mobile devices
D. Requiring users to sign-off on terms and conditions
View answer
Correct Answer: B
Question #96
Which of the following is the MOST important control to implement when senior managers use smartphones to access sensitive company information?
A. Mandatory virtual private network (VPN) connectivity
B. Centralized device administration
C. Strong passwords
D. Anti-malware on the devices
View answer
Correct Answer: D
Question #97
What is the MOST important role of an organization’s data custodian in support of information security function?
A. Evaluating data security technology vendors
B. Applying approval security policies
C. Approving access rights to departmental data
D. Assessing data security risks to the organization
View answer
Correct Answer: A
Question #98
Which of the following could provide an organization with the fastest resumption of processing following a disk failure?
A. Server load balancing
B. Mirroring
C. Open database connectivity (ODBC) of the backup server
D. Replication
View answer
Correct Answer: D
Question #99
Which of the following is the MOST important driver when developing an effective information security strategy?
A. Security audit reports
B. Benchmarking reports
View answer
Correct Answer: D
Question #100
A PRIMARY advantage of involving business management in evaluating and managing information security risks is that they:
A. better understand the security architecture
B. better understand organizational risks
C. can balance technical and business risks
D. are more objective than security management
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.