CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 14
1. Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?
A) Perform a system penetration test
B) Test compliance with operating procedures
C) Review access rights
D) Review router configuration tables
2. An IS auditor finds a number of system accounts that do not have documented approvals. Which of the following should be performed FIRST by the auditor?
A) Have the accounts removed immediately
B) Obtain sign-off on the accounts from the application owner
C) Document a finding and report an ineffective account provisioning control
D) Determine the purpose and risk of the accounts
3. An IS auditor is a member of an application development team that is selecting software. Which of the following would impair the auditor's independence?
A) Verifying the weighting of each selection criteria
B) Approving the vendor selection methodology
C) Reviewing the request for proposal (RFP)
D) Witnessing the vendor selection process
4. An internal control audit has revealed a control deficiency related to a legacy system where the compensating controls no longer appear to be effective. Which of the following would BEST help the information security manager determine the security requirements to resolve the control deficiency?
A) Cost-benefit analysis
B) Gap analysis
C) Risk assessment
D) Business case
5. An audit of the quality management system (QMS) begins with an evaluation of the:
A) organization's QMS policy
B) sequence and interaction of QMS processes
C) QMS processes and their application
D) QMS document control procedures
A) Perform a system penetration test
B) Test compliance with operating procedures
C) Review access rights
D) Review router configuration tables
2. An IS auditor finds a number of system accounts that do not have documented approvals. Which of the following should be performed FIRST by the auditor?
A) Have the accounts removed immediately
B) Obtain sign-off on the accounts from the application owner
C) Document a finding and report an ineffective account provisioning control
D) Determine the purpose and risk of the accounts
3. An IS auditor is a member of an application development team that is selecting software. Which of the following would impair the auditor's independence?
A) Verifying the weighting of each selection criteria
B) Approving the vendor selection methodology
C) Reviewing the request for proposal (RFP)
D) Witnessing the vendor selection process
4. An internal control audit has revealed a control deficiency related to a legacy system where the compensating controls no longer appear to be effective. Which of the following would BEST help the information security manager determine the security requirements to resolve the control deficiency?
A) Cost-benefit analysis
B) Gap analysis
C) Risk assessment
D) Business case
5. An audit of the quality management system (QMS) begins with an evaluation of the:
A) organization's QMS policy
B) sequence and interaction of QMS processes
C) QMS processes and their application
D) QMS document control procedures
1. Right Answer: A
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment