CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 20
1. An IS auditor is analyzing a sample of accesses recorded on the system log of an application. The auditor intends to launch an intensive investigation if one exception is found. Which sampling method would be appropriate?
A) Discovery sampling
B) Variable sampling
C) Stratified sampling
D) Judgmental sampling
2. Assessments of critical information systems are based on a cyclical audit plan that has not been updated for several years. Which of the following should the IS auditor recommend to BEST address this situation?
A) Use a revolving set of audit plans to cover all systems
B) Update the audit plan quarterly to account for delays and deferrals of periodic reviews
C) Regularly validate the audit plan against business risks
D) Do not include periodic reviews in detail as part of the audit plan
3. An IS auditor is assessing risk associated with peer-to-peer file sharing within an organization. Which of the following should be of GREATEST concern?
A) File-sharing policies have not been reviewed since last year
B) Only some employees are required to attend security awareness training
C) Not all devices are running antivirus programs
D) The organization does not have an efficient patch management process
4. An IS auditor is reviewing an organization's incident management processes and procedures. which of the following observations should be the auditor'sGREATEST concern?
A) Ineffective incident classification
B) Ineffective incident prioritization
C) Ineffective incident detection
D) Ineffective post-incident review
5. During an IS audit, is discovered that security configurations differ across the organization's virtual server farm. Which of the following is the IS auditor's BEST recommendation for improving the control environment?
A) Conduct an independent review of each server's security configuration
B) Implement a security configuration baseline for virtual servers
C) Implement security monitoring controls for high-risk virtual servers
D) Conduct a standard patch management review across the virtual server farm
A) Discovery sampling
B) Variable sampling
C) Stratified sampling
D) Judgmental sampling
2. Assessments of critical information systems are based on a cyclical audit plan that has not been updated for several years. Which of the following should the IS auditor recommend to BEST address this situation?
A) Use a revolving set of audit plans to cover all systems
B) Update the audit plan quarterly to account for delays and deferrals of periodic reviews
C) Regularly validate the audit plan against business risks
D) Do not include periodic reviews in detail as part of the audit plan
3. An IS auditor is assessing risk associated with peer-to-peer file sharing within an organization. Which of the following should be of GREATEST concern?
A) File-sharing policies have not been reviewed since last year
B) Only some employees are required to attend security awareness training
C) Not all devices are running antivirus programs
D) The organization does not have an efficient patch management process
4. An IS auditor is reviewing an organization's incident management processes and procedures. which of the following observations should be the auditor'sGREATEST concern?
A) Ineffective incident classification
B) Ineffective incident prioritization
C) Ineffective incident detection
D) Ineffective post-incident review
5. During an IS audit, is discovered that security configurations differ across the organization's virtual server farm. Which of the following is the IS auditor's BEST recommendation for improving the control environment?
A) Conduct an independent review of each server's security configuration
B) Implement a security configuration baseline for virtual servers
C) Implement security monitoring controls for high-risk virtual servers
D) Conduct a standard patch management review across the virtual server farm
1. Right Answer: C
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: B
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: B
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment