CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 7
1. An IS auditor discovers that validation controls in a web application have been moved from the server side into the browser to boost performance. This wouldMOST likely increase the risk of a successful attack by:
A) phishing
B) structured query language (SQL) injection
C) denial of service
D) buffer overflow
2. In a follow-up audit, an IS auditor notes that management has addressed the original findings in a different way than originally agreed upon. The auditor shouldFIRST:
A) mark the recommendation as satisfied and close the finding
B) verify if management's action mitigates the identified risk
C) re-perform the audit to assess the changed control environment
D) escalate the deviation to the audit committee
3. An organization is considering outsourcing the processing of customer insurance claims. An IS auditor notes that customer data will be sent offshore for processing. Which of the following would be the BEST way to address the risk of exposing customer data?
A) Require background checks on all service provider personnel involved in the processing of data.
B) Recommend the use of a service provider within the same country as the organization.
C) Consider whether the service provider has the ability to meet service level agreements.
D) Assess whether the service provider meets the organization's data protection policies.
4. An IS audit team is evaluating the documentation related to the most recent application user-access review performed by IT and business management. It is determined the user list was not system-generated. Which of the following should be the GREATEST concern?
A) Source of the user list reviewed
B) Availability of the user list reviewed
C) Confidentiality of the user list reviewed
D) Completeness of the user list reviewed
5. Which of the following should an IS auditor determine FIRST when evaluating additional hardware required to support the acquisition of a new accounting system?
A) A training program has been developed to support the new accounting system.
B) The supplier has experience supporting accounting systems.
C) The hardware specified will be compliant with the current IT strategy.
D) The hardware will be installed in a secure and environmentally controlled area.
A) phishing
B) structured query language (SQL) injection
C) denial of service
D) buffer overflow
2. In a follow-up audit, an IS auditor notes that management has addressed the original findings in a different way than originally agreed upon. The auditor shouldFIRST:
A) mark the recommendation as satisfied and close the finding
B) verify if management's action mitigates the identified risk
C) re-perform the audit to assess the changed control environment
D) escalate the deviation to the audit committee
3. An organization is considering outsourcing the processing of customer insurance claims. An IS auditor notes that customer data will be sent offshore for processing. Which of the following would be the BEST way to address the risk of exposing customer data?
A) Require background checks on all service provider personnel involved in the processing of data.
B) Recommend the use of a service provider within the same country as the organization.
C) Consider whether the service provider has the ability to meet service level agreements.
D) Assess whether the service provider meets the organization's data protection policies.
4. An IS audit team is evaluating the documentation related to the most recent application user-access review performed by IT and business management. It is determined the user list was not system-generated. Which of the following should be the GREATEST concern?
A) Source of the user list reviewed
B) Availability of the user list reviewed
C) Confidentiality of the user list reviewed
D) Completeness of the user list reviewed
5. Which of the following should an IS auditor determine FIRST when evaluating additional hardware required to support the acquisition of a new accounting system?
A) A training program has been developed to support the new accounting system.
B) The supplier has experience supporting accounting systems.
C) The hardware specified will be compliant with the current IT strategy.
D) The hardware will be installed in a secure and environmentally controlled area.
1. Right Answer: B
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment