CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 71
1. A finance department director has decided to outsource the organization's budget application and has identified potential providers. Which of the following actions should be initiated FIRST by the information security manager?
A) Validate that connectivity to the service provider can be made securely.
B) Obtain audit reports on the service providers hosting environment.
C) Review the disaster recovery plans (DRP) of the providers.
D) Align the roles of the organization's and the service providers' staffs.
2. When considering whether to adopt bring your own device (BYOD), it is MOST important for the information security manager to ensure that:
A) security controls are applied to each device when joining the network
B) business leaders have an understanding of security risks
C) users have read and signed acceptable use agreements
D) the applications are tested prior to implementation
3. Hamid needs to shift users from using the application from the existing (Old) system to the replacing (new) system. His manager Lily has suggested he uses an approach in which the newer system is changed over from the older system on a cutoff date and time and the older system is discontinued once the changeover to the new system takes place. Which of the following changeover approach is suggested by Lily?
A) Parallel changeover
B) Phased changeover
C) Abrupt changeover
D) Pilot changeover
4. An IT management group has developed a standardized security control checklist and distributed it to the control self-assessors in each organizational unit. Which of the following would be the GREATEST risk in this approach?
A) Delayed feedback may increase exposures
B) Over time the checklist may become outdated
C) Assessors may manipulate the results
D) Business-specific vulnerabilities may be overlooked
5. Which of the following would create the GREATEST risk when migrating a critical legacy system to a new system?
A) Using agile development methodology
B) Following a phased approach
C) Following a direct cut-over approach
D) Maintaining parallel systems
A) Validate that connectivity to the service provider can be made securely.
B) Obtain audit reports on the service providers hosting environment.
C) Review the disaster recovery plans (DRP) of the providers.
D) Align the roles of the organization's and the service providers' staffs.
2. When considering whether to adopt bring your own device (BYOD), it is MOST important for the information security manager to ensure that:
A) security controls are applied to each device when joining the network
B) business leaders have an understanding of security risks
C) users have read and signed acceptable use agreements
D) the applications are tested prior to implementation
3. Hamid needs to shift users from using the application from the existing (Old) system to the replacing (new) system. His manager Lily has suggested he uses an approach in which the newer system is changed over from the older system on a cutoff date and time and the older system is discontinued once the changeover to the new system takes place. Which of the following changeover approach is suggested by Lily?
A) Parallel changeover
B) Phased changeover
C) Abrupt changeover
D) Pilot changeover
4. An IT management group has developed a standardized security control checklist and distributed it to the control self-assessors in each organizational unit. Which of the following would be the GREATEST risk in this approach?
A) Delayed feedback may increase exposures
B) Over time the checklist may become outdated
C) Assessors may manipulate the results
D) Business-specific vulnerabilities may be overlooked
5. Which of the following would create the GREATEST risk when migrating a critical legacy system to a new system?
A) Using agile development methodology
B) Following a phased approach
C) Following a direct cut-over approach
D) Maintaining parallel systems
1. Right Answer: B
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation: In the abrupt changeover approach the newer system is changed over from the older system on a cutoff date and time, and the older system is discontinued once changeover to the new system takes place.Changeover refers to an approach to shift users from using the application from the existing (old) system to the replacing (new) system.Changeover to newer system involves four major steps or activitiesConversion of files and programs; test running on test bedInstallation of new hardware, operating system, application system and the migrated data.Training employees or user in groupsScheduling operations and test running for go-live or changeoverSome of the risk areas related to changeover includes:Asset safeguarding -Data integrity -System effectiveness -Change management challenges -Duplicate or missing records -The following were incorrect answers:Parallel changeover '' This technique includes running the old system, then running both the old and new systems in parallel and finally full changing over to the new system after gaining confidence in the working of new system.Phased Changeover -In this approach the older system is broken into deliverables modules. Initially, the first module of older system is phased out using the first module of a new system. Then, the second module of the newer system is phased out, using the second module of the newer system and so forth until reaching the last module.Pilot changeover '' Not a valid changeover type.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 172
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: C
Explanation: In the abrupt changeover approach the newer system is changed over from the older system on a cutoff date and time, and the older system is discontinued once changeover to the new system takes place.Changeover refers to an approach to shift users from using the application from the existing (old) system to the replacing (new) system.Changeover to newer system involves four major steps or activitiesConversion of files and programs; test running on test bedInstallation of new hardware, operating system, application system and the migrated data.Training employees or user in groupsScheduling operations and test running for go-live or changeoverSome of the risk areas related to changeover includes:Asset safeguarding -Data integrity -System effectiveness -Change management challenges -Duplicate or missing records -The following were incorrect answers:Parallel changeover '' This technique includes running the old system, then running both the old and new systems in parallel and finally full changing over to the new system after gaining confidence in the working of new system.Phased Changeover -In this approach the older system is broken into deliverables modules. Initially, the first module of older system is phased out using the first module of a new system. Then, the second module of the newer system is phased out, using the second module of the newer system and so forth until reaching the last module.Pilot changeover '' Not a valid changeover type.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 172
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment