Isaca CISA Quiz 262 Topic 1 Questions 1306-1310

Question: 1

Which of the following would an IS auditor use to determine if unauthorized modifications were made to production programs?

ASystem log analysis

BCompliance testing

CForensic analysis

DAnalytical review

Show Answer

Question: 2

During a change control audit of a production system, an IS auditor finds that the change management process is not formally documented and that some migration procedures failed. What should the IS auditor do next?

ARecommend redesigning the change management process.

BGain more assurance on the findings through root cause analysis.

CRecommend that program migration be stopped until the change process is documented.

DDocument the finding and present it to management.

Show Answer

Question: 3

During the collection of forensic evidence, which of the following actions would MOST likely result in the destruction or corruption of evidence on a compromised system?

ADumping the memory content to a file

BGenerating disk images of the compromised system

CRebooting the system

DRemoving the system from the network

Show Answer

Question: 4

An IS auditor who was involved in designing an organization's business continuity plan (BCP) has been assigned to audit the plan. The IS auditor should:

Adecline the assignment.

Binform management of the possible conflict of interest after completing the audit assignment.

Cinform the business continuity planning (BCP) team of the possible conflict of interest prior to beginning the assignment.

Dcommunicate the possibility of conflict of interest to management prior to starting the assignment.

Show Answer

Question: 5

An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions should the IS auditor take?

APersonally delete all copies of the unauthorized software.

BInform theauditee of the unauthorized software, and follow up to confirm deletion.

CReport the use of the unauthorized software and the need to prevent recurrence toauditee management.

DTake no action, as it is a commonly accepted practice and operations management is responsible for monitoring such use.

Show Answer

Isaca CISA Quiz:262 Topic:1 Questions:1306-1310