Isaca CISA Quiz 363 Topic 1 Questions 1811-1815

Question: 1

Which of the following is the BEST time for an IS auditor to perform a post-implementation review?

ABefore decommissioning the legacy system

BImmediately after the new system goes into production

CAfter the completion of user testing

DWhen the system has stabilized

Show Answer

Question: 2

When replacing a critical software application, which of the following provides for the LOWEST risk of interruption to business processes?

ABig-bang implementation

BParallel implementation

CPilot implementation

DIncremental implementation

Show Answer

Question: 3

A security regulation requires the disabling of direct administrator access. Such access must occur through an intermediate server that holds administrator passwords for all systems d records all actions. An IS auditor s PRIMARY concern with this solution would be that:

Ait represents a single point of failure

Bsegregation of duties is not observed.

Cit is not feasible to implement

Daccess logs may not be maintained

Show Answer

Question: 4

An airlines online booking system uses an automated script that checks whether fares are within the defined threshold of what is reasonable before the fares are displayed on the website. Which type of control is in place?

APreventer control

BCorrective control

CDetective control

DCompensating control

Show Answer

Question: 5

An IS auditor discovered that a firewall has more services than needed The IS auditor's FIRST recommendation should be to:

Areview configurations

Bdeploy a network penetration team.

Censure logging is turned on.

DEliminate services except for HTTPS.

Show Answer

Isaca CISA Quiz:363 Topic:1 Questions:1811-1815