Isaca CISA Quiz 179 Topic 1 Questions 891-895

Question: 1

The responsibility for authorizing access to application data should be with the:

Adata custodian.

Bdatabase administrator (DBA).

Cdata owner.

Dsecurity administrator.

Show Answer

Question: 2

During an audit of the logical access control of an ERP financial system an IS auditor found some user accounts shared by multiple individuals. The user IDs were based on roles rather than individual identities. These accounts allow access to financial transactions on the ERP. What should the IS auditor do next?

ALook for compensating controls.

BReview financial transactions logs.

CReview the scope of the audit.

DAsk the administrator to disable these accounts.

Show Answer

Question: 3

Minimum password length and password complexity verification are examples of:

Adetection controls.

Bcontrol objectives.

Caudit objectives.

Dcontrol procedures.

Show Answer

Question: 4

An IS auditor finds that a DBA has read and write access to production data. The IS auditor should:

Aaccept the DBA access as a common practice.

Bassess the controls relevant to the DBA function.

Crecommend the immediate revocation of the DBA access to production data.

Dreview user access authorizations approved by the DBA.

Show Answer

Question: 5

When using a universal storage bus (USB) flash drive to transport confidential corporate data to an offsite location, an effective control would be to:

Acarry the flash drive in a portable safe.

Bassure management that you will not lose the flash drive.

Crequest that management deliver the flash drive by courier.

Dencrypt the folder containing the data with a strong key.

Show Answer

Isaca CISA Quiz:179 Topic:1 Questions:891-895