Isaca CISA Quiz 46 Topic 2 Questions 226-230

Question: 1

Which of the following is MOST important to ensure when reviewing a global organization's controls to protect data held on its IT infrastructure across all of its locations?

ARelevant data protection legislation and regulations for each location are adhered to.

BTechnical capabilities exist in each location to manage the data and recovery operations

CThe capacity of underlying communications infrastructure in the host locations is sufficient.

DThe threat of natural disasters in each location hosting infrastructure has been accounted for.

Show Answer

Question: 2

Which of the following security testing techniques is MOST effective in discovering unknown malicious attacks?

AVulnerability testing

BReverse engineering

CPenetration testing

DSandboxing

Show Answer

Question: 3

In a typical system development life cycle (SDLC), which group is PRIMARILY responsible for confirming compliance with requirements?

AInternal audit

BRisk management

CQuality assurance (QA)

DSteering committee

Show Answer

Question: 4

What is the BEST way to control updates to the vendor master file in an accounts payable system?

AUsing prenumbered and authorized request forms

BHaving only one person updating the master file

CPeriodically reviewing the entire vendor master file

DComparing updates against authorization

Show Answer

Question: 5

An organization has adopted a backup and recovery strategy that involves copying on-premise virtual machine (VM) images to a cloud service provider Which of the following provides the BEST assurance that VMs can be recovered in the event of a disaster?

APeriodic on-site restoration of VM images obtained from the cloud provider

BInclusion of the right to audit in the cloud service provider contract

CProcurement of adequate storage for the VM images from the cloud service provider

DExistence of a disaster recovery plan (DRP) with specified roles for emergencies

Show Answer

Isaca CISA Quiz:46 Topic:2 Questions:226-230