Isaca CISA Quiz 478 Topic 2 Questions 2386-2390

Question: 1

An IS auditor finds an organization is unable to effectively review the activity logs for an accounts receivable application due to the large amount of activity recorded. When of the following is the auditor's BEST recommendation?

AUtilize business intelligence.

BEncrypt the activity logs

CLimit accounts receivable transactions.

DHire additional staff to review logs.

Show Answer

Question: 2

What is the PRIMARY reason for hardening new devices before introducing into a corporate network?

ATo comply with organization polices

BTo prevent users from installing unlicensed software

CTo reduce exposure to security risk

DTo reduce unnecessary downtime

Show Answer

Question: 3

Which of the following findings is the GREATES concern when reviewing a disaster recovery plan (DRP) with high availability requirements?

ARecovery time objectives (RTO) are not defined.

BDisaster recovery testing is not required.

CCurrent vendor contact information is not included.

DResponsibilities are not defined for the recovery team.

Show Answer

Question: 4

An organization is within a jurisdiction where new regulations have recently been announced to restrict cross-border data transfer of personally identifiable information (PIl). Which of the following IT decisions will MOST likely need to be assessed in the context of this?

AHiring IT consultants from overseas

BPurchasing cyber insurance from an overseas insurance company

CApplying encryption to databases hosting PII data

DHosting the payroll system at an external cloud service provider

Show Answer

Question: 5

Which of the following is the PRIMARY benefit of conducting control self-assessments (CSAs)

AReduction in audit risk

BReduction in external audit fees

CManagement of control costs

DEarly detection of residual risk

Show Answer

Isaca CISA Quiz:478 Topic:2 Questions:2386-2390