Isaca CISA Quiz 566 Topic 2 Questions 2826-2830

Question: 1

Which of the following is the BEST sampling method to ensure only active users have access to critical systems?

ASubstantive testing

BDifference estimation

CUnstratified mean per unit

DCompliance testing

Show Answer

Question: 2

A post-implementation review of a development project concludes that several business requirements were not reflected in the software requirement specifications. Which of the following should an IS auditor recommend to reduce this problem in the future?

AAppoint a business unit representative.

BWrite test cases from the user requirements.

CTrace the changes to requirements back to all affected products.

DSet up a configuration control board.

Show Answer

Question: 3

An IS auditor is reviewing security policies and finds no mention of the return of corporate-owned smartphones upon termination of employment. The GREATEST risk arising from this situation is that unreturned devices:

Acause the asset inventory to be inaccurate.

Bhave access to corporate resources

Cresult in loss of customer contact details

Dgenerate excessive telecommunication costs.

Show Answer

Question: 4

Which of the following issues identified during a postmortem analysis of the IT security incident response process should be of GREATEST concern?

AThe incident response team did not initiate actions to limit the impact of the incident

BIncident response team members' contact details were not up to date.

CThe root cause of the incident was not properly identified and documented

DThe incident was caused by an attacker that exploited a zero-day vulnerability.

Show Answer

Question: 5

Which of the following can help ensure that IT deliverables are linked to business goals and that appropriate performance criteria are in place?

ABusiness process reengineering (BPR)

BService level management

CQuality assurance (QA) practices

DBenchmarking

Show Answer

Isaca CISA Quiz:566 Topic:2 Questions:2826-2830