Isaca CISA Quiz 585 Topic 2 Questions 2921-2925

Question: 1

An IS auditor reviewing the system development life cycle (SDLC) finds there is no requirement for business cases. Which of the following should be of GREATEST concern to the organization?

AVendor selection criteria are not sufficiently evaluated

BProject costs exceed established budgets

CBusiness resources have not been optimally assigned o

DBusiness impacts of projects are not adequately analyzed

Show Answer

Question: 2

Which of the following attacks would MOST likely result in the interception and modification of traffic for mobile phones connecting to potentially insecure public Wi-Fi networks?

AMan-in-the-middle

BPhishing

CVishing

DBrute force

Show Answer

Question: 3

Which of the following is the PRIMARY reason for an organization's procurement processes to include an independent party who is not directly involved with business operations and related decision-making'?

ATo ensure continuity of processes and procedures

BTo optimize use of business team resources

CTo avoid conflicts of interest

DTo ensure favorable price negotiations

Show Answer

Question: 4

When reviewing an organization's data protection practices, an IS auditor should be MOST concerned with a lack of:

Aa security team.

Bdata classification.

Ctraining manuals.

Ddata encryption.

Show Answer

Question: 5

Which of the following is a benefit of the DevOps development methodology?

AIt leads to a well-defined system development life cycle (SDLC)

BIt enforces segregation of duties between code developers and release migrators.

CIt enables increased frequency of software releases to production.

DIt restricts software releases to a fixed release schedule

Show Answer

Isaca CISA Quiz:585 Topic:2 Questions:2921-2925