Isaca CISA Quiz 328 Topic 3 Questions 1636-1640

Question: 1

Which of the following controls is MOST appropriate against brute force attacks at login?

AStoring password files using one-way encryption

BLocking the account after three invalid passwords

CStoring passwords under a one-way hash function

DIncreasing the minimum password length to 10 characters

Show Answer

Question: 2

Which of the following is MOST important for an IS auditor to verify when reviewing a critical business application that requires high availability?

AAlgorithms are reviewed to resolve process ineffictencies.

BUsers participate in offsite business continuity testing.

CThere is no single point of failure.

DService level agreements (SlAs) are monitored.

Show Answer

Question: 3

An organization has performance metrics to track how well IT resources are being used, but there has been little progress on meeting the organization's goals. Which of the following would be MOST helpful to determine the underlying reason?

AConducting a root cause analysis

BRe-evaluating organizational goals

CRe-evaluating key performance indicators (KPls)

DConducting a business impact analysis (BIA)

Show Answer

Question: 4

Which procedure provides the GREATEST assurance that corrective action to an audit report has been taken?

APerforming subsequent audit tests to verify resolution of the deficiencies

BInquiring about the current status of the recommendation

CReporting to the audit committee or the board of directors concerning specific action taken or lack thereof

DRequesting a written management reply to the audit report identifying corrective action for each deficiency

Show Answer

Question: 5

Which of ihe following should be done FIRST to effectively define the IT audit universe for an entity with multiple business lines?

AIdentify aggregate residual IT risk for each business line.

BObtain a complete listing of the entity's IT processes

CObtain a complete listing of assets fundamental to the entity's businesses.

DIdentify key control objectives for each business line's core processes

Show Answer

Isaca CISA Quiz:328 Topic:3 Questions:1636-1640