Isaca CISA Quiz 371 Topic 3 Questions 1851-1855

Question: 1

Which of the following is a substantive test procedure?

ATest of invoice calculation process

Bverifying that appropriate approvals are documented m a sample of program changes

CUsing audit software to verify The total of an accounts receivable file

DObserving that user IDs and passwords are required to sign on to the online system

Show Answer

Question: 2

When determining the specifications for a server supporting an online application using more than a hundred endpoints, which of the following is the MOST important factor to be Considered?

ACost-benefit comparison between the available systems

BHigh availability of different systems

CTransaction volume estimate during peak periods

DReputation of the vendors and their customer base

Show Answer

Question: 3

An IT management group has developed a standardized security control checklist and distributed it to the control self-assessors in each organizational unit. Which of the following would be the GREATEST risk m this approach?

ABusiness-specific vulnerabilities may be overlooked.

BDelayed feedback may increase exposures

CAssessors may manipulate the results

DOver time the checklist may become outdated.

Show Answer

Question: 4

When reviewing backup policies, an IS auditor MUST verify that backup intervals of critical systems do not exceed which of the following?

AService level objective (SLO)

BRecovery time objective (RTO)

CMaximum acceptable outage (MAO)

DRecovery point objective (RPO)

Show Answer

Question: 5

An IS auditor observes that an organization s critical IT systems nave experienced several failures throughout the year. Which of the following is the BEST recommendation?

APerform a root cause analysis.

BImplement redundant systems.

CContract for a hot site

DPerform a disaster recovery test

Show Answer

Isaca CISA Quiz:371 Topic:3 Questions:1851-1855