Isaca CISA Quiz 430 Topic 3 Questions 2146-2150

Question: 1

An organization has implemented a distributed security administration system to replace the previous centralized one. The IS auditor's GREATEST concern should be that:

Asecurity procedures may be inadequate to support the change.

Ba distributed security system is inherently a weak security system

C,the new system will require additional training

Dend-user acceptance of the new system is likely to be difficult to obtain.

Show Answer

Question: 2

IT service engineers at a large organization are unable to effectively prioritize system-generated alerts from hundreds of applications running across multiple servers and databases. As a result many alerts are often ignored, leading to major problems including downtime. Which of the following is the BEST IS audit recommendation to address this situation?

ADevelop a classification scheme that prioritizes alerts according to potential business impact.

BGroup alerts from related systems and immediately escalate to the application owner.

CImplement a threshold management system that prioritizes alerts over a certain age.

DPrioritize alerts from legacy applications that may require remote support from external vendors.

Show Answer

Question: 3

An organization's current end-user computing practices include the use of a spreadsheet for financial statements. Which of the following is the GREATEST concern?

AOperational procedures have not been reviewed in the current fiscal year

BThe spreadsheet is not maintained by IT.

CThe spreadsheet contains numerous macros.

DFormulas are not protected against unintended changes.

Show Answer

Question: 4

An organization recently experienced a phishing attack that resulted in a breach of confidential information. Which of the following would be MOST relevant for an IS auditor to review when determining the root cause of the incident?

AEmail configurations

BBrowser configurations

CSimple mail transfer protocol (SMTP) logging

DAudit logging

Show Answer

Question: 5

Which of the following procedures should an IS auditor complete FIRST when evaluating the adequacy of IT key performance indicators (KPIs)?

AValidate the KPI thresholds.

BIndependently calculate the accuracy of the KPIs.

CReview KPIs that indicate poor IT performance.

DDetermine whether the KPIs support IT objectives.

Show Answer

Isaca CISA Quiz:430 Topic:3 Questions:2146-2150