Isaca CISA Quiz 436 Topic 3 Questions 2176-2180

Question: 1

Which of the following would be the MOST appropriate reason for an organization to purchase fault-tolerant hardware?

AImproving system performance

BReducing hardware maintenance costs

CMinimizing business loss

DCompensating for the lack of contingency planning

Show Answer

Question: 2

As part of an IS audit, the auditor notes the practices listed below.

Which of the following would be a segregation of duties concern?

AOperators are degaussing magnetic tapes during night shifts

BSystem programmers have logged access to operating system parameters.

CSystem programmers are performing the duties of operators.

DOperators are acting as tape librarians on alternate shifts.

Show Answer

Question: 3

During an audit of identity and access management, an IS auditor finds that the engagement audit plan does not include the testing of controls that regulate access by third parties. Which of the following would be the auditor's BEST course of action?

AAdd testing of third-party access controls to the scope of the audit.

BEscalate the deficiency to audit management.

CPlan to test these controls in another audit.

DDetermine whether the risk has been identified in the planning documents.

Show Answer

Question: 4

Which of the following provides the BEST audit evidence that a firewall is configured in compliance with the organization's security policy?

AAnalyzing how the configuration changes are performed

BAnalyzing log files

CPerforming penetration testing

DReviewing the rule base

Show Answer

Question: 5

Which of the following IS functions can be performed by the same group or individual while still providing the proper segregation of duties?

AApplication programming and systems analysis

BComputer operations and application programming

CSecurity administration and application programming

DDatabase administration and computer operations

Show Answer

Isaca CISA Quiz:436 Topic:3 Questions:2176-2180