Isaca CISA Quiz 462 Topic 3 Questions 2306-2310

Question: 1

Which of the following methods would BEST ensure that IT strategy is in line with business strategy?

ABusiness impact analysis (B!A)

BBreak-even analysis

CValue analysis

DCritical path analysis

Show Answer

Question: 2

An IS auditor observes that the CEO has full access to the enterprise resource planning (ERP) system The IS auditor should FIRST

Arecommend that the privilege be removed

Bignore the observation as not being material to the review

Cdocument the finding as a potential risk

Daccept the level of access provided as appropriate

Show Answer

Question: 3

Which of the following is the MOST effective control to mitigate against the risk of inappropriate activity by employees?

ATwo-factor authentication

BAccess recertification

CNetwork segmentation

DUser activity monitoring

Show Answer

Question: 4

An organization's only IS auditor is asked to design controls tor a new system and is also scheduled to audit the system after implementation. Which of the following is the BEST action for the auditor?

ARequest external audit to perform an independent review of the advice to be provided

BDecline lo undertake the design role because of the conflict of interest a

CInform the audit committee of the conflict of interest

DRespond positively to the request because there is no conflict of interest

Show Answer

Question: 5

An IS auditor is evaluating the risk of zero-day attacks and related mitigating controls for an organization. The auditor's BEST recommendation is to implement

Aa heunsbc intrusion prevention system (IPS).

Ban intrusion detection system (IDS).

Ca demilitarized zone (DMZ).

Da signature-based antivirus program

Show Answer

Isaca CISA Quiz:462 Topic:3 Questions:2306-2310