Isaca CISA Quiz 351 Topic 4 Questions 1751-1755

Question: 1

mission-critical applications with a low recovery time objective (RTO). which of the following is the BEST backup strategy?

AArchiving to conventional disk

BUse of virtual tape libraries

CMirroring

DFrequent back-ups to tape

Show Answer

Question: 2

During an audit of information security procedures of a large retailer s online store, an IS auditor notes that operating system (OS) patches are automatically deployed upon -. Which of the following should be of GREATEST concern to the auditor?

APatches are not reflected in the configuration management database

BPatches are in conflict with current licensing agreements

CPatches are not tested before installation on critical servers.

DPatches are pushed from the vendor increasing Internet traffic

Show Answer

Question: 3

Overall responsibility for approving logical access rights to information assets should reside with the:

Adata and systems owners.

Bsystems delivery and operations group

Csecurity administrator.

Dsystems administrator.

Show Answer

Question: 4

The BEST way to prevent fraudulent payments is to implement segregation of duties between payment processing and:

Apayment approval.

Brequisition creation.

Cvendor setup.

Dcheck creation.

Show Answer

Question: 5

Which of the following metrics would be MOST helpful to an IS auditor in evaluating an organizations security incident response management capability?

ANumber of business interruptions due to IT security incidents per year

BNumber of malware infections in business applications detected per day

CNumber of alerts generated by intrusion detection systems (IDS) per minute

DNumber of IT security incidents reported per month

Show Answer

Isaca CISA Quiz:351 Topic:4 Questions:1751-1755