Isaca CISA Quiz 444 Topic 4 Questions 2216-2220

Question: 1

Following a security breach, in which a hacker exploited a well-known vulnerability in the domain controller, an IS auditor has been asked to conduct a control assessment. The auditor's BEST course of action would be to determine it:

AThe network traffic was being monitored

BThe domain controller was classified for high availability

CThe logs were monitored

DThe patches were updated

Show Answer

Question: 2

When reviewing a newly implemented quality management system (QMS), which of the following should be the IS auditor's PRIMARY concern?

AThe QMS post-implementation review (PIR) has not been finalized

BThe QMS testing methodology is not clearly documented

CThe QMS is not mapped to some core business processes

DThe QMS benefit measures were not included in the business case

Show Answer

Question: 3

When an organization is having new software implemented under contract, which of the following is key to controlling escalating costs due to scope creep?

AChange management

BProblem management

CQuality management

DRisk management

Show Answer

Question: 4

The PRIMARY advantage of object oriented technology is enhanced:

AEfficiency due to the reuse of elements of logic

BManagement of sequential program execution for data access

CGrouping of objects into methods for data access

DManagement of a restricted variety of data types for a data object

Show Answer

Question: 5

An IS auditor is unable to directly test privacy controls for a client cloud based applications. The MOST effective alternative to direct testing is to review

Isaca CISA Quiz:444 Topic:4 Questions:2216-2220