Isaca CISA Quiz 527 Topic 4 Questions 2631-2635

Question: 1

An IS auditor notes that several of a client's servers are vulnerable to attack due to open unused ports and

protocols. The auditor recommends management implement minimum security requirements. Which type of

control has been recommended?

APreventive

BCorrective

CDirective

DCompensating

Show Answer

Question: 2

An organization wants to classify database tables according to its data classification scheme. From an IS

Auditor's perspective, the tables should be classified based on the:

Anumber of end users with access to the table

Bfrequency of updates to the table

Cdescriptions of column names in the table

Dspecific functional contents of each single table

Show Answer

Question: 3

Following an IT audit, management has decided to accept the risk highlighted in the audit report. Which of the

following would provide the MOST assurance to the IS auditor that management is adequately balancing the

needs of the business with the need to manage risk?

AEstablished criteria exist for accepting and approving risk.

BIdentified risk is reported into the organization's risk committee.

CPotential impact and likelihood is adequately documented.

DA communication plan exists for informing parties impacted by the risk.

Show Answer

Question: 4

What should an IS auditor review FIRST when assessing the results of a recent penetration test to identify potential vulnerabilities?

ANumber of critical issues found

BSkill level of the network support staff

CIncident response process

DParameters of the test

Show Answer

Question: 5

Which of the following would be of GREATEST concern to an IS auditor when auditing a small organization's

purchasing department?

AThe organization lacks a purchasing officer with experience in purchasing activities.

BPurchases can be approved after expenses have already been incurred.

CSome members of the department can request and approve payments for purchase requests.

DPurchasing procedures and processes have not been updated during the past two years.

Show Answer

Isaca CISA Quiz:527 Topic:4 Questions:2631-2635