Isaca CISA Quiz 544 Topic 4 Questions 2716-2720

Question: 1

Which of the following should be of MOST concern to an IS auditor evaluating a forensics program?

AForensic images are stored on removable media with encryption.

BForensic images are only stored for involuntarily terminated employees.

CForensic images are only maintained for 12 months.

DForensic images are stored on shared disks.

Show Answer

Question: 2

An IS auditor is assessing an organization's implementation of a virtual network. Which of the following observations should be considered the MOST significant risk?

ACommunication performance over the virtual network is not monitored.

BTraffic over the virtual network is not visible to security protection devices.

CPhysical and virtual network configurations are not managed by the same team.

DVirtual network devices are replicated and stored in offline mode.

Show Answer

Question: 3

During the evaluation of a firm's newly established whistleblower system, an auditor notes several findings. Which of the following should be the

auditor's GREATEST concern?

AThe whistleblower system is only available during business hours.

BNew employees have not been informed of the whistleblower policy.

CThe whistleblower system does not track the time and date of submission.

DThe whistleblower's privacy is not protected.

Show Answer

Question: 4

An IS auditor is planning a risk-based audit of the human resources department. The department uses separate systems for its payroll, training

and employee performance review functions. What should the IS auditor do FIRST before identifying the key controls to be tested?

ADetermine the inherent risk related to each system.

BDetermine the number of samples to be tested for each system.

CAssess the control risk associated with each system.

DIdentify the technical skills and resources needed to audit each system.

Show Answer

Question: 5

An IS auditor previously worked in an organization s IT department and was involved with the design of the business continuity plan (BCP). The IS

auditor has now been asked to review this same BCP. The auditor should FIRST.

Adocument the conflict in the audit report.

Bdecline the audit assignment.

Ccommunicate the conflict of interest to the audit manager prior to starting the assignment.

Dcommunicate the conflict of interest to the audit committee prior to starting the assignment

Show Answer

Isaca CISA Quiz:544 Topic:4 Questions:2716-2720