Isaca CISA Quiz 58 Topic 4 Questions 286-290

Question: 1

Which of the following Is the MOST important consideration when Investigating a security breach of an e-commerce application?

ANotifications to law enforcement

BChain of custody

CSkill set of the response team

DProcedures to analyze evidence

Show Answer

Question: 2

Which of the following should be done FIRST when developing a business continuity plan (BCP)?

AReview environmental controls.

BConduct a business impact analysis (BIA)

CPerform a business threat assessment.

DPerform a vulnerability analysis

Show Answer

Question: 3

End users have been demanding the ability to use their own devices for work, but want to keep personal information out of corporate control. Which of the following would be MOST effective at reducing the risk of security incidents while satisfying end user requirements?

AEnable remote wipe capabilities for the devices.

BEncrypt corporate data on the devices.

CImplement an acceptable use policy.

DRequire complex passwords.

Show Answer

Question: 4

As part of an audit response, an auditee has concerns with the recommendations and is hesitant to implement them. Which of the following would be the BEST course of action for the IS auditor?

AConduct further discussions with the auditee to develop a mitigation plan.

BAccept the auditee's response and perform additional testing.

CSuggest hiring a third-party consultant to perform a current state assessment.

DIssue a final report without including the opinion of the auditee.

Show Answer

Question: 5

An IS auditor discovers an option in a database that allows the administrator to directly modify any table This option is necessary to overcome Dugs in the software, but is rarely used Changes to tables are automatically logged The IS auditors FIRST action should be to:

Arecommend that the option to directly modify the database be removed immediately

Bdetermine whether the audit trail is secured and reviewed

Cdetermine whether the log of changes lo the tables is backed up

Drecommend that the system require two persons to be involved in modifying the database

Show Answer

Isaca CISA Quiz:58 Topic:4 Questions:286-290