Isaca CISA Quiz 424 Topic 5 Questions 2116-2120

Question: 1

Which of the following is the MOST effective way to assess whether an outsourcer's controls are following the service level agreement (SLA)?

APerform a review of penalty clauses for non-performance.

BReview an internal audit report from the outsourcer's auditor.

CReview the outsourcer's monthly service reports.

DPerform an onsite review of the outsourcer.

Show Answer

Question: 2

An organization has implemented an automated match between purchase orders, goods receipts, and invoices. Which of the following risks will this control BEST mitigate?

ACustomer discounts not being applied

BInvalid payments being processed by the system

CDelay of purchase orders

DA legitimate transaction being paid multiple times

Show Answer

Question: 3

Which of the following would help determine the maturity of an information security awareness program?

AA simulated social engineering test

BA gap assessment against an established model

CA network vulnerability assessment

DA review of the annual penetration test results

Show Answer

Question: 4

Which of the following is the PRIMARY benefit of including IT management and staff when conducting control self-assessments (CSAs) within an organization?

AIt reduces the workload of external and internal auditors.

BIt improves the efficiency of business and IT operational processes.

CIt increases buy-in for more stringent controls.

DIt helps to identify risk to the business.

Show Answer

Question: 5

A government organization uses standard Wi-Fi Protected Access 2 (WPA2) to protect confidential information transmitted to a file server. Which of the following is the IS auditor's BEST recommendation to further strengthen security?

ACertificate-based authentication

BNetwork address translation (NAT)

CService set identifier (SSID) masking

DMedia access control (MAC) address filtering

Show Answer

Isaca CISA Quiz:424 Topic:5 Questions:2116-2120