Question: 1
During a review of an organization's network threat response process. The IS auditor noticed that the majority of alerts were closed without resolution. Management responded that those alerts were unworkable due to lack of actionable intelligence, and therefore the support team is allowed to close them. What is the best way for the auditor to address the situation?
Question: 2
An IS auditor determines that an online retailer processing credit card information does not have a data classification process. The auditor's NEXT step should be
Question: 3
Which of the following should an IS auditor verify when auditing the effectiveness of virus protection?
Question: 4
The GREATEST risk of database renormalization is:
Question: 5
In assessing the priority given to systems covered in an organization's business continuity plan (BCP), an IS auditor should FIRST: