Isaca CISA Quiz 509 Topic 5 Questions 2541-2545

Question: 1

An IS auditor is reviewing an organization's implementation of a bring your own device (BYOD) program. Which of the following would be the BEST recommendation to help ensure sensitive data is protected if a device is in the possession of an unauthorized individual?

AEnable the location service feature on devices.

BEncrypt data on devices including storage media.

CAuthenticate device users when accessing the corporate network.

DEnable remote wiping of critical data.

Show Answer

Question: 2

An IS auditor is performing a post-implementation review of a system deployed two years ago Which of the following findings should be of MOST concern to the auditor?

AThe system has undergone several change requests to further extend functionality

BBenefits as stated In me business case have not been realized .

CWorkarounds due to remaining defects had to be used longer than anticipated.

DMaintenance costs were not included in the project lifecycle costs.

Show Answer

Question: 3

An IS auditor submitted audit reports and scheduled a follow-up audit engagement with a client The client has requested to engage the services of the same auditor to develop enhanced controls. What Is the GREATEST concern with this request?

AIt would be a possible conflict of interest

BIt would be beyond the original audit scope

CIt would require the approval of the audit manager

DIt would require a change to the audit plan

Show Answer

Question: 4

Which of the following is MOST important for an IS auditor to consider when evaluating an organization's effectiveness in mitigating Internal fraud risk?

ANetwork monitoring controls

BData leakage prevention controls

CData encryption controls

DSegregation of duty controls

Show Answer

Question: 5

When reviewing access controls, an internal auditor discovers unauthorized access rights to confidential network folders. What is the auditor's FIRST action?

AReport to the audit committee and suggest further Investigation.

BReport to the data owner and recommend remediation

CReview access control policies and procedures.

DContact the network administrator and require access be disabled

Show Answer

Isaca CISA Quiz:509 Topic:5 Questions:2541-2545