Isaca CISA Quiz 54 Topic 5 Questions 266-270

Question: 1

Which of the following BEST facilitates detection of zero-day exploits?

AIntrusion detection systems (IDS)

BUser behavior analytics

CIntrusion prevention systems (IPS)

DAnti-malware software

Show Answer

Question: 2

An IS auditor performing an application development review attends development team meetings. The IS auditor's independence will be compromised if the IS auditor:

Adesigns and executes the user's acceptance test plan.

Bassists in developing an integrated test facility on the system.

Creviews the result of systems tests that were performed by the development team.

Dre-performs test procedures used by the development team.

Show Answer

Question: 3

When evaluating the management practices at a third-party organization providing outsourced services, the IS auditor considers relying on an independent auditor's report. The IS auditor would FIRST:

Adetermine if recommendations have been implemented

Breview the objectives of the audit

Cexamine the independent auditor's workpapers.

Ddiscuss the report with the independent auditor

Show Answer

Question: 4

Which of the following would be MOST time and cost efficient when performing a control self-assessment (CSA) for an organization with a large number of widely dispersed employees?

AFacilitated workshops

BSurvey questionnaire

CFace-to-face interviews

DTop-down and bottom-up analysis

Show Answer

Question: 5

What would be of GREATEST concern to an IS auditor reviewing end-user computing (EUC) spreadsheets used for financial reporting in which version control is not enforced?

AAccess requests are processed manually.

BSpreadsheets are maintained in various locations.

CSpreadsheet owners are only reviewed annually.

DSpreadsheets are not password protected.

Show Answer

Isaca CISA Quiz:54 Topic:5 Questions:266-270