Isaca CISA Quiz 619 Topic 5 Questions 3091-3095

Question: 1

Management has asked internal audit to prioritize and perform a specialized cybersecurity audit, but the IS audit team has no experience in this are

a. Which of the following is the BEST course of action?

ADelay the audit until an experienced IS auditor has been hired.

BPerform the audit as requested using third-party support.

CPerform the audit with the most experienced IS auditors.

DDelay the audit until the IS auditors are sufficiently trained

Show Answer

Question: 2

Which of the following is the PRIMARY benefit of performing a maturity model assessment'?

AIt acts as a measuring tool and progress indicator

BIt ensures organizational consistency and improvement

CIt identifies and fixes attribute weaknesses

DIt facilitates the execution of an improvement plan

Show Answer

Question: 3

Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?

ASecurity policies are not applicable across all business units.

BEnd users are not required to acknowledge security policy training.

CThe security policy has not been reviewed within the past year.

DSecurity policy documents are available on a public domain website.

Show Answer

Question: 4

An IS audit found that malware entered the organization through a spreadsheet macro, and the auditor

recommended that spreadsheet macros be disabled. All macros were disabled except those needed by the finance team for reporting purposes. Which of the following is the auditor's BEST course of action?

AClose the recommendation, as most of the risk has been mitigated.

BRecommend alternate reporting methods that do not use spreadsheet macros.

CAdvise management to disable the spreadsheet macros for the finance users.

DEscalate the issue to the audit committee.

Show Answer

Question: 5

Which of the following BEST ensures the confidentiality of sensitive data during transmission?

ASending data through proxy servers

BRestricting the recipient through destination IP addresses

CPassword protecting data over virtual local area networks (VLAN)

DSending data over public networks using Transport Layer Security (TLS)

Show Answer

Isaca CISA Quiz:619 Topic:5 Questions:3091-3095