Isaca CISA Quiz 67 Topic 5 Questions 331-335

Question: 1

An IS auditor discovers that due to resource constraints, a database administrator (DBA) is responsible for developing and executing changes Into the production environment. Which of the following should the auditor do FIRST?

AEnsure a change management process is followed prior to implementation.

BIdentify whether any compensating controls exist.

CDetermine whether another database administrator (DBA) could make the
changes.

DReport a potential segregation of duties (SoD) violation

Show Answer

Question: 2

Which of the following should be done by an IS auditor during a post-implementation review of a critical application that has been operational for six months?

AExamine project change request logs.

BVerify the accuracy of data conversions.

CAssess project management risk reports.

DTest program system interfaces.

Show Answer

Question: 3

When responding to an ongoing denial of service (DoS) attack, an organization's FIRST course of action should be to:

Aanalyze the attack path

Bminimize impact

CInvestigate damage

Drestore service.

Show Answer

Question: 4

Following the sale of a business division, employees will be transferred to a new organization, but they will retain access to IT equipment from the previous employer An IS auditor has recommended that both organizations agree to and document an acceptable use policy for the equipment What type of control has been recommended?

ADetective control

BDirective control

CCorrective control

DPreventive control

Show Answer

Question: 5

The risk of communication failure in an e-commerce environment is BEST minimized through the use of:

Afunctional or message acknowledgments.

Bcompression software to minimize transmission duration.

Calternative or diverse routing.

Da packet filtering firewall to reroute messages.

Show Answer

Isaca CISA Quiz:67 Topic:5 Questions:331-335