Isaca CISA Quiz 417 Topic 6 Questions 2081-2085

Question: 1

Which of the following system deployments requires the cloud provider to assume the widest range of responsibilities for data protection?

ASoftware as a Service (SaaS)

BPlatform as a Service (PaaS)

CDatabase as a Service (DBaaS)

DInfrastructure as a Service (IasSI

Show Answer

Question: 2

A small organization is experiencing rapid growth and plans to create a new information security policy. Which of the following is MOST relevant to creating the policy?

AIndustry standards

BThe business objectives

CThe business impact analysis

DPrevious audit recommendations

Show Answer

Question: 3

When connecting to an organization's intranet from the Internet, security against unauthorized access is BEST achieved by using:

Ascreening routers,

Bvirtual private networks (VPNs).

Cproxy servers.

Dencryption

Show Answer

Question: 4

During an audit of a payroll system, an IS auditor identifies that two employees share the same bank account. The auditor is concerned they may be ghost employees. Which of the following should the auditor do NEXT?

AAdvise payroll management to suspend both employees accounts until further investigated.

BDraft a report with a finding that there may be ghost employees.

CNotify the human resources executive immediately.

DConduct inquiries to determine whether the two employees have a relationship.

Show Answer

Question: 5

An IS auditor has performed an agreed-upon procedures engagement for the organization's IT steering committee. Which of the following would be the MOST important element to include in the report?

AManagements representation on the effectiveness of controls

BAn opinion on the effectiveness of controls

CStatement that the engagement followed standards

DComplementary user entity controls

Show Answer

Isaca CISA Quiz:417 Topic:6 Questions:2081-2085