Isaca CISA Quiz 484 Topic 6 Questions 2416-2420

Question: 1

An IS auditor has been asked to review an organization's security incident response plan for effectiveness Which of the following should the auditor recommend be done FIRST after a network intrusion event has occurred?

AContain the impact of the event

BEscalate the event to senior management

CIdentify procedures for recovery from the event

DNotify the appropriate regulatory bodies

Show Answer

Question: 2

A system undergoing acceptance testing is still subject to programming changes. This should have been prohibited in the acceptance test strategy through specifications of:

Aexit criteria

Bstress testing.

Cstopping criteria

Dentry criteria

Show Answer

Question: 3

For an application system with a large master Tile and a small transact ion-activity file, the MAIN benefit in changing from full transaction file backups to incremental backups would be

Aincreased disk seek time

Bincreased control over backup media

Creduced CPU processing time

Dfaster disaster recovery capability

Show Answer

Question: 4

In which of the following system development life cycle (SDLC) phases would an IS auditor expect to find that controls have been incorporated into system specifications?

ADevelopment

BImplementation

CFeasibility

DDesign

Show Answer

Question: 5

Which of the following BEST ensures IT incident and problem management practices will meet expected service level agreements (SLAs)?

AIncorporating lessons learned into problem resolution review meetings

BDefining problem impact and urgency levels through consultation with the business

CCreating records of known errors and documenting procedures for workarounds

DObtaining regular progress reports from IT change management on problem resolution

Show Answer

Isaca CISA Quiz:484 Topic:6 Questions:2416-2420