Question: 1
An IS auditor has been asked to review an organization's security incident response plan for effectiveness Which of the following should the auditor recommend be done FIRST after a network intrusion event has occurred?
Question: 2
A system undergoing acceptance testing is still subject to programming changes. This should have been prohibited in the acceptance test strategy through specifications of:
Question: 3
For an application system with a large master Tile and a small transact ion-activity file, the MAIN benefit in changing from full transaction file backups to incremental backups would be
Question: 4
In which of the following system development life cycle (SDLC) phases would an IS auditor expect to find that controls have been incorporated into system specifications?
Question: 5
Which of the following BEST ensures IT incident and problem management practices will meet expected service level agreements (SLAs)?