Question: 1
Which of the following is the GREATEST cause for concern when an organization is planning to migrate
business-critical applications to the cloud using a Platform as a Service (PaaS) model?
Question: 2
During a post-incident review of a security breach, what type of analysis should an IS auditor expect to be
performed by the organization's information security team?
Question: 3
Following an acquisition, it was decided that legacy applications subject to compliance requirements will
continue to be used until they can be phased out. The IS auditor needs to determine where there are control
redundancies and where gaps may exist. Which of the following activities would be MOST helpful in making
this determination?
Question: 4
Which of the following activities provides an IS auditor with the MOST insight regarding potential single person
dependencies that might exist withing the organization?
Question: 5
Which of the following is MOST important for the successful establishment of a security vulnerability
management program?