Isaca CISA Quiz 577 Topic 6 Questions 2881-2885

Question: 1

When determining which IS audits to conduct during the upcoming year, internal audit has received a request from management for multiple audits of the contract division due to fraud findings during the prior year Which of the following is the BEST basis for selecting the audits to be performed?

ASelect audits based on management's suggestion

BSelect audits based on the skill sets of the IS auditors.

CSelect audits based on collusion risk

DSelect audits based on an organizational risk assessment.

Show Answer

Question: 2

The use of symmetric key encryption controls to protect sensitive data transmitted over a communications network requires that.

Apublic keys be stored in encrypted form.

Bencryption keys at one end be changed on a regular basis

Cprimary keys for encrypting the data be stored in encrypted form

Dencryption keys be changed only when a compromise is detected at both ends

Show Answer

Question: 3

An IT organization's incident response plan is which type of control?

ADetective

BDirective

CPreventive

DCorrective

Show Answer

Question: 4

Which of the following findings should be of GREATEST concern to an IS auditor reviewing the effectiveness of an organization's problem management practices?

AProblem records are prioritized based on the impact of incidents

BSome incidents are closed without problem resolution.

CRoot causes are not adequately identified

DProblems are frequently escalated to management for resolution

Show Answer

Question: 5

Which of the following clauses is MOST important to include in a contract to help maintain data privacy in the event a Platform as a Service (PaaS) provider becomes financially insolvent?

AIntellectual property protection

BSoftware escrow

CData classification

DSecure data destruction

Show Answer

Isaca CISA Quiz:577 Topic:6 Questions:2881-2885