Isaca CISA Quiz 589 Topic 6 Questions 2941-2945

Question: 1

An IS audit reveals that many of an organization's Internet of Things (loT) devices have not been patched. Which of the following should the auditor do FIRST when determining why these devices have not received the required patches?

ADetermine the physical location of the deployed devices

BReview the organization's patching policy and process documentation

CEnsure the devices are listed in the asset inventory database

DReview the organization's most recent risk assessment on loT devices

Show Answer

Question: 2

Which of the following should be an IS auditor's GREATEST concern when reviewing an outsourcing arrangement with a third-party cloud service provider to host personally identifiable data?

AThe data is not adequately segregated on the host platform.

BFees are charged based on the volume of data stored by the host.

CThe outsourcing contract does not contain a right-to-audit clause.

DThe organization's servers are not compatible with the third party's infrastructure

Show Answer

Question: 3

While conducting a system architecture review, an IS auditor learns of multiple complaints from field agents about the latency of a mobile thin client designed to provide information during site inspections Which of the following is the BEST way to address this situation?

AUpgrade the processors in the field agents' mobile devices

BDeploy a middleware application to improve messaging between application components.

CSwitch to a thick-client architecture that does not require a persistent fetwork connectio.

DUpgrade the thin-client software to provide more informative error messages during application loading

Show Answer

Question: 4

A financial institution has a system interface that is used by its branches to obtain applicable currency exchange rates when processing transactions Which of the following should be the PRIMARY control objective for maintaining the security of the system interface?

APreventing unauthorized access to the data via malicious activity

BPreventing unauthorized access to the data via interception

CEnsuring the integrity of the data being transferred

DEnsuring the availability of the data being transferred

Show Answer

Question: 5

Which of the following is the PRIMARY purpose of quality assurance (QA) within an IS audit department?

ATo ensure conclusions are reliable and no false assurance is given

BTo regularly assess and improve audit methodology

CTo enforce audit policies and identify any deviations

DTo confirm audit practice is aligned with industry standards and benchmarks

Show Answer

Isaca CISA Quiz:589 Topic:6 Questions:2941-2945