Isaca CISA Quiz 36 Topic 7 Questions 176-180

Question: 1

Following a recent internal data breach, an IS auditor was asked to evaluate information security practices within the organization. Which of the following findings would be MOST important to report to senior management?

ADesktop passwords do not require special characters

BEmployees are not required to sign a non-compete agreement.

CUsers lack technical knowledge related to security and data protection

DSecurity education and awareness workshops have not been completed

Show Answer

Question: 2

Which of the following is the PRIMARY objective of baselining the IT control environment?

AAlign IT strategy with business strategy.

BDetect control deviations.

CDefine process and control ownership.

DEnsure IT security strategy and policies are effective.

Show Answer

Question: 3

During a follow-up audit, an IS auditor finds that some critical recommendations have not been addressed as management has decided to accept the risk. Which of the following is the IS auditor's BEST course of action?

AAdjust the annual risk assessment accordingly.

BUpdate the audit program based on management's acceptance of risk.

CEvaluate senior managements acceptance of the risk.

DRequire the auditee to address the recommendations in full.

Show Answer

Question: 4

During an audit of an organization's financial statements, an IS auditor finds that the IT general controls are deficient. What should the IS auditor recommend?

AIncrease the substantive testing of the financial balances.

BPlace greater reliance on the framework of control.

CPlace greater reliance on the application controls.

DIncrease the compliance testing of the application controls.

Show Answer

Question: 5

Which of the following is an IS auditor's BEST recommendation to mitigate the risk of eavesdropping associated with an application programming interface (API) integration implementation?

AImplement Transport Layer Security (TLS)

BImplement Simple Object Access Protocol (SOAP)

CEncrypt the extensible markup language (XML) file

DMask the API endpoints

Show Answer

Isaca CISA Quiz:36 Topic:7 Questions:176-180