Isaca CISA Quiz 498 Topic 7 Questions 2486-2490

Question: 1

Which of the following are the PRIMARY considerations when determining the timing of remediation testing?

AThe availability and competencies of control owners tor implementing the agreed action plans

BThe significance of the reported findings and the impact if corrective actions ate not taken

CThe difficult of scheduling resources and availability of management tor a I up engagement

DThe level of management and business commitment to implementing agreed action plans

Show Answer

Question: 2

During an audit of an organizations intranet, it is discovered that users are not deleting their local web Browser caches on a regular basis This practice will result In the risk of

disclosure of information

Areputation

Bdata incompleteness

Cdata incompleteness

Dlack of data integrity

Show Answer

Question: 3

The results of an IS audit indicating the need to strengthen controls has oeen communicated to the appropriate stakeholders Which of the following is the BEST way for management to enforce Implementation of the recommendations?

ARequest auditors to design a roadmap for closure

BCopy senior management on communications related to the audit

CHave stakeholders developer a business case for control changes

DAssign ownership to each remediation activity

Show Answer

Question: 4

During the review of an organization's software development process, which of the following would be the IS auditor's GREATEST concern related to software security coding testing?

AA security validation framework is not used In the development process

BThe developers are not qualified to conduct security and performance testing

CDevelopers did not document the initial vulnerabilities

DOnly newly developer applications are submitted tor code reviews

Show Answer

Question: 5

An IS auditor discovers trial a security information and event management (SIEM) system is not monitored outside of business hours. Which of the following is the auditors BEST course of action?

APerform a business impact analysis (BIA)

BRecommend a third-party monitored SIEM service.

CDetermine whether an alert system has boon established.

DNotify the chief information security officer (CISO)

Show Answer

Isaca CISA Quiz:498 Topic:7 Questions:2486-2490