Isaca CISA Quiz 443 Topic 8 Questions 2211-2215

Question: 1

After the release of an application system, an IS auditor wants to verify that the system is providing value to the organization. The auditor's BEST course of action would be to:

AQuantify improvements in client satisfaction

BPerform a gap analysis against the benefits defined in the business case

CReview the results of compliance testing

DConfirm that risk has declined since the application system release

Show Answer

Question: 2

Which of the following is the MOST effective control to mitigate unintentional misuse of authorised access?

AFormalized disciplinary action

BSecurity awareness training

CAnnual sign-off of acceptable use policy

DRegular monitoring of user access logs

Show Answer

Question: 3

Which of the following is MOST important for an IS auditor to consider during a review of the IT governance of an organization?

AFunding allocation

BDefined service levels

CRisk management methodology

DDecision making responsibilities

Show Answer

Question: 4

A recent audit concluded that an organization's information security system was weak and that monitoring would likely fail to detect penetration. Which of the following would be the MOST appropriate recommendation?

AIdentify and periodically remove sensitive data that is no longer needed

BLook continually for new criminal behaviour and attacks on sensitive data

CEncrypt sensitive data while strengthening the system

DEstablish a clear policy related to security and the handling of sensitive data

Show Answer

Question: 5

During a security audit, which of the following is MOST important to review to ensure data confidentiality is managed?

AAccess log monitoring

BNetwork configuration

CAccess controls

DData flows

Show Answer

Isaca CISA Quiz:443 Topic:8 Questions:2211-2215