Isaca CISA Quiz 486 Topic 9 Questions 2426-2430

Question: 1

Which of the following should be the MOST important consideration when prioritizing IS audit activities

AThe complexity level of the audit procedure

BThe criticality of IT processes for the business function

CProcess owner availability during the audit

DThe number of audit team members required for the task

Show Answer

Question: 2

When evaluating a protect immediately prior to implementation, which of the following would provide the BEST evidence that the system has the required functionality?

AUser acceptance testing (UAT) results

BQuality assurance (QA) results

CIntegration testing results

DSign-off from senior management

Show Answer

Question: 3

An organization experienced a domain name system (DNS) attack caused by default user accounts not being removed from one of the servers. Which of the following would have been the BEST way to mitigate the risk of this DNS attack1?

AConfigure the servers from an approved standard configuration

BRequire all employees to attend training for secure configuration management

CHave a third party configure the virtual servers

DConfigure the intrusion prevention system (IPS) to identify DNS attacks

Show Answer

Question: 4

An organization plans to migrate some applications to an externally hosted data center However, the service provider has indicated that it does not provide assurance reports over controls in the data center. What would be an IS auditor's BEST recommendation to management in the absence of a third-party assurance report?

ACancel the proposed migration of applications.

BHave an independent assessment performed.

CObtain reporting on service level agreements (SLAs)

Dinclude a right-to-audit clause in the contract

Show Answer

Question: 5

An IS auditor has been invited to join an IT project team responsible for building and deploying a new digital customer marketing platform Which of the following is the BEST way for the auditor to support this project while maintaining independence?

ADevelop selection criteria for potential digital technology vendors

BConduct a risk assessment of the proposed initiative.

CAdvise on alternative solutions based on industry benchmarks

DDesign controls based on current regulatory requirements for digital technologies

Show Answer

Isaca CISA Quiz:486 Topic:9 Questions:2426-2430