Which of the following is the MOST important prerequisite for the protection of physical information assets in a data center?
An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner. Which of the following is the auditor's BEST recommendation?
Which of the following would be a result of utilizing a top-down maturity model process?
During an IT governance audit, an IS auditor notes that IT policies and procedures are not regularly reviewed and updated. The GREATEST concern to the IS auditor is that policies and procedures might not:
In a RAO model, which of the following roles must be assigned to only one individual?
An IS auditor performs a follow-up audit and learns the approach taken by the auditee to fix the findings differs from the agreed-upon approach confirmed during the last audit. Which of the following should be the auditor's NEXT course of action?
Which of the following environments is BEST used for copying data and transformation into a compatible data warehouse format?
Which of the following is the BEST indicator of the effectiveness of signature-based intrusion detection systems (lDS)?
An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. Which of the following would be the BEST way to prevent accepting bad data?
In data warehouse (DW) management, what is the BEST way to prevent data quality issues caused by changes from a source system?
Which of the following is the MOST important reason to classify a disaster recovery plan (DRP) as confidential?
Which of the following BEST enables the timely identification of risk exposure?
Which of the following would BEST help lo support an auditor’s conclusion about the effectiveness of an implemented data classification program?
Which of the following is the GREATEST risk associated with storing customer data on a web server?
Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following should be of MOST concern to an IS auditor reviewing the public key infrastructure (PKI) for enterprise email?
Which of the following is the BEST source of information for an IS auditor to use as a baseline to assess the adequacy of an organization's privacy policy?
Providing security certification for a new system should include which of the following prior to the system's implementation?
Which of the following is the BEST audit procedure to determine whether a firewall is configured in compliance with the organization's security policy?
A project team has decided to switch to an agile approach to develop a replacement for an existing business application. Which of the following should an IS auditor do FIRST to ensure the effectiveness of the protect audit?
Which of the following is MOST important to consider when scheduling follow-up audits?
An IS auditor is analyzing a sample of accesses recorded on the system log of an application. The auditor intends to launch an intensive investigation if one exception is found Which sampling method would be appropriate?
Which of the following business continuity activities prioritizes the recovery of critical functions?
A third-party consultant is managing the replacement of an accounting system. Which of the following should be the IS auditor's GREATEST concern?
Which of the following BEST demonstrates that IT strategy Is aligned with organizational goals and objectives?
Which of the following is the MOST important determining factor when establishing appropriate timeframes for follow-up activities related to audit findings?
Which of the following provides the MOST assurance over the completeness and accuracy ol loan application processing with respect to the implementation of a new system?
The GREATEST benefit of using a polo typing approach in software development is that it helps to:
Which of the following activities provides an IS auditor with the MOST insight regarding potential single person dependencies that might exist within the organization?
An IS auditor is evaluating the risk associated with moving from one database management system (DBMS) to another. Which of the following would be MOST helpful to ensure the integrity of the system throughout the change?
An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives. Which of the following findings should be the IS auditor's GREATEST concern?
The PRIMARY reason for an IS auditor to use data analytics techniques is to reduce which type of audit risk?
Which of the following is the BEST way for an organization to mitigate the risk associated with third-party application performance?
Which of the following would be an appropriate rote of internal audit in helping to establish an organization's privacy program?
In which phase of penetration testing would host detection and domain name system (DNS) interrogation be performed?
A now regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor’s BEST recommendation to facilitate compliance with the regulation?
Which of the following is MOST important for an IS auditor to verify when evaluating an organization's firewall?
An organization is considering allowing users to connect personal devices to the corporate network. Which of the following should be done FIRST?
Which of the following is the MOST important activity in the data classification process?
Which of the following conditions would be of MOST concern to an IS auditor assessing the risk of a successful brute force attack against encrypted data at test?
Which of the following is MOST important for an IS auditor to do during an exit meeting with an auditee?
An IS auditor notes that IT and the business have different opinions on the availability of their application servers. Which of the following should the IS auditor review FIRST in order to understand the problem?
An employee loses a mobile device resulting in loss of sensitive corporate data. Which o( the following would have BEST prevented data leakage?
When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:
Which of the following would lead an IS auditor to conclude that the evidence collected during a digital forensic investigation would not be admissible in court?
PDF + Testing Engine |
---|
$99.6 |
Testing Engine |
---|
$90 |
PDF (Q&A) |
---|
$79.6 |
Isaca Free Exams |
---|
|