Month End Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

How to Pass the IIA IIA-CIA-Part3 Exam: Comprehensive Business Knowledge for Internal Auditing Guide and Tips

Questions 81

An organization discovered fraudulent activity involving the employee time-tracking system. One employee regularly docked in and clocked out her co-worker friends on their days off, inflating their reported work hours and increasing their wages. Which of the following physical authentication devices would be most effective at disabling this fraudulent scheme?

Options:
A.

Face or finger recognition equipment,

B.

Radio-frequency identification chips to authenticate employees with cards.

C.

A requirement to clock in and clock out with a unique personal identification number.

D.

A combination of a smart card and a password to clock in and clock out.

IIA IIA-CIA-Part3 Premium Access
Questions 82

An organization is considering outsourcing its IT services, and the internal auditor as assessing the related risks. The auditor grouped the related risks into three categories;

- Risks specific to the organization itself.

- Risks specific to the service provider.

- Risks shared by both the organization and the service provider

Which of the following risks should the auditor classify as specific to the service provider?

Options:
A.

Unexpected increases in outsourcing costs.

B.

Loss of data privacy.

C.

Inadequate staffing.

D.

Violation of contractual terms.

Questions 83

Which of the following is a result of Implementing on e-commerce system, which relies heavily on electronic data interchange and electronic funds transfer, for purchasing and biting?

Options:
A.

Higher cash flow and treasury balances.

B.

Higher inventory balances

C.

Higher accounts receivable.

D.

Higher accounts payable

Questions 84

Which of the following scenarios best illustrates a spear phishing attack?

Options:
A.

Numerous and consistent attacks on the company's website caused the server to crash and service was disrupted.

B.

A person posing as a representative of the company’s IT help desk called several employees and played a generic prerecorded message requesting password data.

C.

A person received a personalized email regarding a golf membership renewal, and he click a hyperlink to enter his credit card data into a fake website

D.

Many users of a social network service received fake notifications of e unique opportunity to invest in a new product.

Questions 85

Which of the following is considered a physical security control?

Options:
A.

Transaction logs are maintained to capture a history of system processing.

B.

System security settings require the use of strong passwords and access controls.

C.

Failed system login attempts are recorded and analyzed to identify potential security incidents.

D.

System servers are secured by locking mechanisms with access granted to specific individuals.

Questions 86

Which of the following information security controls has the primary function of preventing unauthorized outside users from accessing an organization's data through the organization's network?

Options:
A.

Firewall.

B.

Encryption.

C.

Antivirus.

D.

Biometrics.

Questions 87

According to I1A guidance on IT. which of the following activities regarding information security Is most likely to be the responsibility of line management as opposed to executive management, internal auditors, or the board?

Options:
A.

Review and monitor security controls.

B.

Dedicate sufficient security resources.

C.

Provide oversight to the security function.

D.

Assess information control environments.

Questions 88

A manufacturer ss deciding whether to sell or process materials further. Which of the following costs would be relevant to this decision?

Options:
A.

Incremental processing costs, incremental revenue, and variable manufacturing expenses.

B.

Joint costs, incremental processing costs, and variable manufacturing expenses.

C.

Incremental revenue, joint costs, and incremental processing costs.

D.

Variable manufacturing expenses, incremental revenue, and joint costs

Questions 89

A small software development firm designs and produces custom applications for businesses. The application development team consists of employees from multiple departments who all report to a single project manager. Which of the following organizational structures does this situation represent?

Options:
A.

Functional departmentalization.

B.

Product departmentalization

C.

Matrix organization.

D.

Divisional organization

Questions 90

An organization prepares a statement of privacy to protect customers' personal information. Which of the following might violate the privacy principles?

Options:
A.

Customers can access and update personal information when needed.

B.

The organization retains customers' personal information indefinitely.

C.

Customers reserve the right to reject sharing personal information with third parties.

D.

The organization performs regular maintenance on customers' personal information.