Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free IIA IIA-CIA-Part3 Practice Exam with Questions & Answers | Set: 14

Questions 196

Which of the following controls refers to requiring employees to use a combination of PINs, passwords, and/or biometrics to access an organization ' s smart device apps and data?

Options:
A.

Remote wipe.

B.

Software encryption.

C.

Device encryption.

D.

Authentication.

IIA IIA-CIA-Part3 Premium Access
Questions 197

According to IIA guidance, which of the following would be the best first stop to manage risk when a third party is overseeing the organization ' s network and data?

Options:
A.

Creating a comprehensive reporting system for vendors to demonstrate their ongoing due diligence in network operations.

B.

Drafting a strong contract that requires regular vendor control reports end a right-to-audit clause.

C.

Applying administrative privileges to ensure right to access controls are appropriate.

D.

Creating a standing cyber-security committee to identify and manage risks related to data security

Questions 198

According to 11A guidance on IT, which of the following are indicators of poor change management?

1. Inadequate control design.

2. Unplanned downtime.

3. Excessive troubleshooting .

4. Unavailability of critical services.

Options:
A.

2 and 3 only.

B.

1, 2, and 3 only

C.

1, 3, and 4 only

D.

2, 3, and 4 only

Questions 199

An organization has a declining inventory turnover but an Increasing gross margin rate, Which of the following statements can best explain this situation?

Options:
A.

The organization ' s operating expenses are increasing.

B.

The organization has adopted just-in-time inventory.

C.

The organization is experiencing Inventory theft

D.

The organization ' s inventory is overstated.

Questions 200

Which of the following control techniques would minimize the risk of interception during transmission in an electronic data interchange system?

    Encryption.

    Traffic padding.

    Edit checks.

    Structured data format.

Options:
A.

1 and 2 only

B.

2 and 3 only

C.

3 and 4 only

D.

1, 2, and 3 only

Questions 201

According to IIA guidance, which of the following corporate social responsibility activities is appropriate for the internal audit activity to perform?

Options:
A.

Determine the optimal amount of resources for the organization to invest in corporate social responsibility.

B.

Align corporate social responsibility program objectives with the organization ' s strategic plan.

C.

Integrate corporate social responsibility activities into the organization ' s decision-making process.

D.

Determine whether the organization has an appropriate policy governing its corporate social responsibility activities.

Questions 202

A financial technology startup consists of self-managed teams. Although each team can make proposals to other teams, decision-making lies within each individual team.

Which of the following risks could arise from this organizational structure?

Options:
A.

Processes are bureaucratic.

B.

Decision-making is slow.

C.

Resources are duplicated.

D.

Power is overconcentrated.

Questions 203

A multinational organization allows its employees to access work email via personal smart devices. However, users are required to consent to the installation of mobile device management (MDM) software that will remotely wipe data in case of theft or other incidents. Which of the following should the organization ensure in exchange for the employees ' consent?

Options:
A.

That those employees who do not consent to MDM software cannot have an email account.

B.

That personal data on the device cannot be accessed and deleted by system administrators.

C.

That monitoring of employees ' online activities is conducted in a covert way to avoid upsetting them.

D.

That employee consent includes appropriate waivers regarding potential breaches to their privacy.

Questions 204

Which of the following is a result of Implementing on e-commerce system, which relies heavily on electronic data interchange and electronic funds transfer, for purchasing and biting?

Options:
A.

Higher cash flow and treasury balances.

B.

Higher inventory balances

C.

Higher accounts receivable.

D.

Higher accounts payable

Questions 205

Which of the following controls is the most effective for ensuring confidentially of transmitted information?

Options:
A.

Firewall.

B.

Antivirus software.

C.

Passwords.

D.

Encryption.

Questions 206

Which of the following authentication device credentials is the most difficult to revoke when an employee ' s access rights need to be removed?

Options:
A.

A traditional key lock.

B.

A biometric device.

C.

A card-key system.

D.

A proximity device.

Questions 207

An organization has an immediate need for servers, but no time to complete capital acquisitions. Which of the following cloud services would assist with this situation?

Options:
A.

Infrastructure as a Service (laaS).

B.

Platform as a Service (PaaS).

C.

Enterprise as a Service (EaaS).

D.

Software as a Service (SaaS).

Questions 208

Which of the following is a characteristic of using a hierarchical control structure?

Options:
A.

Less use of policies and procedures.

B.

Less organizational commitment by employees.

C.

Less emphasis on extrinsic rewards.

D.

Less employee’s turnover.

Questions 209

Which of the following principles is shared by both hierarchical and open organizational structures?

A superior can delegate the authority to make decisions but cannot delegate the ultimate responsibility for the results of those decisions.

A supervisor ' s span of control should not exceed seven subordinates.

Responsibility should be accompanied by adequate authority.

Employees at all levels should be empowered to make decisions.

Options:
A.

1 and 3 only

B.

1 and 4 only

C.

2 and 3 only

D.

3 and 4 only

Questions 210

An internal auditor is completing an access control assessment of a telecommunication organization’s offsite facility.

Which of the following physical security measures would best prevent unauthorized access to the facility?

Options:
A.

Proximity badges.

B.

Key locks.

C.

Combination codes.

D.

Biometric locks.