Which of the following should be of GREATEST concern to an IS auditor when using data analytics?
During which stage of the penetration test cycle does the tester utilize identified vulnerabilities to attempt to access the target system?
An organization has an acceptable use policy in place, but users do not formally acknowledge the policy. Which of the following is the MOST significant risk from this finding?
Which of the following BEST enables an organization to verify whether an encrypted message sent by a client has been altered?
Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?
Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?
A PRIMARY objective of risk management is to keep the total cost of risks below the:
A firewall between internal network segments improves security and reduces risk by:
In a high-volume, real-time system, the MOST effective technique by which to continuously monitor and analyze transaction processing is:
Which of the following should be the FIRST step when developing a data loss prevention (DLP) solution for a large organization?
An IS auditor should look for which of the following to ensure the risk associated with scope creep has been mitigated during software development?
Which of the following business continuity activities prioritizes the recovery of critical functions?
Which of the following is MOST important to consider when developing a service level agreement (SLAP)?
A project team has decided to switch to an agile approach to develop a replacement for an existing business application. Which of the following should an IS auditor do FIRST to ensure the effectiveness of the protect audit?
An IS auditor has found that a vendor has gone out of business and the escrow has an older version of the source code. What is the auditor ' s BEST recommendation for the organization?
Which of the following should be the IS auditor ' s PRIMARY focus, when evaluating an organization ' s offsite storage facility?
Which of the following issues identified during a formal review of an organization ' s information security policies presents the GREATEST potential risk to the organization?
Which of the following is MOST appropriate to review when determining if the work completed on an IT project is in alignment with budgeted costs?
When selecting a new data loss prevention (DLP) solution, the MOST important consideration is that the solution:
Which of the following is the BEST indication that a software development project is on track to meet its completion deadline?
The PRIMARY reason to assign data ownership for protection of data is to establish:
In a 24/7 processing environment, a database contains several privileged application accounts with passwords set to never expire. Which of the following recommendations would BEST address the risk with minimal disruption to the business?
Which of the following risk scenarios is BEST mitigated through the use of a data loss prevention (DLP) tool?
An IS auditor is reviewing security controls related to collaboration tools for a business unit responsible for intellectual property and patents. Which of the following observations should be of MOST concern to the auditor?
An IS auditor finds that an organization ' s data loss prevention (DLP) system is configured to use vendor default settings to identify violations. The auditor ' s MAIN concern should be that:
An organization that has suffered a cyber-attack is performing a forensic analysis of the affected users ' computers. Which of the following should be of GREATEST concern for the IS auditor reviewing this process?
An organization outsourced its IS functions to meet its responsibility for disaster recovery, the organization should:
During audit framework. an IS auditor teams that employees are allowed to connect their personal devices to company-owned computers. How can the auditor BEST validate that appropriate security controls are in place to prevent data loss?
Which of the following is the MOST effective way to detect as many abnormalities as possible during an IS audit?
An IS auditor is reviewing an organization ' s risk management program. Which of the following should be the PRIMARY driver of the enterprise IT risk appetite?
An IS auditor is concerned that unauthorized access to a highly sensitive data center might be gained by piggybacking or tailgating. Which of the following is the BEST recommendation? (Choose Correct answer and give explanation from CISA Certification - Information Systems Auditor official book)
When designing metrics for information security, the MOST important consideration is that the metrics:
After areas have been appropriately scoped, what is the IS auditor ' s NEXT step in the selection for sampling?
Before the release of a new application into an organization’s production environment, which of the following should be in place to ensure that proper testing has occurred and rollback plans are in place?
Which of the following should an IS auditor recommend be done FIRST when an organization is made aware of a new regulation that is likely to impact IT security requirements?
Which of the following is the GREATEST advantage of maintaining an internal IS audit function within an organization?
The use of control totals satisfies which of the following control objectives?
Which of the following BEST supports the effectiveness of a compliance program?
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization ' s payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management
experience. What is the BEST course of action?
While reviewing transactions, an IS auditor discovers inconsistencies in a relational database. Which of the following would be the auditor ' s BEST recommendation?
To help determine whether a controls-reliant approach to auditing financial systems in a company should be used, which sequence of IS audit work is MOST appropriate?
What is the MOST effective way to detect installation of unauthorized software packages by employees?
An organization has implemented a new data classification scheme and asks the IS auditor to evaluate its effectiveness. Which of the following would be of
GREATEST concern to the auditor?
Which type of attack poses the GREATEST risk to an organization ' s most sensitive data?
An organization relies on an external vendor that uses a cloud-based Software as a Service (SaaS) model to back up its data. Which of the following is the GREATEST risk to the organization related to data backup and retrieval?
Which of the following is the GREATEST risk of using a reciprocal site for disaster recovery?
Which type of control has been established when an organization implements a security information and event management (SIEM) system?
An IS auditor would MOST likely recommend that IT management use a balanced scorecard to:
Which of the following is an objective of IT project portfolio management?
An IS auditor observes that a large number of departed employees have not been removed from the accounts payable system. Which of the following is MOST important to determine in order to assess the risk1?
Which of the following is the PRIMARY reason for an IS audit manager to review the work performed by a senior IS auditor prior to presentation of a report?
During an audit of payment services of a branch based in a foreign country, a large global bank ' s audit team identifies an opportunity to use data analytics techniques to identify abnormal payments. Which of the following is the team ' s MOST important course of action?
Which of the following security measures is MOST important for protecting Internet of Things (IoT) devices from potential cyberattacks?
Which of the following would the IS auditor MOST likely review to determine whether modifications to the operating system parameters were authorized?
Which of the following metrics BEST demonstrates the effectiveness of an organization’s privacy program?
Management receives information indicating a high level of risk associated with potential flooding near the organization ' s data center within the next few years. As a result, a decision has been made to move data center operations to another facility on higher ground. Which approach has been adopted?
An IS auditor extracts data from a travel and expenses system to determine whether employees are using the organization’s car for personal use. What type of audit is being performed?
Which of the following BEST demonstrates alignment of the IT department with the corporate mission?
An IT strategic plan that BEST leverages IT in achieving organizational goals will include:
Which of the following will MOST likely compromise the control provided By a digital signature created using RSA encryption?
Which of the following is the PRIMARY objective of implementing privacy-related controls within an organization?
A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor ' s BEST recommendation to facilitate compliance with the regulation?
Which of the following should be the PRIMARY focus when communicating an IS audit issue to management?
During a follow-up audit, an IS auditor finds that some critical recommendations have not been addressed, as management has decided to accept the risk. Which of the following is the IS auditors BEST course of action?
Which of the following is the MOST effective way for an organization to help ensure agreed-upon action plans from an IS audit will be implemented?
During the review of a system disruption incident, an IS auditor notes that IT support staff were put in a position to make decisions beyond their level of authority.
Which of the following is the BEST recommendation to help prevent this situation in the future?
Which of the following would be an IS auditor ' s GREATEST concern when reviewing the organization ' s business continuity plan (BCP)?
Which of the following is MOST helpful in identifying system performance constraints?
Which of the following is MOST important for an IS auditor to assess during a post-implementation review of a newly modified IT application developed in-house?
When assessing whether an organization ' s IT performance measures are comparable to other organizations in the same industry, which of the following would be MOST helpful to review?
Which of the following would be an IS auditor’s GREATEST concern when reviewing the configuration management process?
Which of the following responses to risk associated with segregation of duties would incur the LOWEST initial cost?
Which of the following is the MOST significant risk that IS auditors are required to consider for each engagement?
Which of the following is the BEST way to ensure an organization ' s data classification policies are preserved during the process of data transformation?
Which of following areas is MOST important for an IS auditor to focus on when reviewing the maturity model for a technology organization?
Which of the following controls BEST ensures appropriate segregation of dudes within an accounts payable department?
Several unattended laptops containing sensitive customer data were stolen from personnel offices Which of the following would be an IS auditor ' s BEST recommendation to protect data in case of recurrence?
During the implementation of an enterprise resource planning (ERP) system, an IS auditor is reviewing the results of user acceptance testing (UAT). Which of the following should be the auditor’s PRIMARY focus?
Retention periods and conditions for the destruction of personal data should be determined by the.
Management has decided to accept a risk in response to a draft audit recommendation. Which of the following should be the IS auditor’s NEXT course of action?
In a public key cryptographic system, which of the following is the PRIMARY requirement to address the risk of man-in-the-middle attacks through spoofing?
Which of the following is MOST important for an IS auditor to do during an exit meeting with an auditee?
An IS auditor reviewing an organization’s online payment system finds that the system sometimes duplicates payments. Which control will BEST compensate for this weakness?
When is it MOST important for an IS auditor to apply the concept of materiality in an audit?
Which of the following is MOST important to ensure that electronic evidence collected during a forensic investigation will be admissible in future legal proceedings?
During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:
Which of the following is the PRIMARY reason for implementing continuous auditing?
Which of the following is the BEST source of organizational direction on when to use cloud services?
An IS auditor is reviewing the disaster recovery plan (DRP) of an organization with offices across multiple regions. Which of the following should be the auditor ' s PRIMARY focus?
Which of the following methods provides the MOST reliable audit evidence?
An organization plans to replace its nightly batch processing backup to magnetic tape with real-time replication to a second data center. Which of the following is the GREATEST risk associated with this change?
Which of the following is the MOST effective control to mitigate unintentional misuse of authorized access?
An IS auditor is assigned to perform a post-implementation review of an application system. Which of the following would impair the auditor’s independence?
Which of the following should be of MOST concern to an IS auditor reviewing the information systems acquisition, development, and implementation process?
Secure code reviews as part of a continuous deployment program are which type of control?
To ensure the organization is able to centrally manage mobile devices to protect against data disclosure, it is MOST important for an IS auditor to determine whether:
Which of the following helps to ensure the integrity of data for a system interface?
A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?
Transaction records from a business database were inadvertently deleted, and system operators decided to restore from a snapshot copy. Which of the following provides assurance that the BEST transactions were recovered successfully?
During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective. Which of the following is the auditor ' s BEST action?
Which of the following is the BEST indication that an information security awareness program is effective?
While conducting a follow-up on an asset management audit, the IS auditor finds paid invoices for IT devices not recorded in the organization ' s inventory. Which of the following is the auditor ' s BEST course of action?
When reviewing the disaster recovery strategy, IT management identified an application that requires a short recovery point objective (RPO). Which of the following data restoration strategies would BEST enable the organization to meet this objective?
An IS auditor wants to determine who has oversight of staff performing a specific task and is referencing the organization ' s RACI chart. Which of the following roles within the chart would provide this information?
As part of business continuity planning, which of the following is MOST important to assess when conducting a business impact analysis (B1A)?
Which of the following risks is BEST mitigated by implementing an automated three-way match?
An IS auditor is assessing backup performance and observes that the system administrator manually initiates backups during unexpected peak usage. Which of the following is the auditor ' s BEST course of action?
An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported. The auditee has stated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?
Management has requested a post-implementation review of a newly implemented purchasing package to determine to what extent business requirements are being met. Which of the following is MOST likely to be assessed?
Which of the following is an IS auditor’s BEST approach when low-risk anomalies have been identified?
During the course of an IS audit, management verbally agreed with an issue identified by the IS auditor. However, when presented in a draft report, management disagreed with the finding. What should the auditor do NEXT?
Which of the following should be considered when examining fire suppression systems as part of a data center environmental controls review?
Which of the following should be the MOST important consideration when conducting a review of IT portfolio management?
Which of the following would be the GREATEST concern to an IS auditor when reviewing the outsourcing contract for an organization ' s cloud service provider?
An audit identified that a computer system is not assigning sequential purchase order numbers to order requests. The IS auditor is conducting an audit follow-up to determine if management has reserved this finding. Which of two following is the MOST reliable follow-up procedure?
Which of the following is the MOST important consideration when implementing a Zero Trust strategy for mobile, wireless, and Internet of Things (IoT) devices?
Which of the following is the BEST way to sanitize a hard disk for reuse to ensure the organization ' s information cannot be accessed?
Which of the following provides the BEST evidence of the validity and integrity of logs in an organization ' s security information and event management (SIEM) system?
A sample for testing must include the 80 largest client balances and a random sample of the rest. What should the IS auditor recommend?
Which of the following is the MOST important privacy consideration for an organization that uses a cloud service provider to process customer data?
What is the GREATEST concern for an IS auditor reviewing contracts for licensed software that executes a critical business process?
An IS auditor observes that a business-critical application does not currently have any level of fault tolerance. Which of the following is the GREATEST concern with this situation?
Which of the following should be the FIRST step in the incident response process for a suspected breach?
What should be the PRIMARY focus during a review of a business process improvement project?
Which of the following findings from a network security review presents the GREATEST risk to the organization?
Which of the following is the PRIMARY reason an IS auditor should discuss observations with management before delivering a final report?
Which of the following is the GREATEST concern when applying emergency patches?
An IS auditor concludes that logging and monitoring mechanisms within an organization are ineffective because critical servers are not included within the central log repository. Which of the following audit procedures would have MOST likely identified this exception?
Which of the following should an IS auditor be MOST concerned with during a post-implementation review?
Which of the following must be in place before an IS auditor initiates audit follow-up activities?
Which of the following BEST enables an organization to improve the visibility of end-user computing (EUC) applications that support regulatory reporting?
Which of the following is the BEST method to prevent wire transfer fraud by bank employees?
Which of the following is the MOST effective way for an IS auditor to ensure information is preserved when conducting a forensic investigation?
An IS auditor is planning a review of an organizations cybersecurity incident response maturity Which of the following methodologies would provide the MOST reliable conclusions?
Which of the following BEST enables an IS auditor to confirm the batch processing to post transactions from an input source is successful?
Which of the following provides the MOST assurance over the completeness and accuracy ol loan application processing with respect to the implementation of a new system?
Which of the following is the BEST reason for an IS auditor to emphasize to management the importance of using an IT governance framework?
Which of the following is the MOST effective way to ensure adequate system resources are available for high-priority activities?
When developing customer-facing IT applications, in which stage of the system development life cycle (SDLC) is it MOST beneficial to consider data privacy principles?
Which of the following is MOST important for an IS auditor to validate when auditing network device management?
The PRIMARY reason to perform a capacity management review of technology resources is to ensure that:
Which of the following is the BEST way to prevent social engineering incidents?
An IS auditor has been asked to review the integrity of data transfer between two business-critical systems that have not been tested since implementation. Which of the following would provide the MOST useful information to plan an audit?
When evaluating whether the expected benefits of a project have been achieved, it is MOST important for an IS auditor to review:
What is the PRIMARY purpose of performing a parallel run of a now system?
An IS auditor is conducting a physical security audit of a healthcare facility and finds closed-circuit television (CCTV) systems located in a patient care area. Which of the following is the GREATEST concern?
A bank has a combination of corporate customer accounts (higher monetary value) and small business accounts (lower monetary value) as part of online banking. Which of the following is the BEST sampling approach for an IS auditor to use for these accounts?
Which of the following should be of MOST concern to an IS auditor reviewing the public key infrastructure (PKI) for enterprise email?
Which of the following is the BEST source of information tor an IS auditor to use when determining whether an organization ' s information security policy is adequate?
Which of the following features of a library control software package would protect against unauthorized updating of source code?
IT management has accepted the risk associated with an IS auditor ' s finding due to the cost and complexity of the corrective actions. Which of the following should be the auditor ' s NEXT course of action?
Which of the following is MOST important to include in a feasibility study when developing a business case for an IT investment?
Which of the following is the GREATEST risk associated with lack of IT involvement in the organization ' s strategic planning initiatives?
Which of the following should an IS auditor review when evaluating information systems governance for a large organization?
An IS auditor has discovered that a software system still in regular use is outdated and no longer supported. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?
Which of the following controls is MOST crucial to ensure an organization will be able to recover its data from backup media in the event of a disaster?
An organization ' s security policy mandates that all new employees must receive appropriate security awareness training. Which of the following metrics would BEST assure compliance with this policy?
An organization has partnered with a third party to transport backup drives to an offsite storage facility. Which of the following is MOST important before sending the drives?
Which of the following observations should be of GREATEST concern to an IS auditor performing an audit of change and release management controls for a new complex system developed by a small in-house IT team?
Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organization ' s information security policy?
Which type of attack targets security vulnerabilities in web applications to gain access to data sets?
In an area susceptible to unexpected increases in electrical power, which of the following would MOST effectively protect the system?
What is the BEST way to reduce the risk of inaccurate or misleading data proliferating through business intelligence systems?
An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?
Which of the following is the BEST method for converting system-generated log files into a format suitable for data analysis?
An IS auditor discovers that due to resource constraints a database administrator (DBA) is responsible for developing and executing changes into the production environment Which ot the following should the auditor do FIRSTS
Which of the following is the GREATEST risk associated with hypervisors in virtual environments?
An IS auditor follows up on a recent security incident and finds the incident response was not adequate. Which of the following findings should be considered MOST critical?
When assessing the overall effectiveness of an organization ' s disaster recovery planning process, which of the following is MOST important for the IS auditor to verify?
Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization ' s data loss prevention (DLP) controls?
An organization has recently become aware of a pervasive chip-level security vulnerability that affects all of its processors. Which of the following is the BEST way to prevent this vulnerability from being exploited?
When physical destruction IS not practical, which of the following is the MOST effective means of disposing of sensitive data on a hard disk?
An organization has virtualized its server environment without making any other changes to the network or security infrastructure. Which of the following is the MOST significant risk?
An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?
Which of the following should be restricted from a network administrator ' s privileges in an adequately segregated IT environment?
An IS auditor is reviewing a machine learning algorithm-based system for loan approvals and is preparing a data set to test the algorithm for bias. Which of the following is MOST important for the auditor’s test data set to include?
The decision to accept an IT control risk related to data quality should be the responsibility of the:
An IS auditor is reviewing the operational database management of an organization that uses cloud systems for hosting. Which of the following should be the auditor ' s PRIMARY area of focus?
Which of the following environments is BEST used for copying data and transformation into a compatible data warehouse format?
An IS auditor finds that a number of key patches have not been applied in a timely manner due to re-source constraints. Which of the following is the GREATEST risk to the organization in this
situation?
Who is PRIMARILY responsible for the design of IT controls to meet control objectives?
Which of the following is the GREATEST risk of project dashboards being set without sufficiently defined criteria?
The use of which of the following would BEST enhance a process improvement program?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS audit has been asked to conduct a control assessment. the auditor ' s BEST course of action would be to determine if:
Which of the following observations should be of GREATEST concern to an IS auditor reviewing an organization ' s enterprise architecture (EA) program?
Which of the following provides a new IS auditor with the MOST useful information to evaluate overall IT performance?
Results from which of the following would BEST provide assurance to a governing body that an organization’s information system controls have been reviewed objectively?
During a routine internal software licensing review, an IS auditor discovers instances where employees shared license keys to critical pieces of business software. Which of the following would be the auditor ' s BEST course of action?
An IS auditor requests direct access to data required to perform audit procedures instead of asking management to provide the data Which of the following is the PRIMARY advantage of this approach?
Which of the following should an organization do FIRST when an employee is terminated for fraudulent activity?
An IS auditor reviewing security incident processes realizes incidents are resolved and closed, but root causes are not investigated. Which of the following should be the MAJOR concern with this situation?
Which of the following is the MOST efficient way to identify segregation of duties violations in a new system?
An employee loses a mobile device resulting in loss of sensitive corporate data. Which o( the following would have BEST prevented data leakage?
Which of the following presents the GREATEST risk to an organization ' s ability to manage quality control (QC) processes?
A staff accountant regularly uploads spreadsheets with inventory levels to the organization ' s financial reporting system. The transfers are executed through a customized interface created by an in-house developer. Which of the following is MOST important for the IS auditor to confirm during a review of the interface?
An IS auditor is reviewing processes for importing market price data from external data providers. Which of the following findings should the auditor consider MOST critical?
A white box testing method is applicable with which of the following testing processes?
Which of the following provides the MOST useful information to an IS auditor when selecting projects for inclusion in an IT audit plan?
Which of the following is the BEST way to identify key areas for a risk-based audit plan?
Which of the following BEST helps to ensure data integrity across system interfaces?
Which of the following would be the GREATEST concern for an IS auditor conducting a pre-implementation review of a data loss prevention (DLP > tool?
Which of the following network topologies will provide the GREATEST fault tolerance?
Which of the following is the PRIMARY purpose of a business impact analysts (BIA) in an organization ' s overall risk management strategy?
An organization has decided to build a data warehouse using source data from several disparate systems to support strategic decision-making.
Which of the following is the BEST way to ensure the accuracy and completeness of the data used to support business decisions?
Which of the following is the MOST appropriate indicator of change management effectiveness?
Which of the following observations should be of GREATEST concern to an IS auditor assessing access controls for the accounts payable module of a finance system?
Which of the following is the MOST effective control when granting access to a service provider for a ctoud-6ased application?
An IS auditor is reviewing documentation from a change that was applied to an application. Which of the following findings would be the GREATEST concern?
Which of the following BEST indicates the effectiveness of an organization ' s risk management program?
An IS auditor discovers that validation controls in a web application have been moved from the server side into the browser to boost performance. This would MOST likely increase the risk of a successful attack by:
An IS auditor notes the transaction processing times in an order processing system have significantly increased after a major release. Which of the following should the IS auditor review FIRST?
Which of the following key performance indicators (KPIs) provides stakeholders with the MOST useful information about whether information security risk is being managed?
Having knowledge in which of the following areas is MOST relevant for an IS auditor reviewing public key infrastructure (PKI)?
Which of the following provides the MOST comprehensive information about inherent risk within an organization?
A manager Identifies active privileged accounts belonging to staff who have left the organization. Which of the following is the threat actor In this scenario?
Which of the following is the MOST cost-effective way to determine the effectiveness of a business continuity plan (BCP)?
An IS auditor learns that a business owner violated the organization ' s security policy by creating a web page with access to production data. The auditor ' s NEXT step should be to:
During the implementation of an upgraded enterprise resource planning (ERP) system, which of the following is the MOST important consideration for a go-live decision?
A review of IT interface controls finds an organization does not have a process to identify and correct records that do not get transferred to the receiving system Which of the following is the IS auditors BEST recommendation?
Which of the following BEST describes the concept of fault tolerance in system resiliency?
Which of the following audit procedures would provide the BEST assurance that an application program is functioning as designed?
The management of a small e-commerce firm is concerned about the impact of AI adoption on its intellectual property. Which of the following BEST addresses this concern?
Which of the following should be the PRIMARY consideration when incorporating user training and awareness into a data loss prevention (DLP) strategy?
An IS auditor is planning a review of an organizations robotic process automation (RPA) technology. Which of the following MUST be included in the audit work plan?
Which of the following controls helps to ensure that data extraction queries run by the database administrator (DBA) are monitored?
Which of the following roles is PRIMARILY responsible for mitigating the risk of benefits not being realized in an IT project?
Which of the following BEST facilitates the successful implementation of IT performance monitoring?
An IS auditor noted a recent production incident in which a teller transaction system incorrectly charged fees to customers due to a defect from a recent release. Which of the following should be the auditor ' s NEXT step?
Which of the following should be done FIRST when planning to conduct internal and external penetration testing for a client?
Which of the following poses the GREATEST potential concern for an organization that decides to consolidate mission-critical applications on a large server as part of IT capacity management?
An IS auditor notes that several employees are spending an excessive amount of time using social media sites for personal reasons. Which of the following should the auditor recommend be performed FIRST?
Which of the following is MOST important for an IS auditor to consider when performing the risk assessment poor to an audit engagement?
Which of the following BEST demonstrates to senior management and the board that an audit function is compliant with standards and the code of ethics?
Which of the following is the MOST efficient control to reduce the risk associated with a systems administrator having network administrator responsibilities?
Which of the following is MOST important to successfully implement a corporate data classification program?
Which of the following would be MOST important to include in an IS audit report?
Which type of testing is used to identify security vulnerabilities in source code in the development environment?
When auditing the security architecture of an online application, an IS auditor should FIRST review the:
Which of the following attack techniques will succeed because of an inherent security weakness in an Internet firewall?
Which of the following should an IS auditor consider the MOST significant risk associated with a new health records system that replaces a legacy system?
Which of the following is the MOST important advantage of participating in beta testing of software products?
An organization has purchased a new cloud-based application from a vendor. Which of the following should be the FIRST consideration when implementing the system?
Which of the following should be of GREATEST concern to an IS auditor when auditing an organization ' s IT strategy development process?
An organization allows its employees lo use personal mobile devices for work. Which of the following would BEST maintain information security without compromising employee privacy?
Which of the following security risks can be reduced by a property configured network firewall?
Which of the following should an IS auditor consider FIRST when evaluating firewall rules?
Which of the following should be used as the PRIMARY basis for prioritizing IT projects and initiatives?
An organization is planning an acquisition and has engaged an IS auditor lo evaluate the IT governance framework of the target company. Which of the following would be MOST helpful In determining the effectiveness of the framework?
Which of the following is the BEST indicator of the effectiveness of signature-based intrusion detection systems (lDS)?
Which of the following is the BEST compensating control against separation of duties conflicts in new code development?
Which of the following is the MOST important consideration when defining an operational log management strategy?
Which of the following is the PRIMARY reason for using a digital signature?
An organization has both an IT strategy committee and an IT steering committee. When reviewing the minutes of the IT steering committee, an IS auditor would expect to find that the
committee:
An IS auditor is reviewing a data conversion project. Which of the following is the auditor ' s BEST recommendation prior to go-live?
Which of the following is an IS auditor ' s BEST recommendation to help an organization increase the efficiency of computing resources?
Which of the following represents the HIGHEST level of maturity of an information security program?
An IS auditor is providing input to an RFP to acquire a financial application system. Which of the following is MOST important for the auditor to recommend?
Which of the following provides the MOST assurance of the integrity of a firewall log?
Which of the following is MOST effective in keeping a database management system (DBMS) at maximum performance?
Which of the following management decisions presents the GREATEST risk associated with data leakage?
Which of the following is the MAIN purpose of an information security management system?
A new regulation has been enacted that mandates specific information security practices for the protection of customer data. Which of the following is MOST useful for an IS auditor to review when auditing against the regulation?
Which of the following is the BEST detective control for a job scheduling process involving data transmission?
A review of an organization ' s enterprise architecture (EA) BEST enables an IS auditor to determine:
The waterfall life cycle model of software development is BEST suited for which of the following situations?
Which of the following is the MOST effective way to maintain network integrity when using mobile devices?
An IS auditor learns of a new regulation which imposes penalties based on the number of individuals whose personally identifiable information (PII) is exposed by a security breach. What would be the BEST recommendation to help the organization limit the liability associated with a breach to its customer information database?
When evaluating the design of controls related to network monitoring, which of the following is MOST important for an IS auditor to review?
An IS auditor is following up on prior period items and finds management did not address an audit finding. Which of the following should be the IS auditor ' s NEXT course of action?
During the planning stage of a compliance audit, an IS auditor discovers that a bank ' s inventory of compliance requirements does not include recent regulatory changes related to managing data risk. What should the auditor do FIRST?
An organization has recently moved to an agile model for deploying custom code to its in-house accounting software system. When reviewing the procedures in place for production code deployment, which of the following is the MOST significant security concern to address?
Which of the following approaches would present the GREATEST concern for the implementation of a quality assurance (QA) function?
Which of the following responses to risk associated with separation of duties would incur the LOWEST initial cost?
An IS audit team is evaluating documentation of the most recent application user access review. It is determined that the user list was not system generated. Which of the following should be of
MOST concern?
An organization is disposing of removable onsite media which contains sensitive information. Which of the following is the MOST effective method to prevent disclosure of sensitive data?
Which of the following is the BEST compensating control against segregation of duties conflicts in new code development?
What is the MAIN purpose of an organization ' s internal IS audit function?
An IS auditor learns that an organization did not conduct any penetration testing over one internet-facing webpage prior to of the following is the auditor ' s BEST course of action?
Which of the following staff should an IS auditor interview FIRST to obtain a general overview of the various technologies used across different programs?
Which of the following recommendations would BEST prevent the implementation of IT projects without collaborating with the business?
Which of the following is the MOST important course of action to ensure a cloud access security broker (CASB) effectively detects and responds to threats?
If a recent release of a program has to be backed out of production, the corresponding changes within the delta version of the code should be:
Which of the following provides the MOST protection against emerging threats?
Which of the following is the MOST important consideration for patching mission critical business application servers against known vulnerabilities?
Which of the following will BEST ensure that archived electronic information of permanent importance remains accessible over time?
Which of the following criteria is MOST important for the successful delivery of benefits from an IT project?
An IS auditor Is renewing the deployment of a new automated system Which of the following findings presents the MOST significant risk?
An IS auditor finds that capacity management for a key system is being performed by IT with no input from the business The auditor ' s PRIMARY concern would be:
Which of the following would present the GREATEST concern during a review of internal audit quality assurance (QA) and continuous improvement processes?
An IS auditor is tasked to review an organization ' s plan-do-check-act (PDCA) method for improving IT-related processes and wants to determine the accuracy of defined targets to be achieved. Which of the following steps in the PDCA process should the auditor PRIMARILY focus on in this situation?
Which of the following approaches BEST enables an IS auditor to detect security vulnerabilities within an application?
Which of the following should be the PRIMARY objective of conducting an audit follow-up of management action plans?
An IS auditor wants to gain a better understanding of an organization’s selected IT operating system software. Which of the following would be MOST helpful to review?
During a pre-implementation review, an IS auditor notes that some scenarios have not been tested. Management has indicated that the project is critical and cannot be postponed. Which of the following is the auditor ' s BEST course of action?
Which of the following is MOST important for the successful establishment of a security vulnerability management program?
Upon completion of a penetration test with findings for an IT system, the NEXT step should be:
Which of the following would BEST detect that a distributed denial of service (DDoS) attack is occurring?
Which of the following is an example of a preventive control for physical access?
Which of the following would BEST facilitate the successful implementation of an IT-related framework?
Users are complaining that a newly released enterprise resource planning (ERP) system is functioning too slowly. Which of the following tests during the quality assurance (QA) phase would have identified this concern?
Which of the following is the BEST way to foster continuous improvement of IS audit processes and practices?
Which of the following is MOST critical to the success of an information security program?
Which of the following is the GREATEST risk associated with security patches being automatically downloaded and applied to production servers?
Which of the following should be of MOST concern to an IS auditor when reviewing an intrusion detection system (IDS)?
An IS auditor is evaluating the risk associated with moving from one database management system (DBMS) to another. Which of the following would be MOST helpful to ensure the integrity of the system throughout the change?
When reviewing an organization ' s information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of:
A proper audit trail of changes to server start-up procedures would include evidence of:
Which of the following protocols should be used when transferring data via the internet?
An IS auditor reviewing an organization’s IT systems finds that the organization frequently purchases systems that are incompatible with the technologies already in the organization. Which of the following is the MOST likely reason?
Which of the following should an IS auditor expect to see in a network vulnerability assessment?
Which of the following is the BEST indicator that a third-party vendor adheres to the controls required by the organization?
During a review, an IS auditor discovers that corporate users are able to access cloud-based applications and data from any Internet-connected web browser. Which of the following is the
auditor ' s BEST recommendation to help prevent unauthorized access?
An organization that processes credit card information employs a remote workforce. Which of the following is the MOST effective way to mitigate risk associated with data exfiltration?
Which of the following is the MOST important determining factor when establishing appropriate timeframes for follow-up activities related to audit findings?
Which of the following should an IS auditor review FIRST when planning a customer data privacy audit?
When a data center is attempting to restore computing facilities at an alternative site following a disaster, which of the following should be restored FIRST?
To protect the organization from malware transmitted by physical media, IT administrators have disabled USB access for storage devices. Which of the following BEST describes this type of control?
Which of the following BEST enables a benefits realization process for a system development project?
Which of the following provides the BE ST method for maintaining the security of corporate applications pushed to employee-owned mobile devices?
Which of the following is an example of a preventative control in an accounts payable system?
Which of the following parameters reflects the risk threshold for an organization experiencing a service disruption?
What Is the BEST method to determine if IT resource spending is aligned with planned project spending?
Spreadsheets are used to calculate project cost estimates. Totals for each cost category are then keyed into the job-costing system. What is the BEST control to ensure that data is accurately entered into the system?
An organization is permanently transitioning from onsite to fully remote business operations. When should the existing business impact analysis (BIA) be reviewed?
Which of the following is MOST important to determine during the planning phase of a cloud-based messaging and collaboration platform acquisition?
Using swipe cards to limit employee access to restricted areas requires implementing which additional control?
Which of the following would be an auditor ' s GREATEST concern when reviewing data inputs from spreadsheets into the core finance system?
Which of the following should be the GREATEST concern for an IS auditor reviewing recent disaster recovery operations?
Which of the following activities provides an IS auditor with the MOST insight regarding potential single person dependencies that might exist within the organization?
An IS auditor is asked to provide feedback on the systems options analysis for a new project. The BEST course of action for the IS auditor would be to:
Which of the following is MOST important when creating a forensic image of a hard drive?
Which of the following is the BEST methodology to use for estimating the complexity of developing a large business application?
An IS auditor is reviewing desktop software profiles and notes that a user has downloaded and installed several games that are not approved by the company. Which of the following is the MOST significant risk that could result from this situation?
Which of the following should an IS auditor do FIRST when auditing a robotics process automation (RPA) implementation?
Which of the following BEST enables a governing body to monitor IT performance based on metrics?
When planning an audit to assess application controls of a cloud-based system, it is MOST important tor the IS auditor to understand the.
An IS auditor has been tasked with analyzing an organization ' s capital expenditures against its repair and maintenance costs. Which of the following is the BEST reason to use a data analytics tool for this purpose?
Which of the following is MOST important for an IS auditor to look
for in a project feasibility study?
An IT governance body wants to determine whether IT service delivery is based on consistently effective processes. Which of the following is the BEST approach?
Which of the following is the PRIMARY objective of enterprise architecture (EA)?
Which of the following security measures will reduce the risk of propagation when a cyberattack occurs?
Which of the following is MOST useful for determining the strategy for IT portfolio management?
Which of the following should be the PRIMARY purpose of conducting tabletop exercises when re-viewing a security incident response plan?
Which of the following metrics would BEST measure the agility of an organization ' s IT function?
Which of the following provides the MOST reliable method of preventing unauthonzed logon?
Which of the following is necessary for effective risk management in IT governance?
Which of the following is the PRIMARY purpose of conducting a control self-assessment (CSA)?
Which of the following establishes the PRIMARY difference between a business continuity plan (BCP) and a disaster recovery plan (DRP)?
When planning a review of IT governance, an IS auditor is MOST likely to:
Which of the following presents the GREATEST risk of data leakage in the cloud environment?
A web application is developed in-house by an organization. Which of the following would provide the BEST evidence to an IS auditor that the application is secure from external attack?
An IS auditor who was instrumental in designing an application is called upon to review the application. The auditor should:
An IS auditor is examining a front-end subledger and a main ledger. Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?
Which of the following constitutes an effective detective control in a distributed processing environment?
An IS auditor has been asked to provide support to the control self-assessment (CSA) program. Which of the following BEST represents the scope of the auditor’s role in the program?
Email required for business purposes is being stored on employees ' personal devices.
Which of the following is an IS auditor ' s BEST recommendation?
Which of the following is the GREATEST risk if two users have concurrent access to the same database record?
Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?
A new system is being developed externally for an organization. Which of the following is the MOST important requirement to include in the vendor contract to ensure service continuity?
Which of the following is the BEST metric to measure the quality of software developed in an organization?
Which of the following is the BEST sampling method to use when relatively few errors are expected to be found in a population?
A financial organization has learned that one of its business partners utilizes a cloud solution extending servers to several foreign countries. Which of the following should be of GREATEST concern to the organization?
An IS auditor has been tasked with auditing the inventory control process for a large organization that processes millions of data transactions. Which of the following is the BEST testing strategy to adopt?
Which of the following is an IS auditor’s BEST approach to obtain assurance that an organization’s IT policies have been effectively implemented?
An IS auditor wants to verify alignment of the organization ' s business continuity plan (BCP) with the business strategy. Which of the following would be MOST helpful to review?
Which of the following is the MOST important outcome of an information security program?
Which of the following should be the FIRST step in a data migration project?
Aligning IT strategy with business strategy PRIMARILY helps an organization to:
Which of the following is the BEST way to prevent social engineering incidents?
An IS auditor discovers that backups of critical systems are not being performed in accordance with the recovery point objective (RPO) established in the business continuity plan (BCP). What should the auditor do NEXT?
Which of the following statements appearing in an organization ' s acceptable use policy BEST demonstrates alignment with data classification standards related to the protection of information assets?
For security awareness training to be MOST effective, management should ensure the training:
Which of the following is the BEST audit procedure to determine whether a firewall is configured in compliance with the organization ' s security policy?
Which of the following is the MOST important consideration for a contingency facility?
Which of the following BEST ensures the quality and integrity of test procedures used in audit analytics?
Which of the following would present the GREATEST concern during a review of internal audit quality assurance (QA) and continuous improvement processes?
Which of the following provides the MOST useful information for performing a business impact analysis (B1A)?
Which of the following documents should specify roles and responsibilities within an IT audit organization?
An IS auditor is reviewing database fields updated in real-time and displayed through other applications in multiple organizational functions. When validating business approval for these various use cases, which of the following sources of information would be the BEST starting point?
Which of the following technologies is BEST suited to fulfill a business requirement for nonrepudiation of business-to-business transactions with external parties without the need for a mutually trusted entity?
Which of the following technologies BEST assists in protection of digital evidence as part of forensic investigation acquisition?
An IS auditor discovers a box of hard drives in a secured location that are overdue for physical destruction. The vendor responsible for this task was never made aware of these hard drives.
Which of the following is the BEST course of action to address this issue?
During an IT governance audit, an IS auditor notes that IT policies and procedures are not regularly reviewed and updated. The GREATEST concern to the IS auditor is that policies and procedures might not:
Which of the following methods BEST enforces data leakage prevention in a multi-tenant cloud environment?
Which of the following observations should be of GREATEST concern to an IS auditor reviewing an organization’s enterprise architecture (EA) program?
Which of the following tests is MOST likely to detect an error in one subroutine resulting from a recent change in another subroutine?
Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?
An organization is implementing a new system that supports a month-end business process. Which of the following implementation strategies would be MOST efficient to decrease business downtime?
The PRIMARY reason to perform internal quality assurance (QA) for an internal audit function is to ensure:
Which of the following BEST enables an organization to improve the effectiveness of its incident response team?
Which of the following is the BEST way to ensure a vendor complies with system security requirements?
An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives. Which of the following findings should be the IS auditor ' s GREATEST concern?
Which of the following should be the FRST step when developing a data toes prevention (DIP) solution for a large organization?
Which of the following controls BEST ensures appropriate segregation of duties within an accounts payable department?
Which of the following is the MOST important area of focus for an IS auditor assessing the management of cryptographic keys in a public key infrastructure (PKI)?
An IS auditor has been asked to assess the security of a recently migrated database system that contains personal and financial data for a bank ' s customers. Which of the following controls is MOST important for the auditor to confirm is in place?
Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?
The following findings are the result of an IS auditor ' s post-implementation review of a newly implemented system. Which of the following findings is of GREATEST significance?
Which of the following should an IS auditor recommend be done FIRST when an organization is planning to implement an IT compliance program?
A post-implementation review was conducted by issuing a survey to users. Which of the following should be of GREATEST concern to an IS auditor?
Which of the following should be an IS auditor’s PRIMARY focus when performing a post-implementation review for a critical IT project?
Which of the following weaknesses would have the GREATEST impact on the effective operation of a perimeter firewall?
What is the PRIMARY purpose of documenting audit objectives when preparing for an engagement?
Which of the following would BEST reduce the risk of application programming interface (API) unavailability?
Which of the following is the MOST important control for virtualized environments?
Which of the following BEST supports an organization ' s objective of restricting the use of removable storage devices by users?
Which of the following occurs during the issues management process for a system development project?
An IS auditor is reviewing a machine learning (ML) model that predicts the likelihood that a user will watch a certain movie. Which of the following would be of GREATEST concern to the auditor?
Which of the following is the PRIMARY advantage of using an automated security log monitoring tool instead of conducting a manual review to monitor the use of privileged access?
An IS auditor engaged in developing the annual internal audit plan learns that the chief information officer (CIO) has requested there be no IS audits in the upcoming year as more time is needed to address a large number of recommendations from the previous year. Which of the following should the auditor do FIRST
An IS auditor finds that a recently deployed application has a number of developers with inappropriate update access left over from the testing environment. Which of the following would have BEST prevented the update access from being migrated?
What would be the PRIMARY reason an IS auditor would recommend replacing universal PIN codes with an RFID access card system at a data center?
Which of the following is the PRIMARY role of an IS auditor in a control self-assessment (CSA)?
Which of the following is the BEST way to ensure that business continuity plans (BCPs) will work effectively in the event of a major disaster?
Which of the following should an IS auditor be MOST concerned with when reviewing the IT asset disposal process?
Which of the following should an IS auditor use when verifying a three-way match has occurred in an enterprise resource planning (ERR) system?
An internal audit team is deciding whether to use an audit management application hosted by a third party in a different country.
What should be the MOST important consideration related to the uploading of payroll audit documentation in the hosted
application?
Which of the following is the MOST important success factor for implementing a data loss prevention (DLP) tool?
Which of the following should be an IS auditor ' s PRIMARY focus when evaluating the response process for cybercrimes?
Which of the following poses the GREATEST risk to an organization when employees use public social networking sites?
Which of the following should be an IS auditor ' s GREATEST concern when reviewing an organization ' s security controls for policy compliance?
An IS auditor Is reviewing a recent security incident and is seeking information about me approval of a recent modification to a database system ' s security settings Where would the auditor MOST likely find this information?
To ensure confidentiality through the use of asymmetric encryption, a message is encrypted with which of the following?
When an intrusion into an organization network is deleted, which of the following should be done FIRST?
An IS auditor discovers that validation controls m a web application have been moved from the server side into the browser to boost performance This would MOST likely increase the risk of a successful attack by.
Which of the following BEST demonstrates that IT strategy Is aligned with organizational goals and objectives?
To reduce operational costs, IT management plans to reduce the number of servers currently used to run business applications. Which of the following is MOST helpful to review when identifying which servers are no longer required?
An IS auditor concludes that an organization has a quality security policy. Which of the following is MOST important to determine next? The policy must be:
The PRIMARY role of an IS auditor in the remediation of problems found during an audit engagement is to:
An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?
Which of the following will provide the GREATEST assurance to IT management that a quality management system (QMS) is effective?
An incorrect version of the source code was amended by a development team. This MOST likely indicates a weakness in:
The performance, risks, and capabilities of an IT infrastructure are BEST measured using a:
Which of the following would be of MOST concern to an IS auditor reviewing a data loss prevention (DLP) solution implementation for endpoints?
Prior to a follow-up engagement, an IS auditor learns that management has decided to accept a level of residual risk related to an audit finding without remediation. The IS auditor is concerned about management ' s decision. Which of the following should be the IS auditor ' s NEXT course of action?
An IS auditor is reviewing an organization ' s primary router access control list. Which of the following should result in a finding?
Which of the following non-audit activities may impair an IS auditor ' s independence and objectivity?
Which of the following should be identified FIRST during the risk assessment process?
How does public key infrastructure (PKI) help to verify that a digitally signed document is not a forgery?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
When reviewing a data classification scheme, it is MOST important for an IS auditor to determine if.
An organization has developed processes to recover critical files in the event of a ransomware attack. Which type of control do these processes represent?
When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor ' s BEST recommendation is to place an intrusion detection system (IDS) between the firewall and: