ExamTopics Flashcards
Which of the following should be of GREATEST concern to an IS auditor reviewing an organization’s business continuity plan (BCP)?
A. The BCP has not been tested since it was first issued.
B. The BCP is not version-controlled.
C. The BCP’s contact information needs to be updated.
D. The BCP has not been approved by senior management.
A. The BCP has not been tested since it was first issued.
Which of the following would be MOST useful when analyzing computer performance?
A. Tuning of system software to optimize resource usage.
B. Operations report of user dissatisfaction with response time.
C. Statistical metrics measuring capacity utilization.
D. Report of off-peak utilization and response time.
C. Statistical metrics measuring capacity utilization
Which of the following is the GREATEST risk if two users have concurrent access to the same database record?
A. Entity integrity
B. Availability integrity
C. Referential integrity
D. Data integrity
D. Data integrity
Which of the following is the MOST effective way for an organization to help ensure agreed-upon action plans from an IS audit will be implemented?
A. Ensure ownership is assigned.
B. Test corrective actions upon completion.
C. Ensure sufficient audit resources are allocated.
D. Communicate audit results organization-wide.
A. Ensure ownership is assigned.
Which of the following issues associated with a data center’s closed circuit television (CCTV) surveillance cameras should be of MOST concern to an IS auditor?
A. CCTV recordings are not regularly reviewed.
B. CCTV records are deleted after one year.
C. CCTV footage is not recorded 24 x 7.
D. CCTV cameras are not installed in break rooms.
A. CCTV recordings are not regularly reviewed.
Closed circuit television (CCTV) surveillance cameras are used in data centers to monitor the physical security of the facility. It is important for an IS auditor to ensure that the CCTV system is properly designed, implemented, and maintained to provide an effective level of security. Among the issues associated with CCTV surveillance cameras, the lack of regular review of CCTV recordings is the MOST concerning to an IS auditor.
Regular review of CCTV recordings is important for detecting and responding to security incidents or breaches. If the recordings are not regularly reviewed, potential security incidents may go undetected, which can lead to unauthorized access, theft, or other security breaches. Regular review of CCTV recordings is also important for compliance purposes, as it can help demonstrate compliance with regulations and industry standards.
An IS auditor has been asked to audit the proposed acquisition of new computer hardware. The auditor’s PRIMARY concern is that:
A. a clear business case has been established.
B. the new hardware meets established security standards.
C. a full, visible audit trail will be included.
D. the implementation plan meets user requirements.
A. a clear business case has been established.
To confirm integrity for a hashed message, the receiver should use:
A. the same hashing algorithm as the sender’s to create a binary image of the file.
B. a different hashing algorithm from the sender’s to create a numerical representation of the file.
C. a different hashing algorithm from the sender’s to create a binary image of the file.
D. the same hashing algorithm as the sender’s to create a numerical representation of the file.
D. the same hashing algorithm as the sender’s to create a numerical representation of the file.
To verify the integrity of a message or file, the receiver should use the same hashing algorithm that was used by the sender to create the original hash value. The receiver can then apply the same algorithm to the received message or file and compare the resulting hash value with the original hash value. If the hash values match, this indicates that the message or file has not been altered in transit.
An organization is implementing a new system that supports a month-end business process. Which of the following implementation strategies would be MOST efficient to decrease business downtime?
A. Cutover
B. Phased
C. Pilot
D. Parallel
C. Pilot
The pilot implementation strategy involves implementing the new system in a limited area or for a specific user group.
Which of the following should be the FIRST step in managing the impact of a recently discovered zero-day attack?
A. Estimating potential damage.
B. Identifying vulnerable assets.
C. Evaluating the likelihood of attack.
D. Assessing the impact of vulnerabilities.
B. Identifying vulnerable assets
he FIRST step in managing the impact of a recently discovered zero-day attack should be identifying vulnerable assets. This involves determining which systems and assets are potentially affected by the zero-day vulnerability, and prioritizing them based on their criticality and potential impact on the organization.
Once vulnerable assets have been identified, the organization can then take steps to mitigate the risk, such as applying vendor patches or workarounds, implementing compensating controls, or isolating or quarantining vulnerable systems.
After vulnerable assets have been identified and prioritized, the organization can then move on to other steps such as evaluating the likelihood of an attack, estimating potential damage, and assessing the impact of vulnerabilities.
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
A. Pilot testing
B. System testing
C. Integration testing
D. Unit testing
B. System testing
The BEST way to ensure that an application is performing according to its specifications is system testing.
System testing is a testing technique that evaluates the behavior of a complete, integrated system or application against its functional and non-functional requirements. It involves testing the entire system, including all components and subsystems, to ensure that they work together as intended and meet the specified requirements.
System testing can include a wide range of testing types, such as functional testing, performance testing, security testing, and usability testing. By performing comprehensive system testing, an organization can verify that the application meets its functional requirements, performs as expected under normal and abnormal conditions, and is secure and user-friendly.
While unit testing, integration testing, and pilot testing are all important testing techniques, they may not provide a complete picture of the application’s performance in a production environment. Unit testing only tests individual units of code, integration testing only verifies the interaction between components, and pilot testing only tests the application in a limited environment. System testing is necessary to ensure that the application works as intended in its entirety.
Which of the following would be MOST effective to protect information assets in a data center from theft by a vendor?
A. Conceal data devices and information labels.
B. Issue an access card to the vendor.
C. Monitor and restrict vendor activities.
D. Restrict use of portable and wireless devices.
C. Monitor and restrict vendor activities.
To protect information assets in a data center from theft by a vendor, the MOST effective measure would be to monitor and restrict vendor activities (option C). This involves implementing appropriate security controls and procedures to monitor and limit the access of vendors to data center facilities and information assets.
Restricting the use of portable and wireless devices (option D) may help prevent data leakage or unauthorized access, but it does not address the risk of theft by a vendor.
An employee loses a mobile device resulting in loss of sensitive corporate data. Which of the following would have BEST prevented data leakage?
A. Data encryption on the mobile device.
B. The triggering of remote data wipe capabilities.
C. Awareness training for mobile device users.
D. Complex password policy for mobile devices.
A. Data encryption on the mobile device.
During the evaluation of controls over a major application development project, the MOST effective use of an IS auditor’s time would be to review and evaluate:
A. cost-benefit analysis.
B. acceptance testing.
C. application test cases.
D. project plans.
C. application test cases.
Upon completion of audit work, an IS auditor should:
A. provide a report to the auditee stating the initial findings.
B. provide a report to senior management prior to discussion with the auditee.
C. distribute a summary of general findings to the members of the auditing team.
D. review the working papers with the auditee.
A. provide a report to the auditee stating the initial findings.
During an IT general controls audit of a high-risk area where both internal and external audit teams are reviewing the same areas simultaneously, which of the following is the BEST approach to optimize resources?
A. Leverage the work performed by external audit for the internal audit testing.
B. Ensure both the internal and external auditors perform the work simultaneously.
C. Roll forward the general controls audit to the subsequent audit year.
D. Request that the external audit team leverage the internal audit work.
A. Leverage the work performed by external audit for the internal audit testing.
