Topic 6: Exam Pool (Jul-Aug)
Which of the following is the MOST effective way for an IS auditor to evaluate the creation and deletion of
administrative accounts in a virtual environment?
A.
Review password management procedures
B.
Review accounts to determine access requirements.
C.
Review resource management for capacity performance.
D.
Review account provisioning and deprovisioning procedures.
Review account provisioning and deprovisioning procedures.
Which of the following is the MOST reliable network connection medium in an environment where there is
strong electromagnetic interface?
A.
Fiber optic cable
B.
Coaxial cable
C.
Shielded twisted-pair cable
D.
Wireless link
Fiber optic cable
An organization has begun using social media to communicate with current and potential clients. Which of the
following should be of PRIMARY concern to the auditor?
A.
Using a third-party provider to host and manage content
B.
Lack of guidance on appropriate social media usage and monitoring
C.
Negative posts by customers affecting the organization’s image
D.
Reduced productivity of stuff using social media
Lack of guidance on appropriate social media usage and monitoring
An IS auditor is planning a risk-based audit of the human resources department. The department uses separate
systems for its payroll, training
and employee performance review functions. What should the IS auditor do FIRST before identifying the key
controls to be tested?
A.
Determine the inherent risk related to each system.
B.
Determine the number of samples to be tested for each system.
C.
Assess the control risk associated with each system.
D.
Identify the technical skills and resources needed to audit each system.
Determine the inherent risk related to each system.
Which of the following will provide the GREATEST assurance to IT management that a quality management
system (QMS) is effective?
A.
A high percentage of stakeholders satisfied with the quality of IT
B.
A high percentageofincidents being quickly resolved
C.
A high percentage of IT employees attending quality training
D.
A high percentageof IT processes reviewed by quality assurance
A high percentageofincidents being quickly resolved
Which of the following is the BEST sampling method to use when estimating the rate of occurrence of a
specific quality in a population?
A.
Statistical sampling
B.
Discovery sampling
C.
Stop-or-go sampling
D.
Attribute sampling
Attribute sampling
When determining the specifications for a server supporting an online application using more than a hundred
endpoints, which of the following is the MOST important factor to be Considered?
A.
Cost-benefit comparison between the available systems
B.
High availability of different systems
C.
Transaction volume estimate during peak periods
D.
Reputation of the vendors and their customer base
Transaction volume estimate during peak periods
An IS auditor is following upon a finding that determined elevated administrator accounts for servers were not
being properly checked out and then back in after each use. Which of the following is the MOST appropriate
sampling technique to determine the scope of the problem?
A.
Stratified sampling
B.
Random sampling
C.
Attribute sampling
D.
Statistical sampling
Statistical sampling
Which of the following functions is MOST likely to be performed by an operating system utility residing on a
web server?
A.
Generating control totals for terminal devices such as point-of-sale devices
B.
Configuring network protocols
C.
Monitoring utilization activity and traffic patterns
D.
Sending and receiving terminal warnings and error messages
Monitoring utilization activity and traffic patterns
Which of the following mechanisms for process improvement involves examination of industry best practice?
A.
Continuous improvement
B.
Knowledge management
C.
Business process reengineering (BPR)
D.
Benchmarking
D18912E1457D5D1DDCBD40AB3BF70D5D
Benchmarking
D18912E1457D5D1DDCBD40AB3BF70D5D
Which of the following would provide the MOST useful input to IS audit management when developing an
action plan for improving internal audit's performance?
A.
Feedback from departments that have participated in IS audits
B.
Industry benchmarking analysis
C.
An external quality assessment review
D.
Results train an improvement initiative overseen by executive management
An external quality assessment review
Which of the following is MOST important for successful incident response?
A.
The timeless of attack recognition
B.
The ability to trace the source of the attack
C.
The quantity of data logged by the attack control tools
D.
Blocking the attack route immediately
The timeless of attack recognition
| Page 34 out of 85 Pages |
| 2122232425262728293031323334353637383940414243444546 |
| CISA Practice Test Home |
Real-World Scenario Mastery: Our CISA practice exam don't just test definitions. They present you with the same complex, scenario-based problems you'll encounter on the actual exam.
Strategic Weakness Identification: Each practice session reveals exactly where you stand. Discover which domains need more attention, before exam day arrives.
Confidence Through Familiarity: There's no substitute for knowing what to expect. When you've worked through our comprehensive CISA practice exam questions pool covering all topics, the real exam feels like just another practice session.
Copyright © All Rights Reserved