CISA exam

IS management has recently disabled certain referential integrity controls in the database management system (DBMS) software to provide users increased query performance. Which of the following controls will MOST effectively compensate for the lack of referential integrity?A . More frequent data backupsB . Periodic table link checksC . Concurrent access...

Which of the following BEST minimizes performance degradation of servers used to authenticate users of an e-commerce website?A . Configure a single server as a primary authentication server and a second server as a secondary authentication server.B . Configure each authentication server as belonging to a cluster of authentication servers.C...

An organization allows employees to retain confidential data on personal mobile devices. Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?A . Require employees to attend security awareness training.B . Password protect critical data files.C . Configure to auto-wipe...

Which of the following tests would provide the BEST assurance that a health care organization is handling patient data appropriately?A . Compliance with action plans resulting from recent auditsB . Compliance with local laws and regulationsC . Compliance with industry standards and best practiceD . Compliance with the organization's policies...

Prior to a follow-up engagement, an IS auditor learns that management has decided to accept a level of residual risk related to an audit finding without remediation. The IS auditor is concerned about management's decision. Which of the following should be the IS auditor's NEXT course of action?A . Accept...

What should be the PRIMARY basis for selecting which IS audits to perform in the coming year?A . Senior management's requestB . Prior year's audit findingsC . Organizational risk assessmentD . Previous audit coverage and scopeView AnswerAnswer: C Explanation: The primary basis for selecting which IS audits to perform in...

An IS audit reveals that an organization is not proactively addressing known vulnerabilities. Which of the following should the IS auditor recommend the organization do FIRST?A . Verify the disaster recovery plan (DRP) has been tested.B . Ensure the intrusion prevention system (IPS) is effective.C . Assess the security risks...

A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?A . Implement overtime pay and bonuses for all development staff.B . Utilize new system development tools to improve productivity.C . Recruit IS staff...

Which of the following would be a result of utilizing a top-down maturity model process?A . A means of benchmarking the effectiveness of similar processes with peersB . A means of comparing the effectiveness of other processes within the enterpriseC . Identification of older, more established processes to ensure timely...

An online retailer is receiving customer complaints about receiving different items from what they ordered on the organization's website. The root cause has been traced to poor data quality. Despite efforts to clean erroneous data from the system, multiple data quality issues continue to occur. Which of the following recommendations...