CISA exam

An IS auditor notes that several employees are spending an excessive amount of time using social media sites for personal reasons. Which of the following should the auditor recommend be performed FIRST?A . Implement a process to actively monitor postings on social networking sites.B . Adjust budget for network usage...

The PRIMARY advantage of object-oriented technology is enhanced:A . efficiency due to the re-use of elements of logic.B . management of sequential program execution for data access.C . grouping of objects into methods for data access.D . management of a restricted variety of data types for a data object.View AnswerAnswer:...

Which of the following is the BEST way to mitigate the impact of ransomware attacks?A . Invoking the disaster recovery plan (DRP)B . Backing up data frequentlyC . Paying the ransomD . Requiring password changes for administrative accountsView AnswerAnswer: B Explanation: Ransomware is a type of malicious software that encrypts...

During a disaster recovery audit, an IS auditor finds that a business impact analysis (BIA) has not been performed. The auditor should FIRSTA . perform a business impact analysis (BIA).B . issue an intermediate report to management.C . evaluate the impact on current disaster recovery capability.D . conduct additional compliance...

An organization has recently acquired and implemented intelligent-agent software for granting loans to customers. During the post-implementation review, which of the following is the MOST important procedure for the IS auditor to perform?A . Review system and error logs to verify transaction accuracy.B . Review input and output control reports...

A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?A . Periodically reviewing log filesB . Configuring the router as a firewallC . Using smart cards with one-time...

Which of the following is the MOST effective control for protecting the confidentiality and integrity of data stored unencrypted on virtual machines?A . Monitor access to stored images and snapshots of virtual machines.B . Restrict access to images and snapshots of virtual machines.C . Limit creation of virtual machine images...

The PRIMARY benefit lo using a dry-pipe fire-suppression system rather than a wet-pipe system is that a dry-pipe system:A . is more effective at suppressing flames.B . allows more time to abort release of the suppressant.C . has a decreased risk of leakage.D . disperses dry chemical suppressants exclusively.View AnswerAnswer:...

Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?A . The policy includes a strong risk-based approach.B . The retention period allows for review during the...

During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures. The auditor's NEXT step should be to:A . note the noncompliance in the audit working papers.B . issue an audit memorandum identifying the noncompliance.C . include the noncompliance...