CISA : Certified Information Systems Auditor : Part 72

  1. Which of the following key performance indicators (KPIs) provides the BEST indication of a security awareness campaign’s effectiveness?

    • Reduced average time for incident resolution
    • Percentage of attendees passing the awareness quiz
    • Decrease in the number of help desk calls
    • Increase in the number of reported security incidents
  2. Which of the following is the BEST indicator that an application system’s agreed-upon level of service has been met?

    • Bandwidth usage logs
    • Transaction response time
    • CPU utilization reports
    • Security incident reports
  3. Which of the following is the BEST way to ensure enterprise architectural objectives are aligned with business and technology objectives?

    • Identify dependencies between current and future state technologies.
    • Optimize technology investments with business requirements.
    • Adopt industry-approved architecture standards and best practices.
    • Identify business stakeholder responsibilities for IT projects.
  4. Which of the following BEST facilitates the ability to efficiently allocate time, effort, and resources to address security incidents?

    • Incident classification 
    • Incident definition
    • Incident escalation
    • Incident monitoring
  5. Which of the following is the PRIMARY responsibility of an organization’s IT steering committee?

    • Reporting on key performance measures
    • Communicating strategic goals to IT project teams 
    • Conducting peer reviews of other organizations
    • Identifying new technological threats
  6. Which of the following BEST provides audit management with a view of potential performance improvements within the organization’s IS audit function?

    • Post-audit quality reviews 
    • Auditor independence checklists
    • Auditor performance reviews
    • Quality management policies
  7. Which of the following is the BEST way to detect potentially fraudulent purchases where an employee can approve a receipt of an item or service that the employee also procured?

    • Require staff training on entering purchase orders into the enterprise resource planning (ERP) system.
    • Require receipts to be entered against purchase orders by someone other than the buyer.
    • Requite that invoices can only be paid when matched with purchase orders. 
    • Require purchase orders to originate from the same individual with designated authority.
  8. Which of the following would MOST effectively detect a condition where an employee assigned to an operations role could perform system administrator functions?

    • User access review
    • System review
    • Business process review
    • Entitlement design review
  9. Which of the following indicates the HIGHEST level of maturity for an organization’s information systems internal control environment?

    • Controls are regularly evaluated using a formally documented process. 
    • Controls are adequately documented and control exceptions are captured.
    • The operation of controls depends on employee knowledge.
    • Operational effectiveness is evaluated upon management request.
  10. Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?

    • Incident management
    • Problem management 
    • Change management
    • Configuration management
  11. Which of the following BEST helps to ensure that all relevant data within an organization is added to a data warehouse during deployment?

    • Data migration 
    • Architecture review
    • Project planning
    • Data mining
  12. Which of the following should be the MOST important consideration in IT portfolio management?

    • Aligning IT portfolio processes with corporate objectives 
    • Selecting IT investment projects that align with corporate strategy
    • Increasing the budget and resources allocated for IT investments
    • Determining the opportunity cost of IT investment projects
  13. Which of the following is the PRIMARY objective of baselining the IT control environment?

    • Define process and control ownership.
    • Ensure IT security strategy and policies are effective.
    • Align IT strategy with business strategy.
    • Detect control deviations.
  14. Which of the following should be considered when examining fire suppression systems as part of a data center environmental controls review?

    • Maintenance procedures 
    • Onsite replacement availability
    • Insurance coverage
    • Installation manuals
  15. Which of the following would provide the BEST assurance that an organization’s backup media is adequate in the case of a disaster?

    • Scheduled maintenance of the backup device
    • Regular recovery of production systems in a test environment 
    • Scheduled read/write tests of the backup media
    • Regular review of backup logs to ensure that all data from the production environment is included
  16. Which of the following should be the FIRST step in the incident response process for a suspected breach?

    • Inform potentially affected customers of the security breach.
    • Notify business management of the security breach.
    • Engage a third party to independently evaluate the alerted breach.
    • Research the validity of the alerted breach.
  17. An IS auditor finds that a required security patch was not installed on a critical server for more than 6 months. The NEXT course of action should be to:

    • determine the root cause of the delay.
    • review patch management procedures. 
    • request the patch be installed as soon as possible.
    • notify senior management of audit findings.
  18. Which of the following is the BEST method to maintain an audit trail of changes made to the source code of a program?

    • Standardize file naming conventions.
    • Utilize automated version control. 
    • Document details on a change register.
    • Embed details within source code.
  19. In which of the following cloud service models does the user organization have the GREATEST control over the accuracy of configuration items in its configuration management database (CMDB)?

    • Database as a Service (DbaaS)
    • Software as a Service (SaaS)
    • Platform as a Service (PaaS)
    • Infrastructure as a Service (IaaS)
  20. Which of the following controls is MOST effective in detecting spam?

    • Denying transmission control protocol (TCP) connections in the mail server
    • Refusing Internet protocol (IP) connections at the router
    • Registering the recipient with keepers of spam lists
    • Using heuristic filters based on the content of the message