CISA : Certified Information Systems Auditor : Part 72
-
Which of the following key performance indicators (KPIs) provides the BEST indication of a security awareness campaign’s effectiveness?
- Reduced average time for incident resolution
- Percentage of attendees passing the awareness quiz
- Decrease in the number of help desk calls
- Increase in the number of reported security incidents
-
Which of the following is the BEST indicator that an application system’s agreed-upon level of service has been met?
- Bandwidth usage logs
- Transaction response time
- CPU utilization reports
- Security incident reports
-
Which of the following is the BEST way to ensure enterprise architectural objectives are aligned with business and technology objectives?
- Identify dependencies between current and future state technologies.
- Optimize technology investments with business requirements.
- Adopt industry-approved architecture standards and best practices.
- Identify business stakeholder responsibilities for IT projects.
-
Which of the following BEST facilitates the ability to efficiently allocate time, effort, and resources to address security incidents?
- Incident classification
- Incident definition
- Incident escalation
- Incident monitoring
-
Which of the following is the PRIMARY responsibility of an organization’s IT steering committee?
- Reporting on key performance measures
- Communicating strategic goals to IT project teams
- Conducting peer reviews of other organizations
- Identifying new technological threats
-
Which of the following BEST provides audit management with a view of potential performance improvements within the organization’s IS audit function?
- Post-audit quality reviews
- Auditor independence checklists
- Auditor performance reviews
- Quality management policies
-
Which of the following is the BEST way to detect potentially fraudulent purchases where an employee can approve a receipt of an item or service that the employee also procured?
- Require staff training on entering purchase orders into the enterprise resource planning (ERP) system.
- Require receipts to be entered against purchase orders by someone other than the buyer.
- Requite that invoices can only be paid when matched with purchase orders.
- Require purchase orders to originate from the same individual with designated authority.
-
Which of the following would MOST effectively detect a condition where an employee assigned to an operations role could perform system administrator functions?
- User access review
- System review
- Business process review
- Entitlement design review
-
Which of the following indicates the HIGHEST level of maturity for an organization’s information systems internal control environment?
- Controls are regularly evaluated using a formally documented process.
- Controls are adequately documented and control exceptions are captured.
- The operation of controls depends on employee knowledge.
- Operational effectiveness is evaluated upon management request.
-
Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?
- Incident management
- Problem management
- Change management
- Configuration management
-
Which of the following BEST helps to ensure that all relevant data within an organization is added to a data warehouse during deployment?
- Data migration
- Architecture review
- Project planning
- Data mining
-
Which of the following should be the MOST important consideration in IT portfolio management?
- Aligning IT portfolio processes with corporate objectives
- Selecting IT investment projects that align with corporate strategy
- Increasing the budget and resources allocated for IT investments
- Determining the opportunity cost of IT investment projects
-
Which of the following is the PRIMARY objective of baselining the IT control environment?
- Define process and control ownership.
- Ensure IT security strategy and policies are effective.
- Align IT strategy with business strategy.
- Detect control deviations.
-
Which of the following should be considered when examining fire suppression systems as part of a data center environmental controls review?
- Maintenance procedures
- Onsite replacement availability
- Insurance coverage
- Installation manuals
-
Which of the following would provide the BEST assurance that an organization’s backup media is adequate in the case of a disaster?
- Scheduled maintenance of the backup device
- Regular recovery of production systems in a test environment
- Scheduled read/write tests of the backup media
- Regular review of backup logs to ensure that all data from the production environment is included
-
Which of the following should be the FIRST step in the incident response process for a suspected breach?
- Inform potentially affected customers of the security breach.
- Notify business management of the security breach.
- Engage a third party to independently evaluate the alerted breach.
- Research the validity of the alerted breach.
-
An IS auditor finds that a required security patch was not installed on a critical server for more than 6 months. The NEXT course of action should be to:
- determine the root cause of the delay.
- review patch management procedures.
- request the patch be installed as soon as possible.
- notify senior management of audit findings.
-
Which of the following is the BEST method to maintain an audit trail of changes made to the source code of a program?
- Standardize file naming conventions.
- Utilize automated version control.
- Document details on a change register.
- Embed details within source code.
-
In which of the following cloud service models does the user organization have the GREATEST control over the accuracy of configuration items in its configuration management database (CMDB)?
- Database as a Service (DbaaS)
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
-
Which of the following controls is MOST effective in detecting spam?
- Denying transmission control protocol (TCP) connections in the mail server
- Refusing Internet protocol (IP) connections at the router
- Registering the recipient with keepers of spam lists
- Using heuristic filters based on the content of the message