CISA : Certified Information Systems Auditor : Part 76

  1. An organization uses electronic funds transfer (EFT) to pay its vendors. Which of the following should be an IS auditor’s MAIN focus while reviewing controls in the accounts payable application?

    • Changes to the vendor master file
    • Volume of transactions
    • Amount of disbursements
    • Frequency of transactions
  2. Which of the following analytical methods would be MOST useful when trying to identify groups with similar behavior or characteristics in a large population?

    • Classification
    • Correlation analysis
    • Deviation detection
    • Clustering
  3. Which of the following is the BEST way to determine the effectiveness of a recently installed intrusion detection system (IDS)?

    • Implement access control.
    • Conduct attack simulation.
    • Review audit logs.
    • Inspect IDS configuration.
  4. Which of the following is the MOST important activity to undertake to avoid rework later in a project?

    • Control review
    • Risk assessment
    • Acceptance testing
    • Phase review
  5. Which of the following is the GREATEST risk posed by denial-of-service attacks?

    • Confidential information leakage
    • Loss of integrity and corruption of databases
    • Loss of reputation and business
    • Unauthorized access to the systems
  6. Which of the following would BEST indicate the effectiveness of a security awareness training program?

    • Increased number of employees completing training
    • Employee satisfaction with training
    • Reduced unintentional violations
    • Results of third-party social engineering tests.
  7. A grants management system is used to calculate grant payments. Once per day, a batch interface extracts grant amounts and payee details from this system for import into the finance system so payments can be made overnight. Which of the following controls provides the GREATEST assurance of the accuracy and completeness of the imported payments?

    • Performing monthly bank reconciliations in a timely manner
    • Restricting access to the grants and finance systems
    • Reviewing transaction logs for anomalies
    • Reconciling data from both systems
  8. Requiring that passwords contain a combination of numeric and alphabetic characters is MOST effective against which type of attack?

    • Denial of service
    • Dictionary
    • Social engineering
    • Programmed
  9. The BEST way to prevent fraudulent payments is to implement segregation of duties between payment processing and:

    • requisition creation.
    • vendor setup.
    • payment approval.
    • check creation.
  10. Which of the following is the BEST approach to verify that internal help desk procedures are executed in compliance with policies?

    • Benchmark help desk procedures.
    • Interview end users.
    • Test a sample of closed tickets.
    • Evaluate help desk call metrics.
  11. When replacing a critical software application, which of the following provides for the LOWEST risk of interruption to business processes?

    • Parallel implementation
    • Pilot implementation
    • Incremental implementation
    • Big-bang implementation
  12. The MOST critical security weakness of a packet level firewall is that it can be circumvented by:

    • using a dictionary attack of encrypted passwords.
    • changing the source address on incoming packets.
    • intercepting packets and viewing passwords sent in clear text.
    • deciphering the signature information of the packets.
  13. Which of the following BEST contributes to the successful management of security incidents?

    • Tested controls
    • Established procedures
    • Established policies
    • Current technologies
  14. Which of the following is the BEST indicator of an effective employee information security program?

    • Increased management support for security
    • More efficient and effective incident handling
    • Increased detection and reporting of incidents
    • Reduced operational cost of security
  15. Of the following, who should the security manager consult FIRST when determining the severity level of a security incident involving a third-party vendor?

    • IT process owners
    • Business partners
    • Risk manager
    • Business process owners
  16. An external security audit risk has reported multiple instances of control noncompliance. Which of the following would be MOST important for the information security manager to communicate to senior management?

    • The impact of noncompliance on the organization’s risk profile
    • An accountability report to initiate remediation activities
    • A plan for mitigating the risk due to noncompliance
    • Control owner responses based on a root cause analysis
  17. Which of the following is the MOST important outcome of effective risk treatment?

    • Timely reporting of incidents
    • Elimination of risk
    • Implementation of corrective actions
    • Reduced cost of maintaining controls
  18. To overcome the perception that security is a hindrance to business activities, it is important for an information security manager to:

    • rely on senior management to enforce security
    • promote the relevance and contribution of security
    • reiterate the necessity of security
    • focus on compliance
  19. When developing an escalation process for an incident response plan, the information security manager should PRIMARLY consider the:

    • affected stakeholders
    • availability of technical resources
    • incident response team
    • media coverage
  20. Which of the following is the MOST important reason for logging firewall activity?

    • Intrusion detection
    • Auditing purposes
    • Firewall tuning
    • Incident investigation