Question: 1
An IS auditor notes that help desk personnel are required to make critical decisions during major service
disruptions. Which of the following is the auditor's BEST recommendation to address this situation?
A. Introduce classification of disruptions by risk category.
B. Provide historical incident response information for the help desk
C. Implement an incident response plan
D. Establish shared responsibility among business peers.
Answer: C
Question: 2
A company has implemented an IT segregation of duties policy In a role-based environment, which of
the following roles may be assigned to an application developer?
A. Database administration
B. Emergency support
C. IT operator
D. System administration
Answer: D
Question: 3
The MOST important reason for documenting all aspects of a digital forensic investigation is that
documentation:
A. provides traceability for independent investigation by third parties
B. ensures the process will be repeatable in future investigations
C. ensures compliance with corporate incident response policies.
D. meets IT audit documentation standards.
Answer: A
Question: 4
An organization using instant messaging to communicate with customers prevent legitimate customers
from being impersonated by:
A. Authentication users before conversation are initiated.
B. Using firewall to limit network traffic to authorized ports.
C. Logging conversation.
D. Using call monitoring.
Answer: A
Question: 5
Which of the following is the BEST source of information when assessing the amount of time a project
will take?
A. Critical path analysis
B. Workforce estimate
C. GANT chart
D. Scheduling budget
Answer: C
Question: 6
Which of the following group is MOST likely responsible for the implementation of IT projects?
A. IT steering committee
B. IT strategy committee
C. IT compliance committee
D. IT governance committee
Answer: A
Question: 7
Which of the following is a passive attack on a network?
A. Sequence analysis
B. Traffic analysis
C. Message service interruption
D. Message modification
Answer: B
Question: 8
What is the GREASTEST concern for an IS auditory reviewing contracts for licensed software that
executes a critical business process?
A. The contract does not contain a right-to-audit clause.
B. Software escrow not negotiated.
C. Several vendor deliveries missed the commitment data.
D. An operational level agreement (OLA) was not negotiated.
Answer: B
Question: 9
The IS auditor of a power company finds that the radio link to a remote mountain site is experience
systematic outages under specific weather conditions. The communications managers explains that
increasing the radio power would require a new license and would help. What is the MOST appropriate
action by the IS auditor?
A. Recommend that the site s hardware be upgraded to record data during outages.
B. Gather additional information to identify threats vulnerabilities and impact.
C. Review the installation license, permissions and associated costs.
D. Recommend that the site's data collection and transmission be non-interruptible.
Answer: B
Question: 10
Which of the following would be the MOST effective method to address software license violations on
employee workstations?
A. Implementing real-time monitoring software on employee workstations
B. Restricting administrative rights on employee workstations
C. Scanning of workstation daily for unauthorized software use
D. Required automated installation of software.
Answer: A
For more info:
Exam4Lead deserve high regard for all the services which are helpful for the preparation of IT candidates. I also downloaded ISACA CISA dumps and aced my certification by the first time. Once I went through ISACA CISA dumps there was no need of any other explanation.
ReplyDelete