QUESTION NO: 1
Which of the following is the BEST source of information when assessing the amount of time a project will take?
A. Critical path analysis
B. Workforce estimate
C. GANT chart
D. Scheduling budget
QUESTION NO: 2
Which of the following scenarios would enable a forensic investigation?
A. Incident response team members extracted the logs showing the suspicious activity and added their notes before submitting for investigation.
B. The media in question was preserved using imaging, and chain of custody was documented according to the organization’s incident response plan.
C. The suspected computer was rebooted, and the evidence log file was converted to a readable format for further analysis.
D. The incident response team prepared a final report for the forensic investigator and deleted the original file securely to avoid further damage.
QUESTION NO: 3
Which of the following will BEST protect the confidentiality of data stored on the hard drive of a laptop computer?
A. Biometric access control
B. A boot password
C. Physical locks and alarms
D. Encryption of the data
QUESTION NO: 4
The use of the Transport Layer Security (TLS) protocol enables the client in a network to be:
A. identified by a password.
B. assured of the servers identity.
C. registered by the server,
D. provided with a digital certificate
QUESTION NO: 5
The PRIMARY purpose of an internal audit department’s quality assurance improvement program is to evaluate which of the following?
A. The efficiency of internal audit processes
B. The adequacy and qualifications of internal audit personnel
C. The accuracy of prior-year internal audit results
D. The effectiveness of the internal audit function
QUESTION NO: 6
An IS auditor reviewing an incident management process identifies client information was lost due to ransomware attacks. Which of the following would MOST effectively minimize the impact of future occurrences?
A. Change access to client data to read-only.
B. Improve the ransomware awareness program.
C. Back up client data more frequently.
D. Monitor all client data changes.
QUESTION NO: 7
A region where an organization conducts business has announced changes in privacy legislation. Which of the following should an IS auditor do FIRST to prepare for the changes? A. Perform a gap analysis with current privacy procedures.
B. Provide suggested updates to the organization’s privacy procedures.
C. Communicate the changes In privacy legislation to the legal department.
D. Design compensating controls to be in compliance with new privacy legislation.
QUESTION NO: 8
An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY
A. Using a third-party provider to host and manage content
B. Lack of guidance on appropriate social media usage and monitoring
C. Negative posts by customers affecting the organization’s image
D. Reduced productivity of stuff using social media
QUESTION NO: 9
An IS auditor is reviewing a mobile app that allows customers to submit payments for bills. As part of the review, the auditor examines how code is developed and deployed to production. It is determined that a secure code review is done prior to each deployment to production. What type of control is being used?
QUESTION NO: 10
A review of Internet security disclosed that users have individual user accounts with Internet service providers (ISPs) and use these accounts for downloading business data. The organization wants to ensure that only the corporate network is used. The organization should FIRST:
A. use a proxy server to filter out Internet sites that should not be accessed.
B. keep a manual log of Internet access.
C. monitor remote access activities.
D. include a statement in its security policy about Internet use.
QUESTION NO: 11
Which of the following provides the BEST audit evidence that a firewall is configured in compliance with the organization’s security policy?
A. Analyzing how the configuration changes are performed
B. Analyzing log files [Most of us think that this is the best answer].
C. Performing penetration testing
D. Reviewing the rule base
QUESTION NO: 12
Which of the following activities would allow an IS auditor to maintain independence while facilitating a control self-assessment (CSA)?
A. Partially completing the CSA
B. Developing the CSA questionnaire
C. Developing the remediation plan
D. Implementing the remediation plan
QUESTION NO: 13
Which of the following is the BEST way to facilitate proper follow-up for audit finding?
A. Conduct a surprise audit to determine whether remediation is in progress
B. Schedule a follow-up audit for two weeks after the initial audit was completed
C. Conduct a follow-up audit when findings escalate to incidents
D. Schedule a follow-up audit based on remediation due dates.
QUESTION NO: 14
An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor s NEXT course of action?
A. Report the security posture of the organization.
B. Report the mitigating control
C. Determine the value of the firewall.
D. Determine the risk of not replacing the firewall
QUESTION NO: 15
Which of the following are BEST suited for continuous auditing?
A. Manual transactions
B. Irregular transactions
C. Low-value transactions
D. Real-time transactions
QUESTION NO: 16
An IS auditor observes that an organization s critical IT systems have experienced several failures throughout the year. Which of the following is the BEST recommendation?
A. Perform a root cause analysis.
B. Implement redundant systems.
C. Contract for a hot site
D. Perform a disaster recovery test
QUESTION NO: 17
An IS auditor begins an assignment and identifies audit components for which the auditor is not qualified to assess. Which of the following is the BEST course of action?
A. Exclude the related tests from the audit plan and continue the assignment.
B. Notify audit management for a decision on how to proceed
C. Complete the audit and give full disclosure in the final audit report
D. Complete the work assignment to the best of the auditor’s Ability
QUESTION NO: 18
An organization is developing data classification standards and has asked internal audit for advice on aligning the standards with best practices. Internal audit would MOST likely recommend the standards should be:
A. based on the results of an organization-wide risk assessment
B. based on the business requirements for confidentiality of the information.
C. aligned with the organization’s segregation of duties requirements
D. based on the business requirements for authentication of the information.
QUESTION NO: 19
Which of the following BEST ensures that only authorized software is moved into a production environment?
A. Restricting read/write access to production code to computer programmers only
B. Assigning programming managers to transfer tested programs to production
C. A librarian compiling source code into production after independent testing 5
D. Requiring programming staff to move tested code into production
QUESTION NO: 20
A new regulation in one country of a global organization has recently prohibited cross-border transfer of personal data. An IS auditor has been asked to determine the organization’s level of exposure in the affected country. Which of the following would be MOST helpful in making this assessment?
A. Identifying data security threats in the affected jurisdiction
B. Identifying business processes associated with personal data exchange with the affected jurisdiction
C. Reviewing data classification procedures associated with the affected jurisdiction
D. Developing an inventory of all business entities that exchange personal data with the affected jurisdiction
QUESTION NO: 21
A transaction processing system interfaces with the general ledger. Data analytics has identified that some transactions are being recorded twice in the general ledger. While management states a system fix has been implemented, what should the IS auditor recommend to validate the interface is working in the future?
A. Perform periodic reconciliations. [Most of us think that this is the best answer].
B. Ensure system owner sign-off for the system fix.
C. Conduct functional testing.
D. Improve user acceptance testing (UAT).
QUESTION NO: 22
An organization has selected a web-based solution to reduce transaction costs and improve productivity. Before implementation, an IS auditor should ensure that (the organization has:
A. addressed the level of risk exposure
B. validated the solution against the current IT infrastructure.
C. performed a vulnerability assessment.
D. Implemented electronic data interchange.
QUESTION NO: 23
Which of the following should MOST concern an IS auditor reviewing an intrusion detection system (IDS)?
A. Number of false negatives
B. Legitimate traffic blocked by the system
C. Number of false positives
D. Reliability of IDS logs
QUESTION NO: 24
During an audit of information security procedures of a large retailer s online store, an IS auditor notes that operating system (OS) patches are automatically deployed upon -.
Which of the following should be of GREATEST concern to the auditor?
A. Patches are not reflected in the configuration management database
B. Patches are in conflict with current licensing agreements
C. Patches are not tested before installation on critical servers.
D. Patches are pushed from the vendor increasing Internet traffic
QUESTION NO: 25
Which of the following is the PRIMARY advantage of single sign-on (SSO)?
A. Improves system performance
B. Ensures good password practices
C. Improves security
D. Reduces administrative work load