CertsTopics Logo

Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CISA Questions Bank

Page: 28 / 90
Total 1195 questions
Get CISA Full Access Download CISA PDF

Certified Information Systems Auditor Questions and Answers

Question 109

An organization's information security policies should be developed PRIMARILY on the basis of:

Options:

A.

enterprise architecture (EA).

B.

industry best practices.

C.

a risk management process.

D.

past information security incidents.

Question 110

Which of the following should an IS auditor be MOST concerned with when a system uses RFID?

Options:

A.

Scalability

B.

Maintainability

C.

Nonrepudiation

D.

Privacy

Question 111

In order for a firewall to effectively protect a network against external attacks, what fundamental practice must be followed?

Options:

A.

The firewall must be placed in the demilitarized zone (DMZ).

B.

Only essential external services should be permitted.

C.

Filters for external information must be defined.

D.

All external communication must be via the firewall.

Question 112

Which of the following is the PRIMARY reason to involve IS auditors in the software acquisition process?

Options:

A.

To help ensure hardware and operating system requirements are considered

B.

To help ensure proposed contracts and service level agreements (SLAs) address key elements

C.

To help ensure the project management process complies with policies and procedures

D.

To help ensure adequate controls to address common threats and risks are considered

Page: 28 / 90
Total 1195 questions
Get CISA Full Access Download CISA PDF