Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Isaca Certification CISA Syllabus Exam Questions Answers

Page: 8 / 105
Total 1404 questions

Certified Information Systems Auditor Questions and Answers

Question 29

An IS auditor finds that an organization's data loss prevention (DLP) system is configured to use vendor default settings to identify violations. The auditor's MAIN concern should be that:

Options:

A.

violation reports may not be reviewed in a timely manner.

B.

a significant number of false positive violations may be reported.

C.

violations may not be categorized according to the organization's risk profile.

D.

violation reports may not be retained according to the organization's risk profile.

Question 30

Which of the following BEST demonstrates that IT strategy Is aligned with organizational goals and objectives?

Options:

A.

IT strategies are communicated to all Business stakeholders

B.

Organizational strategies are communicated to the chief information officer (CIO).

C.

Business stakeholders are Involved In approving the IT strategy.

D.

The chief information officer (CIO) is involved In approving the organizational strategies

Question 31

Which of the following findings should be of GREATEST concern to an IS auditor performing a review of IT operations?

Options:

A.

The job scheduler application has not been designed to display pop-up error messages.

B.

Access to the job scheduler application has not been restricted to a maximum of two staff members

C.

Operations shift turnover logs are not utilized to coordinate and control the processing environment

D.

Changes to the job scheduler application's parameters are not approved and reviewed by an operations supervisor

Question 32

In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?

Options:

A.

Reviewing the last compile date of production programs

B.

Manually comparing code in production programs to controlled copies

C.

Periodically running and reviewing test data against production programs

D.

Verifying user management approval of modifications

Page: 8 / 105
Total 1404 questions