Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Isaca Certification CISA Updated Exam

Page: 10 / 101
Total 1359 questions

Certified Information Systems Auditor Questions and Answers

Question 37

When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:

Options:

A.

the organization's web server.

B.

the demilitarized zone (DMZ).

C.

the organization's network.

D.

the Internet

Question 38

In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?

Options:

A.

Reviewing the last compile date of production programs

B.

Manually comparing code in production programs to controlled copies

C.

Periodically running and reviewing test data against production programs

D.

Verifying user management approval of modifications

Question 39

Which of the following must be in place before an IS auditor initiates audit follow-up activities?

Options:

A.

Available resources for the activities included in the action plan

B.

A management response in the final report with a committed implementation date

C.

A heal map with the gaps and recommendations displayed in terms of risk

D.

Supporting evidence for the gaps and recommendations mentioned in the audit report

Question 40

An organization has developed mature risk management practices that are followed across all departments What is the MOST effective way for the audit team to leverage this risk management maturity?

Options:

A.

Implementing risk responses on management's behalf

B.

Integrating the risk register for audit planning purposes

C.

Providing assurances to management regarding risk

D.

Facilitating audit risk identification and evaluation workshops

Page: 10 / 101
Total 1359 questions