A checksum is classified as which type of control?
A. Detective control
B. Preventive control
C. Corrective control
D. Administrative control
An organization has an acceptable use policy in place, but users do not formally acknowledge the policy. Which of the following is the MOST significant risk from this finding?
A. Lack of data for measuring compliance
B. Violation of industry standards
C. Noncompliance with documentation requirements
D. Lack of user accountability
An IS auditor observes that a business-critical application does not currently have any level of fault tolerance. Which of the following is the GREATEST concern with this situation?
A. Degradation of services
B. Limited tolerance for damage
C. Decreased mean time between failures (MTBF)
D. Single point of failure
Which of the following should be the FIRST consideration when deciding whether data should be moved to a cloud provider for storage?
A. Data storage costs
B. Data classification
C. Vendor cloud certification
D. Service level agreements (SLAs)
An IS auditor evaluating the change management process must select a sample from the change log. What is the BEST way tor the auditor to confirm the change log is complete?
A. Interview change management personnel about completeness.
B. Take an item from the log and trace it back to the system.
C. Obtain management attestation of completeness.
D. Take the last change from the system and trace it back to the log.
Which of the following is the MOST effective control to mitigate against the risk of inappropriate activity by employees?
A. User activity monitoring
B. Two-factor authentication
C. Network segmentation
D. Access recertification
An IS auditor should look for which of the following to ensure the risk associated with scope creep has been mitigated during software development?
A. Source code version control
B. Project change management controls
C. Existence of an architecture review board
D. Configuration management
An IS auditor is reviewing an organization's business continuity plan (BCP) following a change in organizational structure with significant impact to business processes. Which of the following findings should be the auditor's GREATEST concern?
A. Key business process end users did not participate in the business impact " analysis (BIA)
B. Copies of the BCP have not been distributed to new business unit end users sjnce the reorganization
C. A test plan for the BCP has not been completed during the last two years
Which of the following is the BEST way to address potential data privacy concerns associated with inadvertent disclosure of machine identifier information contained within security logs?
A. Unit the use of logs to only those purposes for which they were collected
B. Restrict the transfer of log files from host machine to online storage
C. Only collect logs from servers classified as business critical
D. Limit log collection to only periods of increased security activity
The BEST way to prevent fraudulent payments is to implement segregation of duties between the vendor setup and:
A. payment processing.
B. payroll processing.
C. procurement.
D. product registration.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Isaca exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CISA exam preparations and Isaca certification application, do not hesitate to visit our Vcedump.com to find your solutions here.