Which of the following should be considered when examining fire suppression systems as part of a data center environmental controls review?
A. Installation manuals
B. Onsite replacement availability
C. Insurance coverage
D. Maintenance procedures
When planning an audit, it is acceptable for an IS auditor to rely on a third-party providers external audit report on service level management when the
A. scope and methodology meet audit requirements
B. service provider is independently certified and accredited
C. report confirms that service levels were not violated
D. report was released within the last 12 months
Which of the following should be done FIRST to minimize the risk of unstructured data?
A. Identify repositories of unstructured data.
B. Purchase tools to analyze unstructured data.
C. Implement strong encryption for unstructured data.
D. Implement user access controls to unstructured data.
Which of the following should be an IS auditor's GREATEST concern when a data owner assigns an incorrect classification level to data?
A. Controls to adequately safeguard the data may not be applied.
B. Data may not be encrypted by the system administrator.
C. Competitors may be able to view the data.
D. Control costs may exceed the intrinsic value of the IT asset.
Which of the following should be of MOST concern to an IS auditor reviewing the information systems acquisition, development, and implementation process?
A. Data owners are not trained on the use of data conversion tools.
B. A post-implementation lessons-learned exercise was not conducted.
C. There is no system documentation available for review.
D. System deployment is routinely performed by contractors.
Capacity management tools are PRIMARILY used to ensure that:
A. available resources are used efficiently and effectively
B. computer systems are used to their maximum capacity most of the time
C. concurrent use by a large number of users is enabled
D. proposed hardware acquisitions meet capacity requirements
When assessing a proposed project for the two-way replication of a customer database with a remote call center, the IS auditor should ensure that:
A. database conflicts are managed during replication.
B. end users are trained in the replication process.
C. the source database is backed up on both sites.
D. user rights are identical on both databases.
Which of the following provides the BEST audit evidence that a firewall is configured in compliance with the organization's security policy?
A. Analyzing how the configuration changes are performed
B. Analyzing log files
C. Reviewing the rule base
D. Performing penetration testing
An IS auditor finds a segregation of duties issue in an enterprise resource planning (ERP) system. Which of the following is the BEST way to prevent the misconfiguration from recurring?
A. Monitoring access rights on a regular basis
B. Referencing a standard user-access matrix
C. Granting user access using a role-based model
D. Correcting the segregation of duties conflicts
An IS auditor learns a server administration team regularly applies workarounds to address repeated failures of critical data processing services Which of the following would BEST enable the organization to resolve this issue?
A. Problem management
B. Incident management
C. Service level management
D. Change management
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Isaca exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CISA exam preparations and Isaca certification application, do not hesitate to visit our Vcedump.com to find your solutions here.