IIA IIA-CIA-PART3 Online Practice Questions and Exam Preparation

IIA IIA-CIA-PART3 Online Questions & Answers

• Question 601:

  A manager at a publishing company received an email that appeared to be from one of her vendors with an attachment that contained malware embedded in an Excel spreadsheet. When the spreadsheet was opened, the cybercriminal was able to attack the company's network and gain access to an unpublished and highly anticipated book.

  Which of the following controls would be most effective to prevent such an attack?

  A. Monitoring network traffic.
  B. Using whitelists and blacklists to manage network traffic.
  C. Restricting access and blocking unauthorized access to the network.
  D. Educating employees throughout the company to recognize phishing attacks.
  D. Educating employees throughout the company to recognize phishing attacks.

  ---

  Explanation

• Question 602:

  At an organization that uses a periodic inventory system, the accountant accidentally understated the organization's beginning inventory. How would the accountant's accident impact the income statement?

  A. Cost of goods sold will be understated and net income will be overstated.
  B. Cost of goods sold will be overstated and net income will be understated.
  C. Cost of goods sold will be understated and there will be no impact on net income.
  D. There will be no impact on cost of goods sold and net income will be overstated.
  C. Cost of goods sold will be understated and there will be no impact on net income.

  ---

  Explanation

• Question 603:

  Which component of an organization's cybersecurity risk assessment framework would allow management to implement user controls based on a user's role?

  A. Prompt response and remediation policy.
  B. Inventory of information assets.
  C. Information access management.
  D. Standard security configurations.
  C. Information access management.

  ---

  Explanation

• Question 604:

  Which of the following is the most appropriate action an internal auditor would perform during an audit of his organization's IT change management process?

  A. Validate that only authorized personnel can migrate changes into the production environment.
  B. Perform a risk assessment to determine the likelihood that risk could occur due to insufficient patch application.
  C. Publish a schedule that lists all approved changes and planned implementation dates.
  D. Update change management processes on a consistent basis to keep up with changing technologies.
  A. Validate that only authorized personnel can migrate changes into the production environment.

  ---

  Explanation

• Question 605:

  An organization allows employees to use their personal mobile devices to access its database. Which of the following best maintains the confidentiality of different records within the database?

  A. Regular remote wiping of the mobile devices accessing the database.
  B. Encrypted data transmissions between mobile devices and the database.
  C. Restrictions on the access permissions when mobile devices are used.
  D. The use of two-factor authentication algorithms for those who use remote access.
  B. Encrypted data transmissions between mobile devices and the database.

  ---

  Explanation

• Question 606:

  Power is synonymous with leadership. Simply, it is the ability to influence other people. The sources of power are various. For example, the kind of power arising from the strength of the leader's personality is known as:

  A. Coercive power.
  B. Legitimate power.
  C. Expert power.
  D. Referent power.
  D. Referent power.

  ---

  Explanation

  Power may be classified as reward power (the leader controls resources), coercive power (the leader may punish the subordinate), legitimate power (the leader has the right to lead), referent power (the leader has fame, charisma, etc.), and expert power (the leader has specialized ability or knowledge).

• Question 607:

  Ina product's life cycle, the first symptom of the decline stage is a decline in the

  A. Firm's inventory levels.
  B. Product's sales.
  C. Product's production cost.
  D. Product's prices.
  B. Product's sales.

  ---

  Explanation

  The sales of most product types and brands eventually decrease permanently. This decline may be slow or rapid. This first symptom of the decline stage of a product's life cycle triggers such other effects as price cutting, narrowing of the product line, and reduction in promotion budgets.

• Question 608:

  The first stage in the development of a crisis management program is to:

  A. Formulate contingency plans.
  B. Conduct a risk analysis.
  C. Create a crisis management team.
  D. Practice the response to a crisis.
  B. Conduct a risk analysis.

  ---

  Explanation

• Question 609:

  According to Edward T. Hall, the perception of time is monochronic or polychronic. Which cultures perceive time as monochronic?

  A. Northern European.
  B. Latin American.
  C. Arabic.
  D. Mediterranean.
  A. Northern European.

  ---

  Explanation

  The perception of time as it relates to business and social life varies with the culture. Polychronic time is based on a perception that time is nonlinear, flexible, and multidimensional. This perception is typical of Mediterranean, Latin American, and Arabic cultures. Monochronic time is based on a perception that time is the same for everyone and is measurable in standard units. This perception is common in Northern Europe and the U.S. These western cultures believe in punctuality and that time is money and should not be wasted.

• Question 610:

  An organization needs to borrow a large amount of cash to fund its expansion plan. Which of the following annual interest rates is least expensive?

  A. 7 percent simple interest with a 10 percent compensating balance.
  B. 7 percent simple interest paid at the end of each year.
  C. 7 percent discount interest.
  D. 7 percent compounding interest.
  B. 7 percent simple interest paid at the end of each year.

  ---

  Explanation