To achieve desired objectives, which of the following is MOST important to review when identifying potential areas of improvement in IT processes?

• A.Past board minutes
• B.Risk assessment results
• C.Compliance activity trends
• D.Current maturity level

Comment: *

Name: *

Email: *

Verification: *

Which of the following would be the GREATEST cause for concern when data are sent over the Internet using HTTPS protocol?

• A.Presence of spyware in one of the ends
• B.The use of a traffic sniffing tool
• C.The implementation of an RSA-compliant solution
• D.A symmetric cryptography is used for transmitting data

Comment: *

Name: *

Email: *

Verification: *

An IS auditor finds the log management system is overwhelmed with false positive alerts. The auditor's
BEST recommendation would be to:

• A.recruit more monitoring personnel.
• B.fine tune the intrusion detection system (IDS).
• C.reduce the firewall rules.
• D.establish criteria for reviewing alerts.

Comment: *

Name: *

Email: *

Verification: *

Change control for business application systems being developed using prototyping could be complicated by the:

• A.iterative nature of prototyping.
• B.rapid pace of modifications in requirements and design.
• C.emphasis on reports and screens.
• D.lack of integrated tools.

Comment: *

Name: *

Email: *

Verification: *

Which of the following responsibilities of an organization's quality assurance (QA) function should raise concern for an IS auditor?

• A.Implementing solutions to correct defects
• B.Ensuring the test work supports observations
• C.Ensuring standards are adhered to within the development process
• D.Updating development methodology

Comment: *

Name: *

Email: *

Verification: *