A data breach has occurred due lo malware. Which of the following should be the FIRST course of action?

• A.Shut down the affected systems.
• B.Quarantine the impacted systems.
• C.Notify the cyber insurance company.
• D.Notify customers of the breach.

Comment: *

Name: *

Email: *

Verification: *

An online retailer is receiving customer complaints about receiving different items from what they ordered on the organization's website. The root cause has been traced to poor data quality. Despite efforts to clean erroneous data from the system, multiple data quality issues continue to occur. Which of the following recommendations would be the BEST way to reduce the likelihood of future occurrences?

• A.Assign responsibility for improving data quality.
• B.Implement business rules to validate employee data entry.
• C.Invest in additional employee training for data entry.
• D.Outsource data cleansing activities to reliable third parties.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is following up on prior period items and finds management did not address an audit finding. Which of the following should be the IS auditor's NEXT course of action?

• A.Recommend alternative solutions to address the repeat finding
• B.Interview management to determine why the finding was not addressed
• C.Note the exception in a new report as the item was not addressed by management
• D.Conduct a risk assessment of the repeat finding

Comment: *

Name: *

Email: *

Verification: *

An audit has identified that business units have purchased cloud-based applications without IPs support. What is the GREATEST risk associated with this situation?

• A.The applications are not included in business continuity plans (BCFs)
• B.The applications may not reasonably protect data.
• C.The applications could be modified without advanced notice.
• D.The application purchases did not follow procurement policy.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the GREATEST concern to an IS auditor reviewing an organization's method to transport sensitive data between offices?

• A.The method relies exclusively on the use of public key infrastructure (PKI).
• B.The method relies exclusively on the use of digital signatures.
• C.The method relies exclusively on the use of asymmetric encryption algorithms.
• D.The method relies exclusively on the use of 128-bit encryption.

Comment: *

Name: *

Email: *

Verification: *