Which task should an IS auditor complete FIRST during the preliminary planning phase of a database security review?

• A.Evaluate the types of databases being used
• B.Identify the most critical database controls.
• C.Perform a business impact analysis (BIA).
• D.Determine which databases will be in scope.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be of GREATEST concern to an IS auditor conducting an audit of an organization that recently experienced a ransomware attack?

• A.The most recent security patches were not tested prior to implementation.
• B.Antivirus software was unable to prevent the attack even though it was properly updated.
• C.Backups were only performed within the local network.
• D.Employees were not trained on cybersecurity policies and procedures.

Comment: *

Name: *

Email: *

Verification: *

Which of the following would be MOST impacted if an IS auditor were to assist with the implementation of recommended control enhancements?

• A.Materiality
• B.Accountability
• C.Independence
• D.Integrity

Comment: *

Name: *

Email: *

Verification: *

Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?

• A.The policy includes a strong risk-based approach.
• B.The retention period allows for review during the year-end audit.
• C.The retention period complies with data owner responsibilities.
• D.The total transaction amount has no impact on financial reporting.

Comment: *

Name: *

Email: *

Verification: *

Which of the following will MOST likely compromise the control provided by a digital signature created using RSA encryption?

• A.Reversing the hash function using the digest
• B.Obtaining the sender's private key
• C.Deciphering the receiver's public key
• D.Altering the plaintext message

Comment: *

Name: *

Email: *

Verification: *