When preparing to evaluate the effectiveness of an organizations IT strategy, an IS auditor should FIRST review;

• A.the IT governance fremework.
• B.the IT processes and procedures.
• C.Information security procedures.
• D.the most recent audit results.

Comment: *

Name: *

Email: *

Verification: *

An internal audit has revealed a large number of incidents for which root cause analysis has not been performed. Which of the following is MOST important for the IS auditor to verify to determine whether there is an audit issue?

• A.Cost of resolving the incidents
• B.Severity level of the incidents
• C.Time required to resolve the incidents
• D.Frequency of the incidents

Comment: *

Name: *

Email: *

Verification: *

When transmitting a payment instruction, which of the following will help verify that the instruction was not
duplicated?

• A.Use of a cryptographic hashing algorithm
• B.Enciphering the message digest
• C.Deciphering the message digest
• D.A sequence number and time stamp

Comment: *

Name: *

Email: *

Verification: *

Which of the following types of attack often take advantage of curiosity or greed to deliver malware?

• A.Gimmes
• B.Tripwire
• C.Icing
• D.Soft coding
• E.Pretexting
• F.None of the choices.

Comment: *

Name: *

Email: *

Verification: *

Stress testing should ideally be earned out under a:

• A.test environment with production workloads.
• B.production environment with production workloads.
• C.production environment with test data.
• D.test environment with test data.

Comment: *

Name: *

Email: *

Verification: *