Free Access to ISACA.CISA.v2024-03-31.q980 with Valid Practice Test (Page 21)

Question 96

Which of the following IS functions can be performed by the same group or individual while still providing the proper segregation of duties?

A.Database administration and computer operations
B.Security administration and application programming
C.Application programming and systems analysis
D.Computer operations and application programming

Question 97

Which of the following BEST facilitates compliance with requirements mandating the security of confidential
data?

A.Classification of data
B.Security awareness training
C.Encryption of external data transmissions
D.Standardized escalation protocols for breaches

Question 98

Which of the following is the BEST justification for deferring remediation testing until the next audit?

A.The auditor who conducted the audit and agreed with the timeline has left the organization.
B.Management's planned actions are sufficient given the relative importance of the observations.
C.Auditee management has accepted all observations reported by the auditor.
D.The audit environment has changed significantly.

Question 99

Which of the following should be of MOST concern to an IS auditor reviewing the BCP?

A.The disaster levels are based on scopes of damaged functions, but not on duration.
B.The difference between low-level disaster and software incidents is not clear.
C.The overall BCP is documented, but detailed recovery steps are not specified.
D.The responsibility for declaring a disaster is not identified.

Question 100

A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?

A.Using smart cards with one-time passwords
B.Installing biometrics-based authentication
C.Configuring the router as a firewall
D.Periodically renewing log files

Question 96

Question 97

Question 98

Question 99

Question 100

Download PDF File