During an internal audit review of an HR recruitment system implementation, the IS auditor notes a number of defects were unresolved at the time the system went live. Which of the following is the auditor's MOST important task prior to formulating an audit opinion?
Correct Answer: B
Section: Information System Acquisition, Development and Implementation
Question 532
Which of the following types of firewalls would BEST protect a network from an internet attack?
Correct Answer: A
Explanation/Reference: Explanation: A screened subnet firewall would provide the best protection. The screening router can be a commercial router or a node with routing capabilities and the ability to allow or avoid traffic between nets or nodes based on addresses, ports, protocols, interfaces, etc. Application-level gateways are mediators between two entities that want to communicate, also known as proxy gateways. The application level (proxy) works at the application level, not just at a package level. The screening controls at the package level, addresses and ports, but does not see the contents of the package. A packet filtering router examines the header of every packet or data traveling between the internet and the corporate network.
Question 533
Which of the following provides the BEST evidence of the validity and integrity of logs in an organization's security information and event management (SIEM) system?
Correct Answer: A
Question 534
Which of the following is the BEST indication that there are potential problems within an organization's IT service desk function?
Correct Answer: C
An IT service desk is a function that provides technical support and assistance to the users of an organization's IT systems and services. An IT service desk typically handles issues such as software installation, hardware troubleshooting, network connectivity, password reset, system configuration, and user training. An IT service desk aims to ensure that the IT systems and services are available, reliable, secure, and efficient for the users. One of the best indications that there are potential problems within an organization's IT service desk function is an excessive backlog of user requests. A backlog is a list of user requests that have not been resolved or completed by the IT service desk within a specified time frame. An excessive backlog means that the IT service desk is unable to meet the demand or expectations of the users, and that the users are experiencing delays, dissatisfaction, or frustration with the IT service desk. An excessive backlog of user requests can indicate various problems within the IT service desk function, such as: * Insufficient staff, resources, or capacity to handle the volume or complexity of user requests * Ineffective processes, procedures, or tools for managing, prioritizing, or resolving user requests * Lack of skills, knowledge, or training among the IT service desk staff to deal with different types of user requests * Poor communication, collaboration, or coordination among the IT service desk staff or with other IT functions or stakeholders * Low quality, performance, or security of the IT systems or services that cause frequent or recurring user issues Therefore, an excessive backlog of user requests is the best indication that there are potential problems within an organization's IT service desk function. References: * What is an IT Service Desk? Definition and Functions - Indeed * The Most Common IT Help Desk Issues - SherpaDesk * 18 Common IT Help Desk Problems and Solutions - E-Pulse Blog
Question 535
Which of the following is MOST important for an IS auditor to consider when determining an appropriate sample size in situations where selecting the entire population is not feasible?
