An IS auditor finds a computer that is suspected to have been involved in a cyber crime. Which of the following activities is MOST critical to ensure data collected is admissible in a court of law?

• A.Power off the computer to ensure data is not changed.
• B.Notify law enforcement upon detection.
• C.Collect audit logs from the affected computer.
• D.Track possession of the computer.

Comment: *

Name: *

Email: *

Verification: *

When testing segregation of duties, which of the following audit techniques provides the MOST reliable evidence?

• A.Observing daily operations for the area in scope
• B.Evaluating the department structure via the organizational chart
• C.Reviewing departmental procedure handbooks
• D.Interviewing managers and end users

Comment: *

Name: *

Email: *

Verification: *

An organization wants to reuse company-provided smartphones collected from staff leaving the organization.
Which of the following would be the BEST recommendation?

• A.Data should be securely deleted from the smartphones.
• B.Smartphones should not be reused, but physically destroyed.
• C.The memory cards of the smartphones should be replaced.
• D.The SIM card and telephone number should be changed.

Comment: *

Name: *

Email: *

Verification: *

Which of the following would prevent unauthorized changes to information stored in a server's log?

• A.Write-protecting the directory containing the system log
• B.Writing a duplicate log to another server
• C.Daily printing of the system log
• D.Storing the system log in write-once media

Comment: *

Name: *

Email: *

Verification: *

An IS auditor should be MOST concerned if which of the following fire suppression systems is utilized to protect an asset storage closet?

• A.Deluge system
• B.Wet pipe system
• C.Preaction system
• D.CO2 system

Comment: *

Name: *

Email: *

Verification: *