Which of the following would be of MOST concern for an IS auditor evaluating the design of an organization's incident management processes?
A. Service management standards are not followed.
B. Expected time to resolve incidents is not specified.
C. Metrics are not reported to senior management.
D. Prioritization criteria are not defined.
Which of the following is the MOST important activity in the data classification process?
A. Labeling the data appropriately
B. Identifying risk associated with the data
C. Determining accountability of data owners
D. Determining the adequacy of privacy controls
During the planning stage of a compliance audit, an IS auditor discovers that a bank's inventory of compliance requirements does not include recent regulatory changes related to managing data risk. What should the auditor do FIRST?
A. Ask management why the regulatory changes have not been Included.
B. Discuss potential regulatory issues with the legal department
C. Report the missing regulatory updates to the chief information officer (CIO).
D. Exclude recent regulatory changes from the audit scope.
A month after a company purchased and implemented system and performance monitoring software, reports were too large and therefore were not reviewed or acted upon The MOST effective plan of action would be to:
A. evaluate replacement systems and performance monitoring software.
B. restrict functionality of system monitoring software to security-related events.
C. re-install the system and performance monitoring software.
D. use analytical tools to produce exception reports from the system and performance monitoring software
An IS auditor reviewing the threat assessment tor a data center would be MOST concerned if:
A. some of the identified throats are unlikely to occur.
B. all identified throats relate to external entities.
C. the exercise was completed by local management.
D. neighboring organizations operations have been included.
Which of the following is the GREATEST risk of using a reciprocal site for disaster recovery?
A. Inability to utilize the site when required
B. Inability to test the recovery plans onsite
C. Equipment compatibility issues at the site
D. Mismatched organizational security policies
An IS auditor is reviewing logical access controls for an organization's financial business application Which of the following findings should be of GREATEST concern to the auditor?
A. Users are not required to change their passwords on a regular basis
B. Management does not review application user activity logs
C. User accounts are shared between users
D. Password length is set to eight characters
Which of the following should be an IS auditor's PRIMARY focus when evaluating the response process for cybercrimes?
A. Communication with law enforcement
B. Notification to regulators
C. Root cause analysis
D. Evidence collection
Which of the following would be the BEST criteria for monitoring an IT vendor's service levels?
A. Service auditor's report
B. Performance metrics
C. Surprise visit to vendor
D. Interview with vendor
Which of the following is the MOST effective way to identify exfiltration of sensitive data by a malicious insider?
A. Implement data loss prevention (DLP) software
B. Review perimeter firewall logs
C. Provide ongoing information security awareness training
D. Establish behavioral analytics monitoring
Which of the following methods will BEST reduce the risk associated with the transition to a new system using technologies that are not compatible with the old system?
A. Parallel changeover
B. Modular changeover
C. Phased operation
D. Pilot operation
Which of the following presents the GREATEST risk of data leakage in the cloud environment?
A. Lack of data retention policy
B. Multi-tenancy within the same database
C. Lack of role-based access
D. Expiration of security certificate
An IS auditor has been asked to review an event log aggregation system to ensure risk management practices have been applied. Which of the following should be of MOST concern to the auditor?
A. Log feeds are uploaded via batch process.
B. Completeness testing has not been performed on the log data.
C. The log data is not normalized.
D. Data encryption standards have not been considered.
An IS auditor observes that a business-critical application does not currently have any level of fault tolerance. Which of the following is the GREATEST concern with this situation?
A. Degradation of services
B. Limited tolerance for damage
C. Decreased mean time between failures (MTBF)
D. Single point of failure
Which of the following factor is LEAST important in the measurement of critical success factors of productivity in the SDLC phases?
A. Dollar Spent per use
B. Number of transactions per month
C. Number of transactions per user D. Number of occurrences of fraud/misuse detection