ISACA-Certified Information Systems Auditor Set 22

1.

The MAIN reason for requiring that all computer clocks across an organization be synchronized is to:

prevent omission or duplication of transactions. ensure smooth data transition from client machines to servers. ensure that e-mail messages have accurate time stamps. support the incident investigation process.

2.

When reviewing the configuration of network devices, an IS auditor should FIRST identify:

the best practices for the type of network devices deployed. whether components of the network are missing. the importance of the network device in the topology. whether subcomponents of the network are being used appropriately.

3.

Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users?

System analysis Authorization of access to data Application programming Data administration

4.

Accountability for the maintenance of appropriate security measures over information assets resides with the:

security administrator. systems administrator. data and systems owners. systems operations group.

5.

The GREATEST risk when end users have access to a database at its system level, instead of through the application, is that the users can:

make unauthorized changes to the database directly, without an audit trail. make use of a system query language (SQL) to access information. remotely access the database. update data without authentication.

6.

To determine who has been given permission to use a particular system resource, an IS auditor should review:

activity lists. access control lists. logon ID lists. password lists.

7.

Which of the following is the MOST effective control when granting temporary access to vendors?

Vendor access corresponds to the service level agreement (SLA). User accounts are created with expiration dates and are based on services provided. Administrator access is provided for a limited period. User IDs are deleted when the work is completed.

8.

During a logical access controls review, an IS auditor observes that user accounts are shared. The GREATEST risk resulting from this situation is that:

an unauthorized user may use the ID to gain access. user access management is time consuming. passwords are easily guessed. user accountability may not be established.

9.

Which of the following satisfies a two-factor user authentication?

Iris scanning plus fingerprint scanning Terminal ID plus global positioning system (GPS) A smart card requiring the user's PIN User ID along with password

10.

What is the MOST effective method of preventing unauthorized use of data files?

Automated file entry Tape librarian Access control software Locked library

ISACA-Certified Information Systems Auditor Set 22

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

COMPANY

Products

OTHERS

Partner

ISACA-Certified Information Systems Auditor Set 22

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner