Free ISACA CISA Übungsprüfungen - Seite 31 von 55

Question #301

An IS auditor observes that a business-critical application does not currently have any level of fault tolerance.

Which of the following is the GREATEST concern with this situation?

A . Degradation of services
B . Limited tolerance for damage
C . Decreased mean time between failures (MTBF)
D . Single point of failure

Lösung einblenden Lösung ausblenden

Question #302

What is the MOST effective way to manage contractors‘ access to a data center?

A . Badge identification worn by visitors
B . Escort requirement for visitor access
C . Management approval of visitor access
D . Verification of visitor identification

Lösung einblenden Lösung ausblenden

Question #303

Which of the following is the MOST effective way to detect as many abnormalities as possible during an IS audit?

A . Conduct a walk-through of the process.
B . Perform substantive testing on sampled records.
C . Perform judgmental sampling of key processes.
D . Use a data analytics tool to identify trends.

Lösung einblenden Lösung ausblenden

Question #304

Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?

A . Rotate job duties periodically.
B . Perform an independent audit.
C . Hire temporary staff.
D . Implement compensating controls.

Lösung einblenden Lösung ausblenden

Question #305

During an IS audit of a data center, it was found that programmers are allowed to make emergency fixes to operational programs.

Which of the following should be the IS auditor’s PRIMARY recommendation?

A . Programmers should be allowed to implement emergency fixes only after obtaining verbal agreement from the application owner.
B . Emergency program changes should be subject to program migration and testing procedures before they are applied to operational systems.
C . Bypass user ID procedures should be put in place to ensure that the changes are subject to after-the-event approval and testing.

Lösung einblenden Lösung ausblenden

Question #306

Which of the following system redundancy configurations BEST improves system resiliency and reduces the possibility of a single cause of failure impacting system dependability?

A . Active redundancy
B . Homogeneous redundancy
C . Diverse redundancy
D . Passive redundancy

Lösung einblenden Lösung ausblenden

Question #307

Which of the following provides the BEST evidence of the validity and integrity of logs in an organization’s security information and event management (SIEM) system?

A . Compliance testing
B . Stop-or-go sampling
C . Substantive testing
D . Variable sampling

Lösung einblenden Lösung ausblenden

Richtige Antwort: C
C

Explanation:

Substantive testing © provides the best evidence of the validity and integrity of logs in an organization’s security information and event management (SIEM) system, because it is a type of audit testing that directly examines the accuracy, completeness, and reliability of the data and transactions recorded in the logs. Substantive testing can involve various methods, such as re-performance, inspection, observation, inquiry, or computer-assisted audit techniques (CAATs), to verify the existence, occurrence, valuation, ownership, presentation, and disclosure of the log data1. Substantive testing can also detect any errors, omissions, alterations, or manipulations of the log data that may indicate fraud or misstatement2.

Compliance testing (A) is not the best evidence of the validity and integrity of logs in an organization’s SIEM system, because it is a type of audit testing that evaluates the design and effectiveness of the internal controls that are implemented to ensure compliance with laws, regulations, policies, and procedures. Compliance testing can involve various methods, such as walkthroughs, questionnaires, checklists, or flowcharts, to assess the adequacy, consistency, and operation of the internal controls1. Compliance testing can provide assurance that the log data are generated and processed in accordance with the established rules and standards, but it does not directly verify the accuracy and reliability of the log data itself2.

Stop-or-go sampling (B) is not a type of audit testing, but a type of sampling technique that auditors use to select a sample from a population for testing. Stop-or-go sampling is a sequential sampling technique that allows auditors to stop testing before reaching the predetermined sample size if the results are satisfactory or conclusive. Stop-or-go sampling can reduce the audit cost and time by avoiding unnecessary testing, but it can also increase the sampling risk and uncertainty by relying on

a smaller sample3. Stop-or-go sampling does not provide any evidence of the validity and integrity of logs in an organization’s SIEM system by itself; it depends on the type and quality of the audit tests performed on the selected sample.

Variable sampling (D) is not a type of audit testing, but a type of sampling technique that auditors use to estimate a numerical characteristic of a population for testing. Variable sampling is a statistical sampling technique that allows auditors to measure the amount or rate of error or deviation in a population by using quantitative methods. Variable sampling can provide precise and objective results by using mathematical formulas and confidence intervals4. Variable sampling does not provide any evidence of the validity and integrity of logs in an organization’s SIEM system by itself; it depends on the type and quality of the audit tests performed on the selected sample.

References:

Audit Testing Procedures – 5 Types and Their Use Cases

5 Types of Testing Methods Used During Audit Procedures | I.S. Partners

Stop-or-Go Sampling Definition

Variable Sampling Definition

Question #308

Which of the following is the MOST important responsibility of user departments associated with program changes?

A . Providing unit test data
B . Analyzing change requests
C . Updating documentation lo reflect latest changes
D . Approving changes before implementation

Lösung einblenden Lösung ausblenden

Question #308

Which of the following is the MOST important responsibility of user departments associated with program changes?

A . Providing unit test data
B . Analyzing change requests
C . Updating documentation lo reflect latest changes
D . Approving changes before implementation

Lösung einblenden Lösung ausblenden

Question #310

Which of the following BEST addresses the availability of an online store?

A . RAID level 5 storage devices
B . A mirrored site at another location
C . Online backups
D . Clustered architecture

Lösung einblenden Lösung ausblenden