Free ISACA CISA Übungsprüfungen - Seite 45 von 55

Question #441

Which of the following is MOST important for an IS auditor to look for in a project feasibility study?

A . An assessment of whether requirements will be fully met
B . An assessment indicating security controls will operate effectively
C . An assessment of whether the expected benefits can be achieved
D . An assessment indicating the benefits will exceed the implement

Lösung einblenden Lösung ausblenden

Question #442

Which of the following can BEST reduce the impact of a long-term power failure?

A . Power conditioning unit
B . Emergency power-off switches
C . Battery bank
D . Redundant power source

Lösung einblenden Lösung ausblenden

Question #443

Which of the following BEST indicates that the effectiveness of an organization’s security awareness program has improved?

A . A decrease in the number of information security audit findings
B . An increase in the number of staff who complete awareness training
C . An increase in the number of phishing emails reported by employees
D . A decrease in the number of malware outbreaks

Lösung einblenden Lösung ausblenden

Question #444

A global organization’s policy states that all workstations must be scanned for malware each day.

Which of the following would provide an IS auditor with the BEST evidence of continuous compliance with this policy?

A . Penetration testing results
B . Management attestation
C . Anti-malware tool audit logs
D . Recent malware scan reports

Lösung einblenden Lösung ausblenden

Richtige Antwort: C
C

Explanation:

Anti-malware tool audit logs would provide an IS auditor with the best evidence of continuous compliance with the global organization’s policy that states that all workstations must be scanned for malware each day. Anti-malware tool audit logs are records that capture the activities and events related to the anti-malware software installed on the workstations, such as scan schedules, scan results, updates, alerts, and actions taken1. These logs can help the IS auditor to verify that the anti-malware software is functioning properly, that the scans are performed regularly and effectively, and that any malware incidents are detected and resolved in a timely manner2. Anti-malware tool audit logs can also help the IS auditor to identify any gaps or weaknesses in the anti-malware policy or implementation, and to provide recommendations for improvement3.

The other options are not the best evidence of continuous compliance with the anti-malware policy. Penetration testing results are reports that show the vulnerabilities and risks of the workstations and network from an external or internal attacker’s perspective4. While penetration testing can help to assess the security posture and resilience of the organization, it does not provide information on the daily anti-malware scans or their outcomes. Management attestation is a statement or declaration from the management that they have complied with the anti-malware policy5. While management attestation can demonstrate commitment and accountability, it does not provide objective or verifiable evidence of compliance. Recent malware scan reports are documents that show the summary or details of the latest anti-malware scans performed on the workstations. While recent malware scan reports can indicate the current status and performance of the anti-malware software, they do not provide historical or comprehensive evidence of compliance.

References:

Malwarebytes Anti-Malware (MBAM) log collection and threat reports …

Malicious Behavior Detection using Windows Audit Logs

PCI Requirement 5.2 C Ensure all Anti-Virus Mechanisms are Current …

Management Attestation – an overview | ScienceDirect Topics

How to Read a Malware Scan Report | Techwalla

Question #445

An IS auditor wants to verify alignment of the organization’s business continuity plan (BCP) with the business strategy.

Which of the following would be MOST helpful to review?

A . Disaster recovery plan (DRP) testing results
B . Business impact analysis (BIA)
C . Corporate risk management policy
D . Key performance indicators (KPIs)

Lösung einblenden Lösung ausblenden

Question #446

Using swipe cards to limit employee access to restricted areas requires implementing which additional control?

A . Physical sign-in of all employees for access to restricted areas
B . Implementation of additional PIN pads
C . Periodic review of access profiles by management
D . Installation of closed-circuit television (CCTV)

Lösung einblenden Lösung ausblenden

Richtige Antwort: C
C

Explanation:

Periodic review of access profiles by management is an additional control that is required when using swipe cards to limit employee access to restricted areas. Swipe cards are a type of physical access control that use magnetic stripes or radio frequency identification (RFID) to store and transmit information about the cardholder’s identity and access rights. Swipe cards can help to prevent unauthorized entry, protect sensitive assets and data, and monitor access activity. However, swipe cards alone are not enough to ensure effective access control.

They need to be complemented by other controls, such as:

Periodic review of access profiles by management: This is a type of logical access control that involves verifying that the access rights assigned to each cardholder are appropriate, necessary, and consistent with the organization’s policies and procedures. Periodic review of access profiles can help to detect and correct any errors, inconsistencies, or violations in the access control system, such as outdated, excessive, or redundant access rights, segregation of duties conflicts, or unauthorized changes. Periodic review of access profiles can also help to ensure compliance with internal and external audit requirements and regulations.

Implementation of additional PIN pads: This is a type of multi-factor authentication (MFA) that requires the cardholder to enter a personal identification number (PIN) in addition to swiping their card. MFA can enhance the security of the access control system by adding another layer of verification and reducing the risk of lost, stolen, or cloned cards being used by unauthorized persons.

Installation of closed-circuit television (CCTV): This is a type of surveillance system that uses cameras and monitors to record and display the images of the people and activities in the restricted areas. CCTV can deter potential intruders, provide evidence of any security incidents or breaches, and enable real-time monitoring and response by security personnel.

The other options are not as effective or relevant as periodic review of access profiles by management for an additional control when using swipe cards. Physical sign-in of all employees for access to restricted areas is a redundant and inefficient control that can be easily bypassed or manipulated. It also does not provide any assurance or verification of the identity or access rights of the cardholders. Audit hooks are software routines embedded in an application that can trigger an alert or a report when certain conditions are met. Audit hooks can help to detect anomalies or exceptions in access control lists, but they do not provide a comprehensive or integrated view of them.

References:

ISACA, CISA Review Manual, 27th Edition, 2019, p. 236

ISACA, ITAF: A Professional Practices Framework for IS Audit/Assurance, 3rd Edition, 2014, p. 88

Data Analytics for Auditing Access Control

Question #447

Which of the following metrics is the BEST indicator of the performance of a web application

A . HTTP server error rate
B . Server thread count
C . Average response time
D . Server uptime

Lösung einblenden Lösung ausblenden

Question #448

Which of the following is MOST important with regard to an application development acceptance test?

A . The programming team is involved in the testing process.
B . All data files are tested for valid information before conversion.
C . User management approves the test design before the test is started.
D . The quality assurance (QA) team is in charge of the testing process.

Lösung einblenden Lösung ausblenden

Question #449

Which of the following should be the PRIMARY consideration when validating a data analytic algorithm that has never been used before?

A . Enhancing the design of data visualization
B . Increasing speed and efficiency of audit procedures
C . Confirming completeness and accuracy
D . Decreasing the time for data analytics execution

Lösung einblenden Lösung ausblenden

Question #450

Which of the following is an IS auditor’s BEST approach when low-risk anomalies have been identified?

A . Reprioritize further testing of the anomalies and refocus on issues with higher risk
B . Update the audit plan to include the information collected during the audit
C . Ask auditees to promptly remediate the anomalies
D . Document the anomalies in audit workpapers

Lösung einblenden Lösung ausblenden