Valid CISA Dumps shared by ExamDiscuss.com for Helping Passing CISA Exam! ExamDiscuss.com now offer the newest CISA exam dumps, the ExamDiscuss.com CISA exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CISA dumps with Test Engine here:
Access CISA Dumps Premium Version
(1435 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 202/267
A stockbroker accepts orders over the Internet. Which of the following is the MOST appropriate control to ensure confidentiality of the orders?
Correct Answer: C
- Question List (267q)
- Question 1: In reviewing the IT strategic plan, the IS auditor should co...
- Question 2: When reviewing a newly implemented quality management system...
- Question 3: When migrating critical systems to a cloud provider, the GRE...
- Question 4: An effective implementation of security roles and responsibi...
- Question 5: An IS auditor finds that a company is using a payroll provid...
- Question 6: Which of ihe following is the BEST way to control scope cree...
- Question 7: An e-commerce enterprise's disaster recovery (DR) site has 3...
- Question 8: Following a breach, what is the BEST source to determine the...
- Question 9: During an audit of identity and access management, an IS aud...
- Question 10: An IS auditor is asked to review a large organization's chan...
- Question 11: Which of the following access rights in the production envir...
- Question 12: Which of the following would provide the MOST reliable evide...
- Question 13: Which of the following is MOST important for an IS auditor t...
- Question 14: Which of the following is the MOST effective control to mini...
- Question 15: Which of the following would be the GREATEST concern to an I...
- Question 16: Which of the following BEST enables an audit department to i...
- Question 17: An organization's IT security policy states that user ID's m...
- Question 18: When connecting to an organization's intranet from the Inter...
- Question 19: While reviewing similar issues in an organization s help des...
- Question 20: Which of the following is the BEST way to control the concur...
- Question 21: The FIRST step in establishing a firewall security policy is...
- Question 22: Which of the following is the PRIMARY role of an IS auditor ...
- Question 23: An IS auditor found that a company executive is encouraging ...
- Question 24: During a review of a production schedule, an IS auditor obse...
- Question 25: A system administrator recently informed the IS auditor abou...
- Question 26: An organization's plans to implement a virtualization strate...
- Question 27: In reviewing the project timeline for a significant applicat...
- Question 28: Due to the increasing size of a database, user access times ...
- Question 29: Which of the following BEST describes a common risk in imple...
- Question 30: Which of the following is MOST important to include in a con...
- Question 31: Which of the following is the PRIMARY responsibility of an i...
- Question 32: When developing a risk-based IS audit plan, the PRIMARY focu...
- Question 33: Prior to the migration of acquired software into production,...
- Question 34: An organization is using a single account shared by personne...
- Question 35: Which of the following is a directive control?...
- Question 36: During an audit of a reciprocal disaster recovery agreement ...
- Question 37: Which of the following BEST helps to identify errors during ...
- Question 38: Which of the following should be of GREATEST concern to an I...
- Question 39: An organization has performance metrics to track how well IT...
- Question 40: To help ensure the accuracy and completeness of end-user com...
- Question 41: An IS auditor was involved in the design phase for a new sys...
- Question 42: Which of the following is the MOST effective control to ensu...
- Question 43: For an organization which uses a VoIP telephony system exclu...
- Question 44: Which of the following should be the PRIMARY consideration w...
- Question 45: On a daily basis, an in-house development team moves duplica...
- Question 46: Loading of illegal software packages onto a network by an em...
- Question 47: An IS auditor determines that an online retailer processing ...
- Question 48: An IS auditor is reviewing the upgrading of an operating sys...
- Question 49: Which of the following BEST provides continuous availability...
- Question 50: When evaluating the recent implementation of an intrusion de...
- Question 51: Which of the following should be an IS auditor's FIRST activ...
- Question 52: Buffer overflow in an Internet environment is of particular ...
- Question 53: Which of the following would an IS auditor recommend as the ...
- Question 54: A region where an organization conducts business has announc...
- Question 55: When testing segregation of duties, which of the following a...
- Question 56: Which of the following is corrective control?...
- Question 57: An IT governance framework provides an organization with:...
- Question 58: Which of the following data would be used when performing a ...
- Question 59: Which of the following is the MOST critical step prior to pe...
- Question 60: Which of the following should be of GREATEST concern to an I...
- Question 61: Which of the following would MOST effectively and executive ...
- Question 62: Which of the following is MOST influential when defining dis...
- Question 63: Which of the following projects would be MOST important to r...
- Question 64: Which of the following should be an IS auditor's FIRST actio...
- Question 65: ..risk that the IS auditor will not find an error that has o...
- Question 66: During a routine check, a system administrator identifies un...
- Question 67: Which of the following would have the GREATEST impact on def...
- Question 68: Which of the following is the PRIMARY reason for database op...
- Question 69: An IS auditor performs a follow-up audit and learns the appr...
- Question 70: Which of the following features can be provided only by asym...
- Question 71: Which of the following procedures should an IS auditor compl...
- Question 72: An IT governance body wants to determine whether IT service ...
- Question 73: Which of the following control? MOST efficiently ensures tha...
- Question 74: When designing metrics for information security, the MOST im...
- Question 75: During audit planning, an IS auditor walked through the desi...
- Question 76: An IS auditor has been asked to perform a post-implementatio...
- Question 77: A recent audit identified duplicate software licenses and te...
- Question 78: An organization using instant messaging to communicate with ...
- Question 79: Which of the following would be of MOST concern during an au...
- Question 80: A vendor service level agreement (SLA) requires backup to be...
- Question 81: Which of the following is the PRIMARY responsibility of an o...
- Question 82: An IS auditor identifies key controls that have been overrid...
- Question 83: Which of the following is the BEST approach for performing a...
- Question 84: A disk management system's PRIMARY function is to:...
- Question 85: An organization was recently notified by its regulatory body...
- Question 86: What is the PRIMARY benefit of prototyping as a method of sy...
- Question 87: When auditing the security architecture of an e-commerce env...
- Question 88: A design company has multiple name and address files for its...
- Question 89: When reviewing the effectiveness of data center operations, ...
- Question 90: Which of the following is the BEST time for an IS auditor to...
- Question 91: An IS auditor notes that several users have not logged into ...
- Question 92: An organization with high availability resource requirements...
- Question 93: An IS auditor reviews change control tickets and finds an em...
- Question 94: The decision to accept an IT control risk related to data qu...
- Question 95: An IS auditor finds that an organization's data loss prevent...
- Question 96: Which of the following would represent an acceptable test of...
- Question 97: Which of the following procedures would BEST contribute to t...
- Question 98: Which of the following BEST provides audit management with a...
- Question 99: Which of the following is a key success factor for implement...
- Question 100: An IS audit report highlighting inadequate network internal ...
- Question 101: An audit team has a completed schedule approved by the audit...
- Question 102: A legacy application is running on an operating system that ...
- Question 103: A security review reveals an organization b struggling with ...
- Question 104: An IS auditor has assessed a payroll service provider's secu...
- Question 105: MOST critical security weakness of a packet level firewall i...
- Question 106: Which of the following activities would allow an IS auditor ...
- Question 107: The quality assurance (QA) function should be prevented from...
- Question 108: Which of the following poses the GREATEST risk to the enforc...
- Question 109: Which of the following protects against the impact of tempor...
- Question 110: Which of the following is MOST likely to be included in a po...
- Question 111: A 5 year audit plan provides for general audits every year a...
- Question 112: Which of the following validation techniques would BEST prev...
- Question 113: Which of the following methods should be used to effectively...
- Question 114: An organization is deciding whether to outsource its custome...
- Question 115: What is an IS auditor's BEST recommendation for management i...
- Question 116: An existing system is being replaced with a new application ...
- Question 117: An IS auditor finds the timeliness and depth of information ...
- Question 118: maturity model is useful in the assessment of IT service man...
- Question 119: What is the purpose of a hypervisor?...
- Question 120: During a review of an organization's network threat response...
- Question 121: Which of the following is the BEST development methodology t...
- Question 122: Which of the following should be an IS auditor's PRIMARY con...
- Question 123: An organization has implemented application whitelisting in ...
- Question 124: An organization is developing data classification standards ...
- Question 125: When introducing a maturity model to the IT management proce...
- Question 126: The risk that the IS auditor will not find an error that has...
- Question 127: An IS auditor reviewing the acquisition of new equipment wou...
- Question 128: An IS auditor is conducting a pre-implementation review to d...
- Question 129: MOST effective way to determine if IT is meeting business re...
- Question 130: During an audit of a mission-critical system hosted in an ou...
- Question 131: Which of the following is the BEST reason for an organizatio...
- Question 132: Which of the following is the MOST efficient solution for a ...
- Question 133: Loss-site scripting (XSS) attacks are BEST prevented through...
- Question 134: Which of the following procedures should be implemented prio...
- Question 135: Which of the following is the BEST method for uncovering sha...
- Question 136: The information security function in a large organization is...
- Question 137: A post-implementation review of a system implementation has ...
- Question 138: Which of the following is MOST important to include in foren...
- Question 139: Which of the following BEST indicates the effectiveness of a...
- Question 140: Which of the following is the GREATEST concern associated wi...
- Question 141: Which of the following is the BEST indication of an effectiv...
- Question 142: Which of the following activities is MOST important in deter...
- Question 143: A review of an organization's IT portfolio revealed several ...
- Question 144: What is the MOST important role of a certificate authority (...
- Question 145: Which of the following reflects inadequate segregation of du...
- Question 146: Which of the following should be of GREATEST concern to an I...
- Question 147: Which of the following is the MOST significant driver of eff...
- Question 148: Which of the following is the MOST appropriate action to for...
- Question 149: Which of the following provides the MOST assurance that a ne...
- Question 150: Spreadsheets are used to calculate project cost estimates To...
- Question 151: During an audit of information security procedures of a larg...
- Question 152: Which of the following is MOST important to helping incident...
- Question 153: Which of the following findings should hr of GREATEST concer...
- Question 154: The recovery time objective (RTO) is normally determined on ...
- Question 155: During an audit of a data center, an IS auditor's BEST way t...
- Question 156: When engaging services from external auditors, which of the ...
- Question 157: Which of the following is MOST important to ensure when plan...
- Question 158: A bank is selecting a server for its retail accounts applica...
- Question 159: Which of the following is the GREATEST risk resulting from c...
- Question 160: While reviewing similar issues in an organization's help des...
- Question 161: Following an IS audit recommendation, all Telnet and File Tr...
- Question 162: Of the following, who should authorize a project management ...
- Question 163: An IS audit reveals that an organization is not proactively ...
- Question 164: During an external assessment of network vulnerability, whic...
- Question 165: Which of the following will BEST ensure that a proper cutoff...
- Question 166: IS management has decided to replace the current single-serv...
- Question 167: Which of the following would be the MOST effective method to...
- Question 168: A database administrator (DBA) extracts a user listing for a...
- Question 169: Overall responsibility for approving logical access rights t...
- Question 170: An IS auditor is conducting a review of an organization s in...
- Question 171: An organization performs nightly backups but does not have a...
- Question 172: Since data storage of a critical business application is on ...
- Question 173: Which of the following is the BEST type of backup to minimiz...
- Question 174: Which of the following would be the MOST likely reason for a...
- Question 175: An IT management group has developed a standardized security...
- Question 176: A start-up company acquiring for its order-taking system is ...
- Question 177: Which of the following is the MOST important reason for upda...
- Question 178: An IS auditor is analysing a sample of assesses recorded on ...
- Question 179: During the procurement process which of the following would ...
- Question 180: The MOST effective method for an IS auditor to determine whi...
- Question 181: A company laptop has been stolen and all photos on the lapto...
- Question 182: Which procedure provides the GREATEST assurance that correct...
- Question 183: After the release of an application system, an IS auditor wa...
- Question 184: Which of the following should an IS auditor recommend to fac...
- Question 185: Which of the following BEST enables an IS auditor to identif...
- Question 186: Which of the following would be MOST important for an IS aud...
- Question 187: An IS auditor performing an audit of backup procedures obser...
- Question 188: Which of the following is MOST important when an incident ma...
- Question 189: Which of the following findings should be an IS auditor's GR...
- Question 190: An organization wants to reuse company-provided smartphones ...
- Question 191: Which of the following is the GREATEST risk posed by denial-...
- Question 192: Which of the following is a reason for implementing a decent...
- Question 193: An organization uses electronic funds transfer (EFT) to pay ...
- Question 194: Which of the following is the MOST important requirement for...
- Question 195: Which of the following is the PRIMARY reason for an IS audit...
- Question 196: Which of the following BEST determines if a batch update job...
- Question 197: Which of the following should an IS auditor expect to find w...
- Question 198: Which of the following MOST efficiently protects computer eq...
- Question 199: Which of the following is the MOST effective mechanism for e...
- Question 200: Which of the following is MOST important for an IS auditor t...
- Question 201: What would be an IS auditors GREATEST concern when using a t...
- Question 202: A stockbroker accepts orders over the Internet. Which of the...
- Question 203: Which of the following would BEST enable alignment of IT wit...
- Question 204: Due to cost restraints, a company defers the replacement of ...
- Question 205: The MAJOR reason for segregating test programs from producti...
- Question 206: The BEST way for an IS auditor to determine which business p...
- Question 207: Which of the following factors will BEST promote effective i...
- Question 208: An organization using development operations (DevOps) proces...
- Question 209: Which of the following would be an auditor's GREATEST concer...
- Question 210: An employee loses a mobile device resulting in loss of sensi...
- Question 211: Which of the following management decisions presents the GRE...
- Question 212: Which of the following system deployments requires the cloud...
- Question 213: Reviewing which of the following would be MOST helpful in as...
- Question 214: Which of the following controls MOST effectively reduces the...
- Question 215: When replacing a critical software application, which of the...
- Question 216: The PRIMARY advantage of object oriented technology is enhan...
- Question 217: Which of the following IS functions can be performed by the ...
- Question 218: An organization uses two data centers. Which of the followin...
- Question 219: In a follow-up audit, an IS auditor notes that management ha...
- Question 220: Which of the following should be performed FIRST when prepar...
- Question 221: Which of the following approaches would utilize data analyti...
- Question 222: In attribute sampling, what is the relationship between expe...
- Question 223: An IS auditor evaluating a three-tier client/server architec...
- Question 224: In a RAO model, which of the following roles must be assigne...
- Question 225: An IS audit manager finds that data manipulation logic devel...
- Question 226: Which of the following are BEST suited for continuous auditi...
- Question 227: When developing a business continuity plan (BCP) business un...
- Question 228: Performance monitoring tools report that servers are signifi...
- Question 229: Which of the following would MOST likely impact the integrit...
- Question 230: Which of the following is MOST important to the effective ma...
- Question 231: Which of the following is the BEST approach to identify whet...
- Question 232: During a review of an application system, an IS auditor iden...
- Question 233: Which of the following it BEST enabled by following a config...
- Question 234: Management decided to accept the residual risk of an audit f...
- Question 235: A CIO has asked an IS auditor to implement several security ...
- Question 236: An organization has recently converted its infrastructure to...
- Question 237: A retirement system verifies that the field for employee sta...
- Question 238: The grants management system is used to calculate grant paym...
- Question 239: The demilitarized zone (DMZ) is the part of a network where ...
- Question 240: A CIO has asked an IS to implement several security controls...
- Question 241: Which of the following is MOST important for an IS auditor t...
- Question 242: An IS auditor is a member of an application development team...
- Question 243: An IS auditor has discovered that unauthorized customer mana...
- Question 244: Which of the following is the MOST effective way to assess w...
- Question 245: The IS auditor has identified a potential fraud perpetrated ...
- Question 246: As part of an IS audit, the auditor notes the practices list...
- Question 247: Attribute sampling is BEST suited to estimate:...
- Question 248: The GREATEST benefit of risk-based auditing is that it:...
- Question 249: An IS auditor is involved in the user testing phase of a dev...
- Question 250: Which of the following is the MOST significant risk associat...
- Question 251: The operations team of an organization has reported an IS se...
- Question 252: To ensure the integrity of a recovered database, which of th...
- Question 253: Which of the following is the FIRST consideration when devel...
- Question 254: To test the integrity of the data in the accounts receivable...
- Question 255: Which of the following is the BEST guidance from an IS audit...
- Question 256: An IS auditor finds that corporate mobile devices used by em...
- Question 257: Digital signatures are an effective control method for infor...
- Question 258: Which of the following is MOST important for an IS auditor t...
- Question 259: During an IS audit, it is discovered that security configura...
- Question 260: When an intrusion into an organizations network is detected,...
- Question 261: A sales representative is reviewing the organization's feedb...
- Question 262: The BEST method an organization can employ to align its busi...
- Question 263: Which of the following is the BEST way to evaluate the effec...
- Question 264: Which of the following is the MOST effective way to minimize...
- Question 265: Which of the following security mechanisms should be used to...
- Question 266: When conducting a follow-up audit on an organization s firew...
- Question 267: Which of the following is an advantage of using electronic d...
