ISACA CISA.pdf
Q: 1
Which of the following would present the GREATEST concern during a review of internal
audit quality assurance (QA) and continuous improvement processes?
Options
Q: 2
During a follow-up audit, an IS auditor learns that some key management personnel have
been replaced since the original audit, and current management has decided not to implement
some previously accepted recommendations. What is the auditor's BEST course of action?
Options
Q: 3
An externally facing system containing sensitive data is configured such that users have
either read-only or administrator rights. Most users of the system have administrator access.
Which of the following is the GREATEST risk associated with this situation?
Options
Q: 4
Which of the following is MOST important for an IS auditor to verify when evaluating an
organization's firewall?
Options
Q: 5
Which of the following would be of GREATEST concern to an IS auditor reviewing an IT
strategy document?
Options
Q: 6
Which of the following should be an IS auditor's PRIMARY consideration when determining
which issues to include in an audit report?
Options
Q: 7
A review of an organization’s IT portfolio revealed several applications that are not in use.
The BEST way to prevent this situation from recurring would be to implement.
Options
Q: 8
When classifying information, it is MOST important to align the classification to:
Options
Q: 9
Which of the following should be of MOST concern to an IS auditor reviewing an
organization's operational log management?
Options
Q: 10
Which of the following provides the MOST assurance of the integrity of a firewall log?
Options
Question 1 of 10
