Cisa domain 3 exam - Study guides, Class notes & Summaries

CISA QAE Domain 5 Exam 89 Questions with Verified Answers When reviewing an organization's logical access security to its remote systems, which of the following would be of GREATEST concern to an IS auditor? - CORRECT ANSWER Unencrypted passwords are used. When evaluating the technical aspects of logical security, unencrypted passwords represent the greatest risk because it would be assumed that remote access would be over an untrusted network where passwords could be discovered. Which...

CISA Domain 5 Exam 109 Questions with Verified Answers Information security steering committee - CORRECT ANSWER Security policies, guidelines and procedures affect the entire organization and as such, should have the support and suggestions of end users, executive management, auditors, security admins, information systems personnel and legal counsel. Therefore, individuals representing various management levels should meet as a committee to discuss these issues and establish and approve secur...

CISA Domain 2 Exam 100 Questions with Verified Answers What does EGIT stand for? What is it's meaning? - CORRECT ANSWER Enterprise Governance of Information and Technology. It a system composed of stakeholders, board of directors, department managers, and internal customers who provide input into the IT decision making process. What are the three broad processes in the EGIT framework are: - CORRECT ANSWER 1. IT Resource Management - Focuses on maintainng an updated inventory of all IT res...

CISA examtopics 301-400 Exam Questions with Verified Answers 301. An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY concern to the auditor? A. Using a third-party provider to host and manage content B. Lack of guidance on appropriate social media usage and monitoring C. Negative posts by customers affecting the organization's image D. Reduced productivity of stuff using social media - CORRECT A...

Certified Information Systems Auditor (CISA) Cert Guide 109 Questions with Verified Answers Which of the following best describes a baseline document? a. A PCI industry standard requiring a 15-minute session timeout b. Installation step recommendations from the vendor for an Active Directory server c. A network topography diagram of the Active Directory forest d. Security configuration settings for an Active Directory server - CORRECT ANSWER D. A baseline is correct because it is a platfo...

CISA InFo Domain 1 Exam 20 Questions with Verified Answers C. Mode Mode identifies the number of times a particular number is duplicated more than once. For example the in the followinglist of numbers find the mode: The mode is 3. - CORRECT ANSWER In sampling which of the following is a measure of central tendency? A. Variance B. Range C. Mode D. Standard Deviation A. Ability, as an IS auditor to be independent of existing IS relationships. Independence should be continually as...

CISA Domain 1 Exam 88 Questions with Verified Answers Interviewing and Observing Personnel - CORRECT ANSWER Actual Functions - An adequate test to ensure that the individual who is assigned and authorized to perform a particular function is the person who is actually doing the job. Actual Processes and Procedures - allows the IS auditor to gain evidence of compliance and observe deviations, if any. Security Awareness - Should be observed to verify an individuals understanding and practice ...

Domain 4 CISA Exam 325 Questions with Verified Answers what identifies and locates assets within a limited radius? - CORRECT ANSWER RFID- Radio Frequency Identification What uses radio waves to identify tagged objects? - CORRECT ANSWER RFID- Radio Frequency Identification In (RFID) Radio Frequency Identification, uses radio waves to identify TAGGED objects. What is included in a tag? - CORRECT ANSWER A tag includes a microchip and antenna. Microchip stores info and Antenna transmits inf...

CISA Practice Exam 559 Questions with Verified Answers It is important to understand the organization and its environment in order to effectively pinpoint the organization's key risk. One specific factor is an understanding of: - CORRECT ANSWER The organization's selection and application of policies and procedures Of the following, which is not a way to treat a risk? - CORRECT ANSWER Ignore it The three focus areas that management must address in order to govern IT include all of the...

CISA 3330 Final Exam 67 Questions with Verified Answers The Microsoft failover cluster feature that can scan, download, install updates on cluster nodes is knows as __________ - __________ updating. - CORRECT ANSWER cluster, aware To use Hyper-V Replica, both hosts need to be on the same domain. - CORRECT ANSWER False To remove a node from a failover cluster in Failover Cluster Manager you would select ___________ node. - CORRECT ANSWER Evict When evaluating the availability of a ser...