CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 187
1. Which of the following online auditing techniques is most effective for the early detection of errors or irregularities?
A) Embedded audit module
B) Integrated test facility
C) Snapshots
D) Audit hooks
2. When assessing the design of network monitoring controls, an IS auditor should FIRST review network:
A) topology diagrams.
B) bandwidth usage.
C) traffic analysis reports.
D) bottleneck locations.
3. While conducting an audit, an IS auditor detects the presence of a virus. What should be the IS auditor's next step?
A) Observe the response mechanism.
B) Clear the virus from the network.
C) Inform appropriate personnel immediately.
D) Ensure deletion of the virus.
4. A substantive test to verify that tape library inventory records are accurate is:
A) determining whether bar code readers are installed.
B) determining whether the movement of tapes is authorized.
C) conducting a physical count of the tape inventory.
D) checking if receipts and issues of tapes are accurately recorded.
5. When performing a computer forensic investigation, in regard to the evidence gathered, an IS auditor should be MOST concerned with:
A) analysis.
B) evaluation.
C) preservation.
D) disclosure.
A) Embedded audit module
B) Integrated test facility
C) Snapshots
D) Audit hooks
2. When assessing the design of network monitoring controls, an IS auditor should FIRST review network:
A) topology diagrams.
B) bandwidth usage.
C) traffic analysis reports.
D) bottleneck locations.
3. While conducting an audit, an IS auditor detects the presence of a virus. What should be the IS auditor's next step?
A) Observe the response mechanism.
B) Clear the virus from the network.
C) Inform appropriate personnel immediately.
D) Ensure deletion of the virus.
4. A substantive test to verify that tape library inventory records are accurate is:
A) determining whether bar code readers are installed.
B) determining whether the movement of tapes is authorized.
C) conducting a physical count of the tape inventory.
D) checking if receipts and issues of tapes are accurately recorded.
5. When performing a computer forensic investigation, in regard to the evidence gathered, an IS auditor should be MOST concerned with:
A) analysis.
B) evaluation.
C) preservation.
D) disclosure.
1. Right Answer: D
Explanation: The audit hook technique involves embedding code in application systems for the examination of selected transactions. This helps an IS auditor to act before an error or an irregularity gets out of hand. An embedded audit module involves embedding specially-written software in the organization's host application system so that application systems are monitored on a selective basis. An integrated test facility is used when it is not practical to use test data, and snapshots are used when an audit trail is required.
2. Right Answer: A
Explanation: The first step in assessing network monitoring controls should be the review of the adequacy of network documentation, specifically topology diagrams. If this information is not up to date, then monitoring processes and the ability to diagnose problems will not be effective.
3. Right Answer: C
Explanation: The first thing an IS auditor should do after detecting the virus is to alert the organization to its presence, then wait for their response. Choice A should be taken after choiceC. This will enable an IS auditor to examine the actual workability and effectiveness of the response system. An IS auditor should not make changes to the system being audited, and ensuring the deletion of the virus is a management responsibility.
4. Right Answer: C
Explanation: A substantive test includes gathering evidence to evaluate the integrity of individual transactions, data or other information. Conducting a physical count of the tape inventory is a substantive test. Choices A, B and D are compliance tests.
5. Right Answer: C
Explanation: Preservation and documentation of evidence for review by law enforcement and judicial authorities are of primary concern when conducting an investigation.Failure to properly preserve the evidence could jeopardize the acceptance of the evidence in legal proceedings. Analysis, evaluation and disclosure are important but not of primary concern in a forensic investigation.
Explanation: The audit hook technique involves embedding code in application systems for the examination of selected transactions. This helps an IS auditor to act before an error or an irregularity gets out of hand. An embedded audit module involves embedding specially-written software in the organization's host application system so that application systems are monitored on a selective basis. An integrated test facility is used when it is not practical to use test data, and snapshots are used when an audit trail is required.
2. Right Answer: A
Explanation: The first step in assessing network monitoring controls should be the review of the adequacy of network documentation, specifically topology diagrams. If this information is not up to date, then monitoring processes and the ability to diagnose problems will not be effective.
3. Right Answer: C
Explanation: The first thing an IS auditor should do after detecting the virus is to alert the organization to its presence, then wait for their response. Choice A should be taken after choiceC. This will enable an IS auditor to examine the actual workability and effectiveness of the response system. An IS auditor should not make changes to the system being audited, and ensuring the deletion of the virus is a management responsibility.
4. Right Answer: C
Explanation: A substantive test includes gathering evidence to evaluate the integrity of individual transactions, data or other information. Conducting a physical count of the tape inventory is a substantive test. Choices A, B and D are compliance tests.
5. Right Answer: C
Explanation: Preservation and documentation of evidence for review by law enforcement and judicial authorities are of primary concern when conducting an investigation.Failure to properly preserve the evidence could jeopardize the acceptance of the evidence in legal proceedings. Analysis, evaluation and disclosure are important but not of primary concern in a forensic investigation.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment