{"id":107050,"date":"2025-08-02T03:36:32","date_gmt":"2025-08-02T03:36:32","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=107050"},"modified":"2025-08-02T03:36:32","modified_gmt":"2025-08-02T03:36:32","slug":"cisa-free-dumps-part-3-q81-q120-are-available-online-to-help-you-continue-to-check-the-cisa-dumps-v20-02-prepare-well-with-the-most-updated-materials","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/cisa-free-dumps-part-3-q81-q120-are-available-online-to-help-you-continue-to-check-the-cisa-dumps-v20-02-prepare-well-with-the-most-updated-materials.html","title":{"rendered":"CISA Free Dumps (Part 3, Q81-Q120) Are Available Online to Help You Continue to Check the CISA Dumps (V20.02): Prepare Well with the Most Updated Materials"},"content":{"rendered":"<p>We always share the free dumps online with a set of free demo questions. Once you are satisfied with the CISA free dumps, you can buy the most current CISA dumps (V20.02) from DumpsBase and start learning to clear the Certified Information Systems Auditor (CISA) exam. You can check the free dumps online first:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.dumpsbase.com\/freedumps\/use-updated-cisa-dumps-v20-02-to-prepare-for-your-certified-information-systems-auditor-cisa-exam-on-your-terms-check-cisa-free-dumps-part-1-q1-q40-online.html\"><em>CISA free dumps (Part 1, Q1-Q40) of V20.02<\/em><\/a><\/li>\n<li><a href=\"https:\/\/www.dumpsbase.com\/freedumps\/cisa-dumps-v20-02-are-valid-for-exam-preparation-check-cisa-free-dumps-part-2-q41-q80-first.html\"><em>CISA free dumps (Part 2, Q41-Q80) of V20.02<\/em><\/a><\/li>\n<\/ul>\n<p>Read these demo questions to check the quality. Furthermore, to enhance your expertise, take advantage of free updates and prepare with the latest exam questions. Achieve satisfactory results by utilizing our CISA dumps (V20.02) and try a demo to evaluate the quality. By incorporating our exam questions and answers into your exam practice and seeking assistance from experienced experts, who are available 24\/7 to support our clients, you can confidently achieve a 100% success rate in the Certified Information Systems Auditor (CISA) certification exam.<\/p>\n<p><!-- notionvc: 71b26fe9-9403-4b4e-a213-58c0848117d0 --><\/p>\n<h2>Continue to check the <em><span style=\"background-color: #00ff00;\">CISA free dumps (Part 3, Q81-Q120) of V20.02 below<\/span><\/em> to verify the quality:<\/h2>\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam9722\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-9722\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-9722\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-388119'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>Cross-site scripting (XSS) attacks are BEST prevented through:<\/div><input type='hidden' name='question_id[]' id='qID_1' value='388119' \/><input type='hidden' id='answerType388119' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388119[]' id='answer-id-1509356' class='answer   answerof-388119 ' value='1509356'   \/><label for='answer-id-1509356' id='answer-label-1509356' class=' answer'><span>application firewall policy settings.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388119[]' id='answer-id-1509357' class='answer   answerof-388119 ' value='1509357'   \/><label for='answer-id-1509357' id='answer-label-1509357' class=' answer'><span>a three-tier web architecture.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388119[]' id='answer-id-1509358' class='answer   answerof-388119 ' value='1509358'   \/><label for='answer-id-1509358' id='answer-label-1509358' class=' answer'><span>secure coding practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388119[]' id='answer-id-1509359' class='answer   answerof-388119 ' value='1509359'   \/><label for='answer-id-1509359' id='answer-label-1509359' class=' answer'><span>use of common industry frameworks.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-388120'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?<\/div><input type='hidden' name='question_id[]' id='qID_2' value='388120' \/><input type='hidden' id='answerType388120' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388120[]' id='answer-id-1509360' class='answer   answerof-388120 ' value='1509360'   \/><label for='answer-id-1509360' id='answer-label-1509360' class=' answer'><span>Implementation plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388120[]' id='answer-id-1509361' class='answer   answerof-388120 ' value='1509361'   \/><label for='answer-id-1509361' id='answer-label-1509361' class=' answer'><span>Project budget provisions<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388120[]' id='answer-id-1509362' class='answer   answerof-388120 ' value='1509362'   \/><label for='answer-id-1509362' id='answer-label-1509362' class=' answer'><span>Requirements analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388120[]' id='answer-id-1509363' class='answer   answerof-388120 ' value='1509363'   \/><label for='answer-id-1509363' id='answer-label-1509363' class=' answer'><span>Project plan<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-388121'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>An organization has outsourced its data processing function to a service provider. <br \/>\r<br>Which of the following would BEST determine whether the service provider continues to meet the organization s objectives?<\/div><input type='hidden' name='question_id[]' id='qID_3' value='388121' \/><input type='hidden' id='answerType388121' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388121[]' id='answer-id-1509364' class='answer   answerof-388121 ' value='1509364'   \/><label for='answer-id-1509364' id='answer-label-1509364' class=' answer'><span>Assessment of the personnel training processes of the provider<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388121[]' id='answer-id-1509365' class='answer   answerof-388121 ' value='1509365'   \/><label for='answer-id-1509365' id='answer-label-1509365' class=' answer'><span>Adequacy of the service provider's insurance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388121[]' id='answer-id-1509366' class='answer   answerof-388121 ' value='1509366'   \/><label for='answer-id-1509366' id='answer-label-1509366' class=' answer'><span>Review of performance against service level agreements (SLAs)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388121[]' id='answer-id-1509367' class='answer   answerof-388121 ' value='1509367'   \/><label for='answer-id-1509367' id='answer-label-1509367' class=' answer'><span>Periodic audits of controls by an independent auditor<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-388122'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>When implementing Internet Protocol security (IPsec) architecture, the servers involved in application delivery:<\/div><input type='hidden' name='question_id[]' id='qID_4' value='388122' \/><input type='hidden' id='answerType388122' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388122[]' id='answer-id-1509368' class='answer   answerof-388122 ' value='1509368'   \/><label for='answer-id-1509368' id='answer-label-1509368' class=' answer'><span>communicate via Transport Layer Security (TLS),<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388122[]' id='answer-id-1509369' class='answer   answerof-388122 ' value='1509369'   \/><label for='answer-id-1509369' id='answer-label-1509369' class=' answer'><span>block authorized users from unauthorized activities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388122[]' id='answer-id-1509370' class='answer   answerof-388122 ' value='1509370'   \/><label for='answer-id-1509370' id='answer-label-1509370' class=' answer'><span>channel access only through the public-facing firewall.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388122[]' id='answer-id-1509371' class='answer   answerof-388122 ' value='1509371'   \/><label for='answer-id-1509371' id='answer-label-1509371' class=' answer'><span>channel access through authentication.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-388123'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>Coding standards provide which of the following?<\/div><input type='hidden' name='question_id[]' id='qID_5' value='388123' \/><input type='hidden' id='answerType388123' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388123[]' id='answer-id-1509372' class='answer   answerof-388123 ' value='1509372'   \/><label for='answer-id-1509372' id='answer-label-1509372' class=' answer'><span>Program documentation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388123[]' id='answer-id-1509373' class='answer   answerof-388123 ' value='1509373'   \/><label for='answer-id-1509373' id='answer-label-1509373' class=' answer'><span>Access control tables<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388123[]' id='answer-id-1509374' class='answer   answerof-388123 ' value='1509374'   \/><label for='answer-id-1509374' id='answer-label-1509374' class=' answer'><span>Data flow diagrams<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388123[]' id='answer-id-1509375' class='answer   answerof-388123 ' value='1509375'   \/><label for='answer-id-1509375' id='answer-label-1509375' class=' answer'><span>Field naming conventions<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-388124'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>Prior to a follow-up engagement, an IS auditor learns that management has decided to accept a level of residual risk related to an audit finding without remediation. The IS auditor is concerned about management's decision. <br \/>\r<br>Which of the following should be the IS auditor's NEXT course of action?<\/div><input type='hidden' name='question_id[]' id='qID_6' value='388124' \/><input type='hidden' id='answerType388124' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388124[]' id='answer-id-1509376' class='answer   answerof-388124 ' value='1509376'   \/><label for='answer-id-1509376' id='answer-label-1509376' class=' answer'><span>Accept management's decision and continue the follow-up.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388124[]' id='answer-id-1509377' class='answer   answerof-388124 ' value='1509377'   \/><label for='answer-id-1509377' id='answer-label-1509377' class=' answer'><span>Report the issue to IS audit management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388124[]' id='answer-id-1509378' class='answer   answerof-388124 ' value='1509378'   \/><label for='answer-id-1509378' id='answer-label-1509378' class=' answer'><span>Report the disagreement to the board.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388124[]' id='answer-id-1509379' class='answer   answerof-388124 ' value='1509379'   \/><label for='answer-id-1509379' id='answer-label-1509379' class=' answer'><span>Present the issue to executive management.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-388125'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>The PRIMARY benefit lo using a dry-pipe fire-suppression system rather than a wet-pipe system is that a dry-pipe system:<\/div><input type='hidden' name='question_id[]' id='qID_7' value='388125' \/><input type='hidden' id='answerType388125' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388125[]' id='answer-id-1509380' class='answer   answerof-388125 ' value='1509380'   \/><label for='answer-id-1509380' id='answer-label-1509380' class=' answer'><span>is more effective at suppressing flames.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388125[]' id='answer-id-1509381' class='answer   answerof-388125 ' value='1509381'   \/><label for='answer-id-1509381' id='answer-label-1509381' class=' answer'><span>allows more time to abort release of the suppressant.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388125[]' id='answer-id-1509382' class='answer   answerof-388125 ' value='1509382'   \/><label for='answer-id-1509382' id='answer-label-1509382' class=' answer'><span>has a decreased risk of leakage.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388125[]' id='answer-id-1509383' class='answer   answerof-388125 ' value='1509383'   \/><label for='answer-id-1509383' id='answer-label-1509383' class=' answer'><span>disperses dry chemical suppressants exclusively.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-388126'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>Which of the following is MOST important with regard to an application development acceptance test?<\/div><input type='hidden' name='question_id[]' id='qID_8' value='388126' \/><input type='hidden' id='answerType388126' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388126[]' id='answer-id-1509384' class='answer   answerof-388126 ' value='1509384'   \/><label for='answer-id-1509384' id='answer-label-1509384' class=' answer'><span>The programming team is involved in the testing process.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388126[]' id='answer-id-1509385' class='answer   answerof-388126 ' value='1509385'   \/><label for='answer-id-1509385' id='answer-label-1509385' class=' answer'><span>All data files are tested for valid information before conversion.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388126[]' id='answer-id-1509386' class='answer   answerof-388126 ' value='1509386'   \/><label for='answer-id-1509386' id='answer-label-1509386' class=' answer'><span>User management approves the test design before the test is started.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388126[]' id='answer-id-1509387' class='answer   answerof-388126 ' value='1509387'   \/><label for='answer-id-1509387' id='answer-label-1509387' class=' answer'><span>The quality assurance (QA) team is in charge of the testing process.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-388127'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>An organization's enterprise architecture (EA) department decides to change a legacy system's components while maintaining its original functionality. <br \/>\r<br>Which of the following is MOST important for an IS auditor to understand when reviewing this decision?<\/div><input type='hidden' name='question_id[]' id='qID_9' value='388127' \/><input type='hidden' id='answerType388127' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388127[]' id='answer-id-1509388' class='answer   answerof-388127 ' value='1509388'   \/><label for='answer-id-1509388' id='answer-label-1509388' class=' answer'><span>The current business capabilities delivered by the legacy system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388127[]' id='answer-id-1509389' class='answer   answerof-388127 ' value='1509389'   \/><label for='answer-id-1509389' id='answer-label-1509389' class=' answer'><span>The proposed network topology to be used by the redesigned system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388127[]' id='answer-id-1509390' class='answer   answerof-388127 ' value='1509390'   \/><label for='answer-id-1509390' id='answer-label-1509390' class=' answer'><span>The data flows between the components to be used by the redesigned system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388127[]' id='answer-id-1509391' class='answer   answerof-388127 ' value='1509391'   \/><label for='answer-id-1509391' id='answer-label-1509391' class=' answer'><span>The database entity relationships within the legacy system<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-388128'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>An IS auditor is evaluating an organization's IT strategy and plans. <br \/>\r<br>Which of the following would be of GREATEST concern?<\/div><input type='hidden' name='question_id[]' id='qID_10' value='388128' \/><input type='hidden' id='answerType388128' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388128[]' id='answer-id-1509392' class='answer   answerof-388128 ' value='1509392'   \/><label for='answer-id-1509392' id='answer-label-1509392' class=' answer'><span>There is not a defined IT security policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388128[]' id='answer-id-1509393' class='answer   answerof-388128 ' value='1509393'   \/><label for='answer-id-1509393' id='answer-label-1509393' class=' answer'><span>The business strategy meeting minutes are not distributed.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388128[]' id='answer-id-1509394' class='answer   answerof-388128 ' value='1509394'   \/><label for='answer-id-1509394' id='answer-label-1509394' class=' answer'><span>IT is not engaged in business strategic planning.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388128[]' id='answer-id-1509395' class='answer   answerof-388128 ' value='1509395'   \/><label for='answer-id-1509395' id='answer-label-1509395' class=' answer'><span>There is inadequate documentation of IT strategic planning.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-388129'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:<\/div><input type='hidden' name='question_id[]' id='qID_11' value='388129' \/><input type='hidden' id='answerType388129' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388129[]' id='answer-id-1509396' class='answer   answerof-388129 ' value='1509396'   \/><label for='answer-id-1509396' id='answer-label-1509396' class=' answer'><span>the Internet.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388129[]' id='answer-id-1509397' class='answer   answerof-388129 ' value='1509397'   \/><label for='answer-id-1509397' id='answer-label-1509397' class=' answer'><span>the demilitarized zone (DMZ).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388129[]' id='answer-id-1509398' class='answer   answerof-388129 ' value='1509398'   \/><label for='answer-id-1509398' id='answer-label-1509398' class=' answer'><span>the organization's web server.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388129[]' id='answer-id-1509399' class='answer   answerof-388129 ' value='1509399'   \/><label for='answer-id-1509399' id='answer-label-1509399' class=' answer'><span>the organization's network.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-388130'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>An IS auditor is reviewing an organization's information asset management process. <br \/>\r<br>Which of the following would be of GREATEST concern to the auditor?<\/div><input type='hidden' name='question_id[]' id='qID_12' value='388130' \/><input type='hidden' id='answerType388130' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388130[]' id='answer-id-1509400' class='answer   answerof-388130 ' value='1509400'   \/><label for='answer-id-1509400' id='answer-label-1509400' class=' answer'><span>The process does not require specifying the physical locations of assets.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388130[]' id='answer-id-1509401' class='answer   answerof-388130 ' value='1509401'   \/><label for='answer-id-1509401' id='answer-label-1509401' class=' answer'><span>Process ownership has not been established.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388130[]' id='answer-id-1509402' class='answer   answerof-388130 ' value='1509402'   \/><label for='answer-id-1509402' id='answer-label-1509402' class=' answer'><span>The process does not include asset review.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388130[]' id='answer-id-1509403' class='answer   answerof-388130 ' value='1509403'   \/><label for='answer-id-1509403' id='answer-label-1509403' class=' answer'><span>Identification of asset value is not included in the process.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-388131'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>An IS audit reveals that an organization is not proactively addressing known vulnerabilities. <br \/>\r<br>Which of the following should the IS auditor recommend the organization do FIRST?<\/div><input type='hidden' name='question_id[]' id='qID_13' value='388131' \/><input type='hidden' id='answerType388131' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388131[]' id='answer-id-1509404' class='answer   answerof-388131 ' value='1509404'   \/><label for='answer-id-1509404' id='answer-label-1509404' class=' answer'><span>Verify the disaster recovery plan (DRP) has been tested.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388131[]' id='answer-id-1509405' class='answer   answerof-388131 ' value='1509405'   \/><label for='answer-id-1509405' id='answer-label-1509405' class=' answer'><span>Ensure the intrusion prevention system (IPS) is effective.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388131[]' id='answer-id-1509406' class='answer   answerof-388131 ' value='1509406'   \/><label for='answer-id-1509406' id='answer-label-1509406' class=' answer'><span>Assess the security risks to the business.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388131[]' id='answer-id-1509407' class='answer   answerof-388131 ' value='1509407'   \/><label for='answer-id-1509407' id='answer-label-1509407' class=' answer'><span>Confirm the incident response team understands the issue.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-388132'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?<\/div><input type='hidden' name='question_id[]' id='qID_14' value='388132' \/><input type='hidden' id='answerType388132' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388132[]' id='answer-id-1509408' class='answer   answerof-388132 ' value='1509408'   \/><label for='answer-id-1509408' id='answer-label-1509408' class=' answer'><span>Rotate job duties periodically.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388132[]' id='answer-id-1509409' class='answer   answerof-388132 ' value='1509409'   \/><label for='answer-id-1509409' id='answer-label-1509409' class=' answer'><span>Perform an independent audit.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388132[]' id='answer-id-1509410' class='answer   answerof-388132 ' value='1509410'   \/><label for='answer-id-1509410' id='answer-label-1509410' class=' answer'><span>Hire temporary staff.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388132[]' id='answer-id-1509411' class='answer   answerof-388132 ' value='1509411'   \/><label for='answer-id-1509411' id='answer-label-1509411' class=' answer'><span>Implement compensating controls.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-388133'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>An organization's security policy mandates that all new employees must receive appropriate security awareness training. <br \/>\r<br>Which of the following metrics would BEST assure compliance with this policy?<\/div><input type='hidden' name='question_id[]' id='qID_15' value='388133' \/><input type='hidden' id='answerType388133' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388133[]' id='answer-id-1509412' class='answer   answerof-388133 ' value='1509412'   \/><label for='answer-id-1509412' id='answer-label-1509412' class=' answer'><span>Percentage of new hires that have completed the training.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388133[]' id='answer-id-1509413' class='answer   answerof-388133 ' value='1509413'   \/><label for='answer-id-1509413' id='answer-label-1509413' class=' answer'><span>Number of new hires who have violated enterprise security policies.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388133[]' id='answer-id-1509414' class='answer   answerof-388133 ' value='1509414'   \/><label for='answer-id-1509414' id='answer-label-1509414' class=' answer'><span>Number of reported incidents by new hires.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388133[]' id='answer-id-1509415' class='answer   answerof-388133 ' value='1509415'   \/><label for='answer-id-1509415' id='answer-label-1509415' class=' answer'><span>Percentage of new hires who report incidents<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-388134'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>An IS auditor is following up on prior period items and finds management did not address an audit finding. <br \/>\r<br>Which of the following should be the IS auditor's NEXT course of action?<\/div><input type='hidden' name='question_id[]' id='qID_16' value='388134' \/><input type='hidden' id='answerType388134' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388134[]' id='answer-id-1509416' class='answer   answerof-388134 ' value='1509416'   \/><label for='answer-id-1509416' id='answer-label-1509416' class=' answer'><span>Note the exception in a new report as the item was not addressed by management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388134[]' id='answer-id-1509417' class='answer   answerof-388134 ' value='1509417'   \/><label for='answer-id-1509417' id='answer-label-1509417' class=' answer'><span>Recommend alternative solutions to address the repeat finding.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388134[]' id='answer-id-1509418' class='answer   answerof-388134 ' value='1509418'   \/><label for='answer-id-1509418' id='answer-label-1509418' class=' answer'><span>Conduct a risk assessment of the repeat finding.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388134[]' id='answer-id-1509419' class='answer   answerof-388134 ' value='1509419'   \/><label for='answer-id-1509419' id='answer-label-1509419' class=' answer'><span>Interview management to determine why the finding was not addressed.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-388135'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>Which of the following tests would provide the BEST assurance that a health care organization is handling patient data appropriately?<\/div><input type='hidden' name='question_id[]' id='qID_17' value='388135' \/><input type='hidden' id='answerType388135' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388135[]' id='answer-id-1509420' class='answer   answerof-388135 ' value='1509420'   \/><label for='answer-id-1509420' id='answer-label-1509420' class=' answer'><span>Compliance with action plans resulting from recent audits<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388135[]' id='answer-id-1509421' class='answer   answerof-388135 ' value='1509421'   \/><label for='answer-id-1509421' id='answer-label-1509421' class=' answer'><span>Compliance with local laws and regulations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388135[]' id='answer-id-1509422' class='answer   answerof-388135 ' value='1509422'   \/><label for='answer-id-1509422' id='answer-label-1509422' class=' answer'><span>Compliance with industry standards and best practice<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388135[]' id='answer-id-1509423' class='answer   answerof-388135 ' value='1509423'   \/><label for='answer-id-1509423' id='answer-label-1509423' class=' answer'><span>Compliance with the organization's policies and procedures<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-388136'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>An organization allows employees to retain confidential data on personal mobile devices. <br \/>\r<br>Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?<\/div><input type='hidden' name='question_id[]' id='qID_18' value='388136' \/><input type='hidden' id='answerType388136' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388136[]' id='answer-id-1509424' class='answer   answerof-388136 ' value='1509424'   \/><label for='answer-id-1509424' id='answer-label-1509424' class=' answer'><span>Require employees to attend security awareness training.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388136[]' id='answer-id-1509425' class='answer   answerof-388136 ' value='1509425'   \/><label for='answer-id-1509425' id='answer-label-1509425' class=' answer'><span>Password protect critical data files.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388136[]' id='answer-id-1509426' class='answer   answerof-388136 ' value='1509426'   \/><label for='answer-id-1509426' id='answer-label-1509426' class=' answer'><span>Configure to auto-wipe after multiple failed access attempts.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388136[]' id='answer-id-1509427' class='answer   answerof-388136 ' value='1509427'   \/><label for='answer-id-1509427' id='answer-label-1509427' class=' answer'><span>Enable device auto-lock function.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-388137'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>Which of the following demonstrates the use of data analytics for a loan origination process?<\/div><input type='hidden' name='question_id[]' id='qID_19' value='388137' \/><input type='hidden' id='answerType388137' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388137[]' id='answer-id-1509428' class='answer   answerof-388137 ' value='1509428'   \/><label for='answer-id-1509428' id='answer-label-1509428' class=' answer'><span>Evaluating whether loan records are included in the batch file and are validated by the servicing system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388137[]' id='answer-id-1509429' class='answer   answerof-388137 ' value='1509429'   \/><label for='answer-id-1509429' id='answer-label-1509429' class=' answer'><span>Comparing a population of loans input in the origination system to loans booked on the servicing system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388137[]' id='answer-id-1509430' class='answer   answerof-388137 ' value='1509430'   \/><label for='answer-id-1509430' id='answer-label-1509430' class=' answer'><span>Validating whether reconciliations between the two systems are performed and discrepancies are investigated<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388137[]' id='answer-id-1509431' class='answer   answerof-388137 ' value='1509431'   \/><label for='answer-id-1509431' id='answer-label-1509431' class=' answer'><span>Reviewing error handling controls to notify appropriate personnel in the event of a transmission failure<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-388138'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>Which of the following BEST indicates the effectiveness of an organization's risk management program?<\/div><input type='hidden' name='question_id[]' id='qID_20' value='388138' \/><input type='hidden' id='answerType388138' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388138[]' id='answer-id-1509432' class='answer   answerof-388138 ' value='1509432'   \/><label for='answer-id-1509432' id='answer-label-1509432' class=' answer'><span>Inherent risk is eliminated.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388138[]' id='answer-id-1509433' class='answer   answerof-388138 ' value='1509433'   \/><label for='answer-id-1509433' id='answer-label-1509433' class=' answer'><span>Residual risk is minimized.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388138[]' id='answer-id-1509434' class='answer   answerof-388138 ' value='1509434'   \/><label for='answer-id-1509434' id='answer-label-1509434' class=' answer'><span>Control risk is minimized.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388138[]' id='answer-id-1509435' class='answer   answerof-388138 ' value='1509435'   \/><label for='answer-id-1509435' id='answer-label-1509435' class=' answer'><span>Overall risk is quantified.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-21' style=';'><div id='questionWrap-21'  class='   watupro-question-id-388139'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>21. <\/span>An IS auditor has been asked to assess the security of a recently migrated database system that contains personal and financial data for a bank's customers. <br \/>\r<br>Which of the following controls is MOST important for the auditor to confirm is in place?<\/div><input type='hidden' name='question_id[]' id='qID_21' value='388139' \/><input type='hidden' id='answerType388139' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388139[]' id='answer-id-1509436' class='answer   answerof-388139 ' value='1509436'   \/><label for='answer-id-1509436' id='answer-label-1509436' class=' answer'><span>The default configurations have been changed.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388139[]' id='answer-id-1509437' class='answer   answerof-388139 ' value='1509437'   \/><label for='answer-id-1509437' id='answer-label-1509437' class=' answer'><span>All tables in the database are normalized.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388139[]' id='answer-id-1509438' class='answer   answerof-388139 ' value='1509438'   \/><label for='answer-id-1509438' id='answer-label-1509438' class=' answer'><span>The service port used by the database server has been changed.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388139[]' id='answer-id-1509439' class='answer   answerof-388139 ' value='1509439'   \/><label for='answer-id-1509439' id='answer-label-1509439' class=' answer'><span>The default administration account is used after changing the account password.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-22' style=';'><div id='questionWrap-22'  class='   watupro-question-id-388140'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>22. <\/span>Which of the following is the BEST justification for deferring remediation testing until the next audit?<\/div><input type='hidden' name='question_id[]' id='qID_22' value='388140' \/><input type='hidden' id='answerType388140' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388140[]' id='answer-id-1509440' class='answer   answerof-388140 ' value='1509440'   \/><label for='answer-id-1509440' id='answer-label-1509440' class=' answer'><span>The auditor who conducted the audit and agreed with the timeline has left the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388140[]' id='answer-id-1509441' class='answer   answerof-388140 ' value='1509441'   \/><label for='answer-id-1509441' id='answer-label-1509441' class=' answer'><span>Management's planned actions are sufficient given the relative importance of the observations.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388140[]' id='answer-id-1509442' class='answer   answerof-388140 ' value='1509442'   \/><label for='answer-id-1509442' id='answer-label-1509442' class=' answer'><span>Auditee management has accepted all observations reported by the auditor.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388140[]' id='answer-id-1509443' class='answer   answerof-388140 ' value='1509443'   \/><label for='answer-id-1509443' id='answer-label-1509443' class=' answer'><span>The audit environment has changed significantly.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-23' style=';'><div id='questionWrap-23'  class='   watupro-question-id-388141'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>23. <\/span>What is BEST for an IS auditor to review when assessing the effectiveness of changes recently made to processes and tools related to an organization's business continuity plan (BCP)?<\/div><input type='hidden' name='question_id[]' id='qID_23' value='388141' \/><input type='hidden' id='answerType388141' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388141[]' id='answer-id-1509444' class='answer   answerof-388141 ' value='1509444'   \/><label for='answer-id-1509444' id='answer-label-1509444' class=' answer'><span>Full test results<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388141[]' id='answer-id-1509445' class='answer   answerof-388141 ' value='1509445'   \/><label for='answer-id-1509445' id='answer-label-1509445' class=' answer'><span>Completed test plans<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388141[]' id='answer-id-1509446' class='answer   answerof-388141 ' value='1509446'   \/><label for='answer-id-1509446' id='answer-label-1509446' class=' answer'><span>Updated inventory of systems<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388141[]' id='answer-id-1509447' class='answer   answerof-388141 ' value='1509447'   \/><label for='answer-id-1509447' id='answer-label-1509447' class=' answer'><span>Change management processes<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-24' style=';'><div id='questionWrap-24'  class='   watupro-question-id-388142'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>24. <\/span>During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. <br \/>\r<br>What is the auditor's BEST course of action?<\/div><input type='hidden' name='question_id[]' id='qID_24' value='388142' \/><input type='hidden' id='answerType388142' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388142[]' id='answer-id-1509448' class='answer   answerof-388142 ' value='1509448'   \/><label for='answer-id-1509448' id='answer-label-1509448' class=' answer'><span>Notify the chair of the audit committee.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388142[]' id='answer-id-1509449' class='answer   answerof-388142 ' value='1509449'   \/><label for='answer-id-1509449' id='answer-label-1509449' class=' answer'><span>Notify the audit manager.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388142[]' id='answer-id-1509450' class='answer   answerof-388142 ' value='1509450'   \/><label for='answer-id-1509450' id='answer-label-1509450' class=' answer'><span>Retest the control.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388142[]' id='answer-id-1509451' class='answer   answerof-388142 ' value='1509451'   \/><label for='answer-id-1509451' id='answer-label-1509451' class=' answer'><span>Close the audit finding.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-25' style=';'><div id='questionWrap-25'  class='   watupro-question-id-388143'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>25. <\/span>Which of the following is the BEST compensating control when segregation of duties is lacking in a small IS department?<\/div><input type='hidden' name='question_id[]' id='qID_25' value='388143' \/><input type='hidden' id='answerType388143' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388143[]' id='answer-id-1509452' class='answer   answerof-388143 ' value='1509452'   \/><label for='answer-id-1509452' id='answer-label-1509452' class=' answer'><span>Background checks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388143[]' id='answer-id-1509453' class='answer   answerof-388143 ' value='1509453'   \/><label for='answer-id-1509453' id='answer-label-1509453' class=' answer'><span>User awareness training<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388143[]' id='answer-id-1509454' class='answer   answerof-388143 ' value='1509454'   \/><label for='answer-id-1509454' id='answer-label-1509454' class=' answer'><span>Transaction log review<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388143[]' id='answer-id-1509455' class='answer   answerof-388143 ' value='1509455'   \/><label for='answer-id-1509455' id='answer-label-1509455' class=' answer'><span>Mandatory holidays<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-26' style=';'><div id='questionWrap-26'  class='   watupro-question-id-388144'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>26. <\/span>Which of the following would BEST determine whether a post-implementation review (PIR) performed by the project management office (PMO) was effective?<\/div><input type='hidden' name='question_id[]' id='qID_26' value='388144' \/><input type='hidden' id='answerType388144' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388144[]' id='answer-id-1509456' class='answer   answerof-388144 ' value='1509456'   \/><label for='answer-id-1509456' id='answer-label-1509456' class=' answer'><span>Lessons learned were implemented.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388144[]' id='answer-id-1509457' class='answer   answerof-388144 ' value='1509457'   \/><label for='answer-id-1509457' id='answer-label-1509457' class=' answer'><span>Management approved the PIR report.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388144[]' id='answer-id-1509458' class='answer   answerof-388144 ' value='1509458'   \/><label for='answer-id-1509458' id='answer-label-1509458' class=' answer'><span>The review was performed by an external provider.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388144[]' id='answer-id-1509459' class='answer   answerof-388144 ' value='1509459'   \/><label for='answer-id-1509459' id='answer-label-1509459' class=' answer'><span>Project outcomes have been realized.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-27' style=';'><div id='questionWrap-27'  class='   watupro-question-id-388145'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>27. <\/span>Which of the following is MOST important for an IS auditor to examine when reviewing an organization's privacy policy?<\/div><input type='hidden' name='question_id[]' id='qID_27' value='388145' \/><input type='hidden' id='answerType388145' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388145[]' id='answer-id-1509460' class='answer   answerof-388145 ' value='1509460'   \/><label for='answer-id-1509460' id='answer-label-1509460' class=' answer'><span>Whether there is explicit permission from regulators to collect personal data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388145[]' id='answer-id-1509461' class='answer   answerof-388145 ' value='1509461'   \/><label for='answer-id-1509461' id='answer-label-1509461' class=' answer'><span>The organization's legitimate purpose for collecting personal data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388145[]' id='answer-id-1509462' class='answer   answerof-388145 ' value='1509462'   \/><label for='answer-id-1509462' id='answer-label-1509462' class=' answer'><span>Whether sharing of personal information with third-party service providers is prohibited<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388145[]' id='answer-id-1509463' class='answer   answerof-388145 ' value='1509463'   \/><label for='answer-id-1509463' id='answer-label-1509463' class=' answer'><span>The encryption mechanism selected by the organization for protecting personal data<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-28' style=';'><div id='questionWrap-28'  class='   watupro-question-id-388146'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>28. <\/span>Which of the following is the GREATEST concern associated with a high number of IT policy exceptions approved by management?<\/div><input type='hidden' name='question_id[]' id='qID_28' value='388146' \/><input type='hidden' id='answerType388146' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388146[]' id='answer-id-1509464' class='answer   answerof-388146 ' value='1509464'   \/><label for='answer-id-1509464' id='answer-label-1509464' class=' answer'><span>The exceptions are likely to continue indefinitely.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388146[]' id='answer-id-1509465' class='answer   answerof-388146 ' value='1509465'   \/><label for='answer-id-1509465' id='answer-label-1509465' class=' answer'><span>The exceptions may result in noncompliance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388146[]' id='answer-id-1509466' class='answer   answerof-388146 ' value='1509466'   \/><label for='answer-id-1509466' id='answer-label-1509466' class=' answer'><span>The exceptions may elevate the level of operational risk.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388146[]' id='answer-id-1509467' class='answer   answerof-388146 ' value='1509467'   \/><label for='answer-id-1509467' id='answer-label-1509467' class=' answer'><span>The exceptions may negatively impact process efficiency.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-29' style=';'><div id='questionWrap-29'  class='   watupro-question-id-388147'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>29. <\/span>During a new system implementation, an IS auditor has been assigned to review risk management at each milestone. The auditor finds that several risks to project benefits have not been addressed. <br \/>\r<br>Who should be accountable for managing these risks?<\/div><input type='hidden' name='question_id[]' id='qID_29' value='388147' \/><input type='hidden' id='answerType388147' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388147[]' id='answer-id-1509468' class='answer   answerof-388147 ' value='1509468'   \/><label for='answer-id-1509468' id='answer-label-1509468' class=' answer'><span>Enterprise risk manager<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388147[]' id='answer-id-1509469' class='answer   answerof-388147 ' value='1509469'   \/><label for='answer-id-1509469' id='answer-label-1509469' class=' answer'><span>Project sponsor<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388147[]' id='answer-id-1509470' class='answer   answerof-388147 ' value='1509470'   \/><label for='answer-id-1509470' id='answer-label-1509470' class=' answer'><span>Information security officer<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388147[]' id='answer-id-1509471' class='answer   answerof-388147 ' value='1509471'   \/><label for='answer-id-1509471' id='answer-label-1509471' class=' answer'><span>Project manager<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-30' style=';'><div id='questionWrap-30'  class='   watupro-question-id-388148'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>30. <\/span>Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?<\/div><input type='hidden' name='question_id[]' id='qID_30' value='388148' \/><input type='hidden' id='answerType388148' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388148[]' id='answer-id-1509472' class='answer   answerof-388148 ' value='1509472'   \/><label for='answer-id-1509472' id='answer-label-1509472' class=' answer'><span>Conduct periodic on-site assessments using agreed-upon criteria.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388148[]' id='answer-id-1509473' class='answer   answerof-388148 ' value='1509473'   \/><label for='answer-id-1509473' id='answer-label-1509473' class=' answer'><span>Periodically review the service level agreement (SLA) with the vendor.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388148[]' id='answer-id-1509474' class='answer   answerof-388148 ' value='1509474'   \/><label for='answer-id-1509474' id='answer-label-1509474' class=' answer'><span>Conduct an unannounced vulnerability assessment of vendor's IT systems.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388148[]' id='answer-id-1509475' class='answer   answerof-388148 ' value='1509475'   \/><label for='answer-id-1509475' id='answer-label-1509475' class=' answer'><span>Obtain evidence of the vendor's control self-assessment (CSA).<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-31' style=';'><div id='questionWrap-31'  class='   watupro-question-id-388149'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>31. <\/span>While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed with the audit function. <br \/>\r<br>In order to resolve the situation, the IS auditor's BEST course of action would be to:<\/div><input type='hidden' name='question_id[]' id='qID_31' value='388149' \/><input type='hidden' id='answerType388149' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388149[]' id='answer-id-1509476' class='answer   answerof-388149 ' value='1509476'   \/><label for='answer-id-1509476' id='answer-label-1509476' class=' answer'><span>re-prioritize the original issue as high risk and escalate to senior management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388149[]' id='answer-id-1509477' class='answer   answerof-388149 ' value='1509477'   \/><label for='answer-id-1509477' id='answer-label-1509477' class=' answer'><span>schedule a follow-up audit in the next audit cycle.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388149[]' id='answer-id-1509478' class='answer   answerof-388149 ' value='1509478'   \/><label for='answer-id-1509478' id='answer-label-1509478' class=' answer'><span>postpone follow-up activities and escalate the alternative controls to senior audit management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388149[]' id='answer-id-1509479' class='answer   answerof-388149 ' value='1509479'   \/><label for='answer-id-1509479' id='answer-label-1509479' class=' answer'><span>determine whether the alternative controls sufficiently mitigate the risk.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-32' style=';'><div id='questionWrap-32'  class='   watupro-question-id-388150'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>32. <\/span>During an ongoing audit, management requests a briefing on the findings to date. <br \/>\r<br>Which of the following is the IS auditor's BEST course of action?<\/div><input type='hidden' name='question_id[]' id='qID_32' value='388150' \/><input type='hidden' id='answerType388150' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388150[]' id='answer-id-1509480' class='answer   answerof-388150 ' value='1509480'   \/><label for='answer-id-1509480' id='answer-label-1509480' class=' answer'><span>Review working papers with the auditee.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388150[]' id='answer-id-1509481' class='answer   answerof-388150 ' value='1509481'   \/><label for='answer-id-1509481' id='answer-label-1509481' class=' answer'><span>Request the auditee provide management responses.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388150[]' id='answer-id-1509482' class='answer   answerof-388150 ' value='1509482'   \/><label for='answer-id-1509482' id='answer-label-1509482' class=' answer'><span>Request management wait until a final report is ready for discussion.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388150[]' id='answer-id-1509483' class='answer   answerof-388150 ' value='1509483'   \/><label for='answer-id-1509483' id='answer-label-1509483' class=' answer'><span>Present observations for discussion only.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-33' style=';'><div id='questionWrap-33'  class='   watupro-question-id-388151'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>33. <\/span>Which of the following is the PRIMARY concern when negotiating a contract for a hot site?<\/div><input type='hidden' name='question_id[]' id='qID_33' value='388151' \/><input type='hidden' id='answerType388151' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388151[]' id='answer-id-1509484' class='answer   answerof-388151 ' value='1509484'   \/><label for='answer-id-1509484' id='answer-label-1509484' class=' answer'><span>Availability of the site in the event of multiple disaster declarations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388151[]' id='answer-id-1509485' class='answer   answerof-388151 ' value='1509485'   \/><label for='answer-id-1509485' id='answer-label-1509485' class=' answer'><span>Coordination with the site staff in the event of multiple disaster declarations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388151[]' id='answer-id-1509486' class='answer   answerof-388151 ' value='1509486'   \/><label for='answer-id-1509486' id='answer-label-1509486' class=' answer'><span>Reciprocal agreements with other organizations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388151[]' id='answer-id-1509487' class='answer   answerof-388151 ' value='1509487'   \/><label for='answer-id-1509487' id='answer-label-1509487' class=' answer'><span>Complete testing of the recovery plan<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-34' style=';'><div id='questionWrap-34'  class='   watupro-question-id-388152'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>34. <\/span>Which of the following is MOST important for an IS auditor to review when evaluating the accuracy of a spreadsheet that contains several macros?<\/div><input type='hidden' name='question_id[]' id='qID_34' value='388152' \/><input type='hidden' id='answerType388152' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388152[]' id='answer-id-1509488' class='answer   answerof-388152 ' value='1509488'   \/><label for='answer-id-1509488' id='answer-label-1509488' class=' answer'><span>Encryption of the spreadsheet<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388152[]' id='answer-id-1509489' class='answer   answerof-388152 ' value='1509489'   \/><label for='answer-id-1509489' id='answer-label-1509489' class=' answer'><span>Version history<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388152[]' id='answer-id-1509490' class='answer   answerof-388152 ' value='1509490'   \/><label for='answer-id-1509490' id='answer-label-1509490' class=' answer'><span>Formulas within macros<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388152[]' id='answer-id-1509491' class='answer   answerof-388152 ' value='1509491'   \/><label for='answer-id-1509491' id='answer-label-1509491' class=' answer'><span>Reconciliation of key calculations<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-35' style=';'><div id='questionWrap-35'  class='   watupro-question-id-388153'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>35. <\/span>Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?<\/div><input type='hidden' name='question_id[]' id='qID_35' value='388153' \/><input type='hidden' id='answerType388153' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388153[]' id='answer-id-1509492' class='answer   answerof-388153 ' value='1509492'   \/><label for='answer-id-1509492' id='answer-label-1509492' class=' answer'><span>Periodic vendor reviews<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388153[]' id='answer-id-1509493' class='answer   answerof-388153 ' value='1509493'   \/><label for='answer-id-1509493' id='answer-label-1509493' class=' answer'><span>Dual control<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388153[]' id='answer-id-1509494' class='answer   answerof-388153 ' value='1509494'   \/><label for='answer-id-1509494' id='answer-label-1509494' class=' answer'><span>Independent reconciliation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388153[]' id='answer-id-1509495' class='answer   answerof-388153 ' value='1509495'   \/><label for='answer-id-1509495' id='answer-label-1509495' class=' answer'><span>Re-keying of monetary amounts<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388153[]' id='answer-id-1509496' class='answer   answerof-388153 ' value='1509496'   \/><label for='answer-id-1509496' id='answer-label-1509496' class=' answer'><span>Engage an external security incident response expert for incident handling.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-36' style=';'><div id='questionWrap-36'  class='   watupro-question-id-388154'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>36. <\/span>A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. <br \/>\r<br>Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?<\/div><input type='hidden' name='question_id[]' id='qID_36' value='388154' \/><input type='hidden' id='answerType388154' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388154[]' id='answer-id-1509497' class='answer   answerof-388154 ' value='1509497'   \/><label for='answer-id-1509497' id='answer-label-1509497' class=' answer'><span>Include the requirement in the incident management response plan.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388154[]' id='answer-id-1509498' class='answer   answerof-388154 ' value='1509498'   \/><label for='answer-id-1509498' id='answer-label-1509498' class=' answer'><span>Establish key performance indicators (KPIs) for timely identification of security incidents.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388154[]' id='answer-id-1509499' class='answer   answerof-388154 ' value='1509499'   \/><label for='answer-id-1509499' id='answer-label-1509499' class=' answer'><span>Enhance the alert functionality of the intrusion detection system (IDS).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388154[]' id='answer-id-1509500' class='answer   answerof-388154 ' value='1509500'   \/><label for='answer-id-1509500' id='answer-label-1509500' class=' answer'><span>Engage an external security incident response expert for incident handling.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-37' style=';'><div id='questionWrap-37'  class='   watupro-question-id-388155'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>37. <\/span>An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner. <br \/>\r<br>Which of the following is the auditor's BEST recommendation?<\/div><input type='hidden' name='question_id[]' id='qID_37' value='388155' \/><input type='hidden' id='answerType388155' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388155[]' id='answer-id-1509501' class='answer   answerof-388155 ' value='1509501'   \/><label for='answer-id-1509501' id='answer-label-1509501' class=' answer'><span>Increase the capacity of existing systems.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388155[]' id='answer-id-1509502' class='answer   answerof-388155 ' value='1509502'   \/><label for='answer-id-1509502' id='answer-label-1509502' class=' answer'><span>Upgrade hardware to newer technology.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388155[]' id='answer-id-1509503' class='answer   answerof-388155 ' value='1509503'   \/><label for='answer-id-1509503' id='answer-label-1509503' class=' answer'><span>Hire temporary contract workers for the IT function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388155[]' id='answer-id-1509504' class='answer   answerof-388155 ' value='1509504'   \/><label for='answer-id-1509504' id='answer-label-1509504' class=' answer'><span>Build a virtual environment.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-38' style=';'><div id='questionWrap-38'  class='   watupro-question-id-388156'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>38. <\/span>An IS auditor who was instrumental in designing an application is called upon to review the application. <br \/>\r<br>The auditor should:<\/div><input type='hidden' name='question_id[]' id='qID_38' value='388156' \/><input type='hidden' id='answerType388156' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388156[]' id='answer-id-1509505' class='answer   answerof-388156 ' value='1509505'   \/><label for='answer-id-1509505' id='answer-label-1509505' class=' answer'><span>refuse the assignment to avoid conflict of interest.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388156[]' id='answer-id-1509506' class='answer   answerof-388156 ' value='1509506'   \/><label for='answer-id-1509506' id='answer-label-1509506' class=' answer'><span>use the knowledge of the application to carry out the audit.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388156[]' id='answer-id-1509507' class='answer   answerof-388156 ' value='1509507'   \/><label for='answer-id-1509507' id='answer-label-1509507' class=' answer'><span>inform audit management of the earlier involvement.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388156[]' id='answer-id-1509508' class='answer   answerof-388156 ' value='1509508'   \/><label for='answer-id-1509508' id='answer-label-1509508' class=' answer'><span>modify the scope of the audit.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-39' style=';'><div id='questionWrap-39'  class='   watupro-question-id-388157'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>39. <\/span>Which of the following is the BEST method to prevent wire transfer fraud by bank employees?<\/div><input type='hidden' name='question_id[]' id='qID_39' value='388157' \/><input type='hidden' id='answerType388157' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388157[]' id='answer-id-1509509' class='answer   answerof-388157 ' value='1509509'   \/><label for='answer-id-1509509' id='answer-label-1509509' class=' answer'><span>Independent reconciliation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388157[]' id='answer-id-1509510' class='answer   answerof-388157 ' value='1509510'   \/><label for='answer-id-1509510' id='answer-label-1509510' class=' answer'><span>Re-keying of wire dollar amounts<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388157[]' id='answer-id-1509511' class='answer   answerof-388157 ' value='1509511'   \/><label for='answer-id-1509511' id='answer-label-1509511' class=' answer'><span>Two-factor authentication control<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388157[]' id='answer-id-1509512' class='answer   answerof-388157 ' value='1509512'   \/><label for='answer-id-1509512' id='answer-label-1509512' class=' answer'><span>System-enforced dual control<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-40' style=';'><div id='questionWrap-40'  class='   watupro-question-id-388158'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>40. <\/span>In a small IT web development company where developers must have write access to production, the BEST recommendation of an IS auditor would be to:<\/div><input type='hidden' name='question_id[]' id='qID_40' value='388158' \/><input type='hidden' id='answerType388158' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388158[]' id='answer-id-1509513' class='answer   answerof-388158 ' value='1509513'   \/><label for='answer-id-1509513' id='answer-label-1509513' class=' answer'><span>hire another person to perform migration to production.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388158[]' id='answer-id-1509514' class='answer   answerof-388158 ' value='1509514'   \/><label for='answer-id-1509514' id='answer-label-1509514' class=' answer'><span>implement continuous monitoring controls.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388158[]' id='answer-id-1509515' class='answer   answerof-388158 ' value='1509515'   \/><label for='answer-id-1509515' id='answer-label-1509515' class=' answer'><span>remove production access from the developers.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-388158[]' id='answer-id-1509516' class='answer   answerof-388158 ' value='1509516'   \/><label for='answer-id-1509516' id='answer-label-1509516' class=' answer'><span>perform a user access review for the development team<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-41'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons9722\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"9722\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-05-07 18:29:04\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1778178544\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"388119:1509356,1509357,1509358,1509359 | 388120:1509360,1509361,1509362,1509363 | 388121:1509364,1509365,1509366,1509367 | 388122:1509368,1509369,1509370,1509371 | 388123:1509372,1509373,1509374,1509375 | 388124:1509376,1509377,1509378,1509379 | 388125:1509380,1509381,1509382,1509383 | 388126:1509384,1509385,1509386,1509387 | 388127:1509388,1509389,1509390,1509391 | 388128:1509392,1509393,1509394,1509395 | 388129:1509396,1509397,1509398,1509399 | 388130:1509400,1509401,1509402,1509403 | 388131:1509404,1509405,1509406,1509407 | 388132:1509408,1509409,1509410,1509411 | 388133:1509412,1509413,1509414,1509415 | 388134:1509416,1509417,1509418,1509419 | 388135:1509420,1509421,1509422,1509423 | 388136:1509424,1509425,1509426,1509427 | 388137:1509428,1509429,1509430,1509431 | 388138:1509432,1509433,1509434,1509435 | 388139:1509436,1509437,1509438,1509439 | 388140:1509440,1509441,1509442,1509443 | 388141:1509444,1509445,1509446,1509447 | 388142:1509448,1509449,1509450,1509451 | 388143:1509452,1509453,1509454,1509455 | 388144:1509456,1509457,1509458,1509459 | 388145:1509460,1509461,1509462,1509463 | 388146:1509464,1509465,1509466,1509467 | 388147:1509468,1509469,1509470,1509471 | 388148:1509472,1509473,1509474,1509475 | 388149:1509476,1509477,1509478,1509479 | 388150:1509480,1509481,1509482,1509483 | 388151:1509484,1509485,1509486,1509487 | 388152:1509488,1509489,1509490,1509491 | 388153:1509492,1509493,1509494,1509495,1509496 | 388154:1509497,1509498,1509499,1509500 | 388155:1509501,1509502,1509503,1509504 | 388156:1509505,1509506,1509507,1509508 | 388157:1509509,1509510,1509511,1509512 | 388158:1509513,1509514,1509515,1509516\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"388119,388120,388121,388122,388123,388124,388125,388126,388127,388128,388129,388130,388131,388132,388133,388134,388135,388136,388137,388138,388139,388140,388141,388142,388143,388144,388145,388146,388147,388148,388149,388150,388151,388152,388153,388154,388155,388156,388157,388158\";\nWatuPROSettings[9722] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 9722;\t    \nWatuPRO.post_id = 107050;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.69757900 1778178544\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(9722);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\n","protected":false},"excerpt":{"rendered":"<p>We always share the free dumps online with a set of free demo questions. Once you are satisfied with the CISA free dumps, you can buy the most current CISA dumps (V20.02) from DumpsBase and start learning to clear the Certified Information Systems Auditor (CISA) exam. You can check the free dumps online first: CISA [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[430,429],"tags":[8619,19458],"class_list":["post-107050","post","type-post","status-publish","format-standard","hentry","category-cisa-certificaton","category-isaca","tag-cisa-free-dumps","tag-cisa-free-questions"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/107050","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=107050"}],"version-history":[{"count":1,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/107050\/revisions"}],"predecessor-version":[{"id":107051,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/107050\/revisions\/107051"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=107050"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=107050"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=107050"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}