{"id":49109,"date":"2023-01-28T07:44:00","date_gmt":"2023-01-28T07:44:00","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=49109"},"modified":"2023-01-13T07:50:18","modified_gmt":"2023-01-13T07:50:18","slug":"pass-the-certified-information-systems-auditor-cisa-exam-on-the-first-attempt-the-latest-cisa-dumps","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/pass-the-certified-information-systems-auditor-cisa-exam-on-the-first-attempt-the-latest-cisa-dumps.html","title":{"rendered":"Pass the Certified Information Systems Auditor (CISA) Exam on the First Attempt: The Latest CISA Dumps"},"content":{"rendered":"\n<p>Are you looking for a comprehensive study guide to prepare for the Certified Information Systems Auditor (CISA) exam well? Our latest CISA dumps are designed to help you pass the Certified Information Systems Auditor (CISA) exam on the first attempt. Our team has updated the CISA dumps with 501 practice exam questions and answers, and also offers free demo questions online, guaranteeing that with our dumps you will pass the CISA exam.\u00a0<\/p>\n<h2>Below are the CISA free demo questions for reading online:<\/h2>\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam6652\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-6652\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-6652\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-236348'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>Which of the following fire suppression systems needs to be combined with an automatic switch to shut down the electricity supply in the event of activation?<\/div><input type='hidden' name='question_id[]' id='qID_1' value='236348' \/><input type='hidden' id='answerType236348' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236348[]' id='answer-id-937860' class='answer   answerof-236348 ' value='937860'   \/><label for='answer-id-937860' id='answer-label-937860' class=' answer'><span>Carbon dioxide<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236348[]' id='answer-id-937861' class='answer   answerof-236348 ' value='937861'   \/><label for='answer-id-937861' id='answer-label-937861' class=' answer'><span>FM-200<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236348[]' id='answer-id-937862' class='answer   answerof-236348 ' value='937862'   \/><label for='answer-id-937862' id='answer-label-937862' class=' answer'><span>Dry pipe<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236348[]' id='answer-id-937863' class='answer   answerof-236348 ' value='937863'   \/><label for='answer-id-937863' id='answer-label-937863' class=' answer'><span>Halon<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-236349'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>Which of the following would MOST likely impair the independence of the IS auditor when performing a post-implementation review of an application system?<\/div><input type='hidden' name='question_id[]' id='qID_2' value='236349' \/><input type='hidden' id='answerType236349' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236349[]' id='answer-id-937864' class='answer   answerof-236349 ' value='937864'   \/><label for='answer-id-937864' id='answer-label-937864' class=' answer'><span>The IS auditor provided consulting advice concerning application system best practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236349[]' id='answer-id-937865' class='answer   answerof-236349 ' value='937865'   \/><label for='answer-id-937865' id='answer-label-937865' class=' answer'><span>The IS auditor participated as a member of the application system project team, but did not have operational responsibilities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236349[]' id='answer-id-937866' class='answer   answerof-236349 ' value='937866'   \/><label for='answer-id-937866' id='answer-label-937866' class=' answer'><span>The IS auditor designed an embedded audit module exclusively for auditing the application system.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236349[]' id='answer-id-937867' class='answer   answerof-236349 ' value='937867'   \/><label for='answer-id-937867' id='answer-label-937867' class=' answer'><span>The IS auditor implemented a specific control during the development of the application system.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-236350'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>Which of the following tests would provide the BEST assurance that a health care organization is handling patient data appropriately?<\/div><input type='hidden' name='question_id[]' id='qID_3' value='236350' \/><input type='hidden' id='answerType236350' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236350[]' id='answer-id-937868' class='answer   answerof-236350 ' value='937868'   \/><label for='answer-id-937868' id='answer-label-937868' class=' answer'><span>Compliance with action plans resulting from recent audits<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236350[]' id='answer-id-937869' class='answer   answerof-236350 ' value='937869'   \/><label for='answer-id-937869' id='answer-label-937869' class=' answer'><span>Compliance with local laws and regulations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236350[]' id='answer-id-937870' class='answer   answerof-236350 ' value='937870'   \/><label for='answer-id-937870' id='answer-label-937870' class=' answer'><span>Compliance with industry standards and best practice<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236350[]' id='answer-id-937871' class='answer   answerof-236350 ' value='937871'   \/><label for='answer-id-937871' id='answer-label-937871' class=' answer'><span>Compliance with the organization's policies and procedures<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-236351'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:<\/div><input type='hidden' name='question_id[]' id='qID_4' value='236351' \/><input type='hidden' id='answerType236351' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236351[]' id='answer-id-937872' class='answer   answerof-236351 ' value='937872'   \/><label for='answer-id-937872' id='answer-label-937872' class=' answer'><span>business impact analysis (BIA).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236351[]' id='answer-id-937873' class='answer   answerof-236351 ' value='937873'   \/><label for='answer-id-937873' id='answer-label-937873' class=' answer'><span>threat and risk assessment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236351[]' id='answer-id-937874' class='answer   answerof-236351 ' value='937874'   \/><label for='answer-id-937874' id='answer-label-937874' class=' answer'><span>business continuity plan (BCP).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236351[]' id='answer-id-937875' class='answer   answerof-236351 ' value='937875'   \/><label for='answer-id-937875' id='answer-label-937875' class=' answer'><span>disaster recovery plan (DRP).<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-236352'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>Which of the following is the MOST important prerequisite for the protection of physical information assets in a data center?<\/div><input type='hidden' name='question_id[]' id='qID_5' value='236352' \/><input type='hidden' id='answerType236352' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236352[]' id='answer-id-937876' class='answer   answerof-236352 ' value='937876'   \/><label for='answer-id-937876' id='answer-label-937876' class=' answer'><span>Segregation of duties between staff ordering and staff receiving information assets<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236352[]' id='answer-id-937877' class='answer   answerof-236352 ' value='937877'   \/><label for='answer-id-937877' id='answer-label-937877' class=' answer'><span>Complete and accurate list of information assets that have been deployed<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236352[]' id='answer-id-937878' class='answer   answerof-236352 ' value='937878'   \/><label for='answer-id-937878' id='answer-label-937878' class=' answer'><span>Availability and testing of onsite backup generators<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236352[]' id='answer-id-937879' class='answer   answerof-236352 ' value='937879'   \/><label for='answer-id-937879' id='answer-label-937879' class=' answer'><span>Knowledge of the IT staff regarding data protection requirements<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-236353'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>Which of the following should be the MOST important consideration when conducting a review of IT portfolio management?<\/div><input type='hidden' name='question_id[]' id='qID_6' value='236353' \/><input type='hidden' id='answerType236353' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236353[]' id='answer-id-937880' class='answer   answerof-236353 ' value='937880'   \/><label for='answer-id-937880' id='answer-label-937880' class=' answer'><span>Assignment of responsibility for each project to an IT team member<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236353[]' id='answer-id-937881' class='answer   answerof-236353 ' value='937881'   \/><label for='answer-id-937881' id='answer-label-937881' class=' answer'><span>Adherence to best practice and industry approved methodologies<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236353[]' id='answer-id-937882' class='answer   answerof-236353 ' value='937882'   \/><label for='answer-id-937882' id='answer-label-937882' class=' answer'><span>Controls to minimize risk and maximize value for the IT portfolio<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236353[]' id='answer-id-937883' class='answer   answerof-236353 ' value='937883'   \/><label for='answer-id-937883' id='answer-label-937883' class=' answer'><span>Frequency of meetings where the business discusses the IT portfolio<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-236354'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed with the audit function. <br \/>\r<br>In order to resolve the situation, the IS auditor's BEST course of action would be to:<\/div><input type='hidden' name='question_id[]' id='qID_7' value='236354' \/><input type='hidden' id='answerType236354' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236354[]' id='answer-id-937884' class='answer   answerof-236354 ' value='937884'   \/><label for='answer-id-937884' id='answer-label-937884' class=' answer'><span>re-prioritize the original issue as high risk and escalate to senior management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236354[]' id='answer-id-937885' class='answer   answerof-236354 ' value='937885'   \/><label for='answer-id-937885' id='answer-label-937885' class=' answer'><span>schedule a follow-up audit in the next audit cycle.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236354[]' id='answer-id-937886' class='answer   answerof-236354 ' value='937886'   \/><label for='answer-id-937886' id='answer-label-937886' class=' answer'><span>postpone follow-up activities and escalate the alternative controls to senior audit management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236354[]' id='answer-id-937887' class='answer   answerof-236354 ' value='937887'   \/><label for='answer-id-937887' id='answer-label-937887' class=' answer'><span>determine whether the alternative controls sufficiently mitigate the risk.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-236355'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>When auditing the security architecture of an online application, an IS auditor should FIRST review the:<\/div><input type='hidden' name='question_id[]' id='qID_8' value='236355' \/><input type='hidden' id='answerType236355' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236355[]' id='answer-id-937888' class='answer   answerof-236355 ' value='937888'   \/><label for='answer-id-937888' id='answer-label-937888' class=' answer'><span>firewall standards.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236355[]' id='answer-id-937889' class='answer   answerof-236355 ' value='937889'   \/><label for='answer-id-937889' id='answer-label-937889' class=' answer'><span>configuration of the firewall<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236355[]' id='answer-id-937890' class='answer   answerof-236355 ' value='937890'   \/><label for='answer-id-937890' id='answer-label-937890' class=' answer'><span>firmware version of the firewall<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236355[]' id='answer-id-937891' class='answer   answerof-236355 ' value='937891'   \/><label for='answer-id-937891' id='answer-label-937891' class=' answer'><span>location of the firewall within the network<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-236356'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. <br \/>\r<br>Which of the following recommendations would BEST help to reduce the risk of data leakage?<\/div><input type='hidden' name='question_id[]' id='qID_9' value='236356' \/><input type='hidden' id='answerType236356' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236356[]' id='answer-id-937892' class='answer   answerof-236356 ' value='937892'   \/><label for='answer-id-937892' id='answer-label-937892' class=' answer'><span>Requiring policy acknowledgment and nondisclosure agreements (NDAs) signed by employees<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236356[]' id='answer-id-937893' class='answer   answerof-236356 ' value='937893'   \/><label for='answer-id-937893' id='answer-label-937893' class=' answer'><span>Establishing strong access controls on confidential data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236356[]' id='answer-id-937894' class='answer   answerof-236356 ' value='937894'   \/><label for='answer-id-937894' id='answer-label-937894' class=' answer'><span>Providing education and guidelines to employees on use of social networking sites<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236356[]' id='answer-id-937895' class='answer   answerof-236356 ' value='937895'   \/><label for='answer-id-937895' id='answer-label-937895' class=' answer'><span>Monitoring employees' social networking usage<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-236357'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?<\/div><input type='hidden' name='question_id[]' id='qID_10' value='236357' \/><input type='hidden' id='answerType236357' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236357[]' id='answer-id-937896' class='answer   answerof-236357 ' value='937896'   \/><label for='answer-id-937896' id='answer-label-937896' class=' answer'><span>Rotate job duties periodically.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236357[]' id='answer-id-937897' class='answer   answerof-236357 ' value='937897'   \/><label for='answer-id-937897' id='answer-label-937897' class=' answer'><span>Perform an independent audit.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236357[]' id='answer-id-937898' class='answer   answerof-236357 ' value='937898'   \/><label for='answer-id-937898' id='answer-label-937898' class=' answer'><span>Hire temporary staff.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236357[]' id='answer-id-937899' class='answer   answerof-236357 ' value='937899'   \/><label for='answer-id-937899' id='answer-label-937899' class=' answer'><span>Implement compensating controls.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-236358'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>Which of the following would be an IS auditor's GREATEST concern when reviewing the early stages of a software development project?<\/div><input type='hidden' name='question_id[]' id='qID_11' value='236358' \/><input type='hidden' id='answerType236358' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236358[]' id='answer-id-937900' class='answer   answerof-236358 ' value='937900'   \/><label for='answer-id-937900' id='answer-label-937900' class=' answer'><span>The lack of technical documentation to support the program code<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236358[]' id='answer-id-937901' class='answer   answerof-236358 ' value='937901'   \/><label for='answer-id-937901' id='answer-label-937901' class=' answer'><span>The lack of completion of all requirements at the end of each sprint<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236358[]' id='answer-id-937902' class='answer   answerof-236358 ' value='937902'   \/><label for='answer-id-937902' id='answer-label-937902' class=' answer'><span>The lack of acceptance criteria behind user requirements.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236358[]' id='answer-id-937903' class='answer   answerof-236358 ' value='937903'   \/><label for='answer-id-937903' id='answer-label-937903' class=' answer'><span>The lack of a detailed unit and system test plan<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-236359'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>An IT balanced scorecard is the MOST effective means of monitoring:<\/div><input type='hidden' name='question_id[]' id='qID_12' value='236359' \/><input type='hidden' id='answerType236359' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236359[]' id='answer-id-937904' class='answer   answerof-236359 ' value='937904'   \/><label for='answer-id-937904' id='answer-label-937904' class=' answer'><span>governance of enterprise I<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236359[]' id='answer-id-937905' class='answer   answerof-236359 ' value='937905'   \/><label for='answer-id-937905' id='answer-label-937905' class=' answer'><span>control effectiveness.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236359[]' id='answer-id-937906' class='answer   answerof-236359 ' value='937906'   \/><label for='answer-id-937906' id='answer-label-937906' class=' answer'><span>return on investment (ROI).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236359[]' id='answer-id-937907' class='answer   answerof-236359 ' value='937907'   \/><label for='answer-id-937907' id='answer-label-937907' class=' answer'><span>change management effectiveness.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-236360'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>A system development project is experiencing delays due to ongoing staff shortages. <br \/>\r<br>Which of the following strategies would provide the GREATEST assurance of system quality at implementation?<\/div><input type='hidden' name='question_id[]' id='qID_13' value='236360' \/><input type='hidden' id='answerType236360' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236360[]' id='answer-id-937908' class='answer   answerof-236360 ' value='937908'   \/><label for='answer-id-937908' id='answer-label-937908' class=' answer'><span>Implement overtime pay and bonuses for all development staff.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236360[]' id='answer-id-937909' class='answer   answerof-236360 ' value='937909'   \/><label for='answer-id-937909' id='answer-label-937909' class=' answer'><span>Utilize new system development tools to improve productivity.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236360[]' id='answer-id-937910' class='answer   answerof-236360 ' value='937910'   \/><label for='answer-id-937910' id='answer-label-937910' class=' answer'><span>Recruit IS staff to expedite system development.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236360[]' id='answer-id-937911' class='answer   answerof-236360 ' value='937911'   \/><label for='answer-id-937911' id='answer-label-937911' class=' answer'><span>Deliver only the core functionality on the initial target date.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-236361'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>Which of the following data would be used when performing a business impact analysis (BIA)?<\/div><input type='hidden' name='question_id[]' id='qID_14' value='236361' \/><input type='hidden' id='answerType236361' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236361[]' id='answer-id-937912' class='answer   answerof-236361 ' value='937912'   \/><label for='answer-id-937912' id='answer-label-937912' class=' answer'><span>Projected impact of current business on future business<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236361[]' id='answer-id-937913' class='answer   answerof-236361 ' value='937913'   \/><label for='answer-id-937913' id='answer-label-937913' class=' answer'><span>Cost-benefit analysis of running the current business<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236361[]' id='answer-id-937914' class='answer   answerof-236361 ' value='937914'   \/><label for='answer-id-937914' id='answer-label-937914' class=' answer'><span>Cost of regulatory compliance<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236361[]' id='answer-id-937915' class='answer   answerof-236361 ' value='937915'   \/><label for='answer-id-937915' id='answer-label-937915' class=' answer'><span>Expected costs for recovering the business<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-236362'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>An IS auditor is reviewing an organization's information asset management process. <br \/>\r<br>Which of the following would be of GREATEST concern to the auditor?<\/div><input type='hidden' name='question_id[]' id='qID_15' value='236362' \/><input type='hidden' id='answerType236362' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236362[]' id='answer-id-937916' class='answer   answerof-236362 ' value='937916'   \/><label for='answer-id-937916' id='answer-label-937916' class=' answer'><span>The process does not require specifying the physical locations of assets.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236362[]' id='answer-id-937917' class='answer   answerof-236362 ' value='937917'   \/><label for='answer-id-937917' id='answer-label-937917' class=' answer'><span>Process ownership has not been established.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236362[]' id='answer-id-937918' class='answer   answerof-236362 ' value='937918'   \/><label for='answer-id-937918' id='answer-label-937918' class=' answer'><span>The process does not include asset review.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236362[]' id='answer-id-937919' class='answer   answerof-236362 ' value='937919'   \/><label for='answer-id-937919' id='answer-label-937919' class=' answer'><span>Identification of asset value is not included in the process.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-236363'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>Which of the following would be to MOST concern when determine if information assets are adequately safequately safeguarded during transport and disposal?<\/div><input type='hidden' name='question_id[]' id='qID_16' value='236363' \/><input type='hidden' id='answerType236363' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236363[]' id='answer-id-937920' class='answer   answerof-236363 ' value='937920'   \/><label for='answer-id-937920' id='answer-label-937920' class=' answer'><span>Lack of appropriate labelling<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236363[]' id='answer-id-937921' class='answer   answerof-236363 ' value='937921'   \/><label for='answer-id-937921' id='answer-label-937921' class=' answer'><span>Lack of recent awareness training.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236363[]' id='answer-id-937922' class='answer   answerof-236363 ' value='937922'   \/><label for='answer-id-937922' id='answer-label-937922' class=' answer'><span>Lack of password protection<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236363[]' id='answer-id-937923' class='answer   answerof-236363 ' value='937923'   \/><label for='answer-id-937923' id='answer-label-937923' class=' answer'><span>Lack of appropriate data classification<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-236364'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>Which of the following is MOST important for an IS auditor to review when evaluating the accuracy of a spreadsheet that contains several macros?<\/div><input type='hidden' name='question_id[]' id='qID_17' value='236364' \/><input type='hidden' id='answerType236364' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236364[]' id='answer-id-937924' class='answer   answerof-236364 ' value='937924'   \/><label for='answer-id-937924' id='answer-label-937924' class=' answer'><span>Encryption of the spreadsheet<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236364[]' id='answer-id-937925' class='answer   answerof-236364 ' value='937925'   \/><label for='answer-id-937925' id='answer-label-937925' class=' answer'><span>Version history<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236364[]' id='answer-id-937926' class='answer   answerof-236364 ' value='937926'   \/><label for='answer-id-937926' id='answer-label-937926' class=' answer'><span>Formulas within macros<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236364[]' id='answer-id-937927' class='answer   answerof-236364 ' value='937927'   \/><label for='answer-id-937927' id='answer-label-937927' class=' answer'><span>Reconciliation of key calculations<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-236365'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>In a small IT web development company where developers must have write access to production, the BEST recommendation of an IS auditor would be to:<\/div><input type='hidden' name='question_id[]' id='qID_18' value='236365' \/><input type='hidden' id='answerType236365' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236365[]' id='answer-id-937928' class='answer   answerof-236365 ' value='937928'   \/><label for='answer-id-937928' id='answer-label-937928' class=' answer'><span>hire another person to perform migration to production.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236365[]' id='answer-id-937929' class='answer   answerof-236365 ' value='937929'   \/><label for='answer-id-937929' id='answer-label-937929' class=' answer'><span>implement continuous monitoring controls.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236365[]' id='answer-id-937930' class='answer   answerof-236365 ' value='937930'   \/><label for='answer-id-937930' id='answer-label-937930' class=' answer'><span>remove production access from the developers.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236365[]' id='answer-id-937931' class='answer   answerof-236365 ' value='937931'   \/><label for='answer-id-937931' id='answer-label-937931' class=' answer'><span>perform a user access review for the development team<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-236366'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:<\/div><input type='hidden' name='question_id[]' id='qID_19' value='236366' \/><input type='hidden' id='answerType236366' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236366[]' id='answer-id-937932' class='answer   answerof-236366 ' value='937932'   \/><label for='answer-id-937932' id='answer-label-937932' class=' answer'><span>allocation of resources during an emergency.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236366[]' id='answer-id-937933' class='answer   answerof-236366 ' value='937933'   \/><label for='answer-id-937933' id='answer-label-937933' class=' answer'><span>frequency of system testing.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236366[]' id='answer-id-937934' class='answer   answerof-236366 ' value='937934'   \/><label for='answer-id-937934' id='answer-label-937934' class=' answer'><span>differences in IS policies and procedures.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236366[]' id='answer-id-937935' class='answer   answerof-236366 ' value='937935'   \/><label for='answer-id-937935' id='answer-label-937935' class=' answer'><span>maintenance of hardware and software compatibility.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-236367'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:<\/div><input type='hidden' name='question_id[]' id='qID_20' value='236367' \/><input type='hidden' id='answerType236367' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236367[]' id='answer-id-937936' class='answer   answerof-236367 ' value='937936'   \/><label for='answer-id-937936' id='answer-label-937936' class=' answer'><span>Future compatibility of the application.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236367[]' id='answer-id-937937' class='answer   answerof-236367 ' value='937937'   \/><label for='answer-id-937937' id='answer-label-937937' class=' answer'><span>Proposed functionality of the application.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236367[]' id='answer-id-937938' class='answer   answerof-236367 ' value='937938'   \/><label for='answer-id-937938' id='answer-label-937938' class=' answer'><span>Controls incorporated into the system specifications.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236367[]' id='answer-id-937939' class='answer   answerof-236367 ' value='937939'   \/><label for='answer-id-937939' id='answer-label-937939' class=' answer'><span>Development methodology employed.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-21' style=';'><div id='questionWrap-21'  class='   watupro-question-id-236368'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>21. <\/span>Which of the following is the BEST data integrity check?<\/div><input type='hidden' name='question_id[]' id='qID_21' value='236368' \/><input type='hidden' id='answerType236368' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236368[]' id='answer-id-937940' class='answer   answerof-236368 ' value='937940'   \/><label for='answer-id-937940' id='answer-label-937940' class=' answer'><span>Counting the transactions processed per day<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236368[]' id='answer-id-937941' class='answer   answerof-236368 ' value='937941'   \/><label for='answer-id-937941' id='answer-label-937941' class=' answer'><span>Performing a sequence check<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236368[]' id='answer-id-937942' class='answer   answerof-236368 ' value='937942'   \/><label for='answer-id-937942' id='answer-label-937942' class=' answer'><span>Tracing data back to the point of origin<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236368[]' id='answer-id-937943' class='answer   answerof-236368 ' value='937943'   \/><label for='answer-id-937943' id='answer-label-937943' class=' answer'><span>Preparing and running test data<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-22' style=';'><div id='questionWrap-22'  class='   watupro-question-id-236369'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>22. <\/span>During an incident management audit, an IS auditor finds that several similar incidents were logged during the audit period. <br \/>\r<br>Which of the following is the auditor's MOST important course of action?<\/div><input type='hidden' name='question_id[]' id='qID_22' value='236369' \/><input type='hidden' id='answerType236369' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236369[]' id='answer-id-937944' class='answer   answerof-236369 ' value='937944'   \/><label for='answer-id-937944' id='answer-label-937944' class=' answer'><span>Document the finding and present it to management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236369[]' id='answer-id-937945' class='answer   answerof-236369 ' value='937945'   \/><label for='answer-id-937945' id='answer-label-937945' class=' answer'><span>Determine if a root cause analysis was conducted.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236369[]' id='answer-id-937946' class='answer   answerof-236369 ' value='937946'   \/><label for='answer-id-937946' id='answer-label-937946' class=' answer'><span>Confirm the resolution time of the incidents.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236369[]' id='answer-id-937947' class='answer   answerof-236369 ' value='937947'   \/><label for='answer-id-937947' id='answer-label-937947' class=' answer'><span>Validate whether all incidents have been actioned.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-23' style=';'><div id='questionWrap-23'  class='   watupro-question-id-236370'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>23. <\/span>An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner. <br \/>\r<br>Which of the following is the auditor's BEST recommendation?<\/div><input type='hidden' name='question_id[]' id='qID_23' value='236370' \/><input type='hidden' id='answerType236370' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236370[]' id='answer-id-937948' class='answer   answerof-236370 ' value='937948'   \/><label for='answer-id-937948' id='answer-label-937948' class=' answer'><span>Increase the capacity of existing systems.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236370[]' id='answer-id-937949' class='answer   answerof-236370 ' value='937949'   \/><label for='answer-id-937949' id='answer-label-937949' class=' answer'><span>Upgrade hardware to newer technology.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236370[]' id='answer-id-937950' class='answer   answerof-236370 ' value='937950'   \/><label for='answer-id-937950' id='answer-label-937950' class=' answer'><span>Hire temporary contract workers for the IT function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236370[]' id='answer-id-937951' class='answer   answerof-236370 ' value='937951'   \/><label for='answer-id-937951' id='answer-label-937951' class=' answer'><span>Build a virtual environment.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-24' style=';'><div id='questionWrap-24'  class='   watupro-question-id-236371'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>24. <\/span>Which of the following would BEST facilitate the successful implementation of an IT-related framework?<\/div><input type='hidden' name='question_id[]' id='qID_24' value='236371' \/><input type='hidden' id='answerType236371' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236371[]' id='answer-id-937952' class='answer   answerof-236371 ' value='937952'   \/><label for='answer-id-937952' id='answer-label-937952' class=' answer'><span>Aligning the framework to industry best practices<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236371[]' id='answer-id-937953' class='answer   answerof-236371 ' value='937953'   \/><label for='answer-id-937953' id='answer-label-937953' class=' answer'><span>Establishing committees to support and oversee framework activities<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236371[]' id='answer-id-937954' class='answer   answerof-236371 ' value='937954'   \/><label for='answer-id-937954' id='answer-label-937954' class=' answer'><span>Involving appropriate business representation within the framework<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236371[]' id='answer-id-937955' class='answer   answerof-236371 ' value='937955'   \/><label for='answer-id-937955' id='answer-label-937955' class=' answer'><span>Documenting IT-related policies and procedures<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-25' style=';'><div id='questionWrap-25'  class='   watupro-question-id-236372'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>25. <\/span>In a 24\/7 processing environment, a database contains several privileged application accounts with passwords set to never expire. <br \/>\r<br>Which of the following recommendations would BEST address the risk with minimal disruption to the business?<\/div><input type='hidden' name='question_id[]' id='qID_25' value='236372' \/><input type='hidden' id='answerType236372' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236372[]' id='answer-id-937956' class='answer   answerof-236372 ' value='937956'   \/><label for='answer-id-937956' id='answer-label-937956' class=' answer'><span>Modify applications to no longer require direct access to the database.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236372[]' id='answer-id-937957' class='answer   answerof-236372 ' value='937957'   \/><label for='answer-id-937957' id='answer-label-937957' class=' answer'><span>Introduce database access monitoring into the environment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236372[]' id='answer-id-937958' class='answer   answerof-236372 ' value='937958'   \/><label for='answer-id-937958' id='answer-label-937958' class=' answer'><span>Modify the access management policy to make allowances for application accounts.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236372[]' id='answer-id-937959' class='answer   answerof-236372 ' value='937959'   \/><label for='answer-id-937959' id='answer-label-937959' class=' answer'><span>Schedule downtime to implement password changes.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-26' style=';'><div id='questionWrap-26'  class='   watupro-question-id-236373'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>26. <\/span>During the implementation of an upgraded enterprise resource planning (ERP) system, which of the following is the MOST important consideration for a go-live decision?<\/div><input type='hidden' name='question_id[]' id='qID_26' value='236373' \/><input type='hidden' id='answerType236373' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236373[]' id='answer-id-937960' class='answer   answerof-236373 ' value='937960'   \/><label for='answer-id-937960' id='answer-label-937960' class=' answer'><span>Rollback strategy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236373[]' id='answer-id-937961' class='answer   answerof-236373 ' value='937961'   \/><label for='answer-id-937961' id='answer-label-937961' class=' answer'><span>Test cases<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236373[]' id='answer-id-937962' class='answer   answerof-236373 ' value='937962'   \/><label for='answer-id-937962' id='answer-label-937962' class=' answer'><span>Post-implementation review objectives<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236373[]' id='answer-id-937963' class='answer   answerof-236373 ' value='937963'   \/><label for='answer-id-937963' id='answer-label-937963' class=' answer'><span>Business case<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-27' style=';'><div id='questionWrap-27'  class='   watupro-question-id-236374'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>27. <\/span>A proper audit trail of changes to server start-up procedures would include evidence of:<\/div><input type='hidden' name='question_id[]' id='qID_27' value='236374' \/><input type='hidden' id='answerType236374' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236374[]' id='answer-id-937964' class='answer   answerof-236374 ' value='937964'   \/><label for='answer-id-937964' id='answer-label-937964' class=' answer'><span>subsystem structure.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236374[]' id='answer-id-937965' class='answer   answerof-236374 ' value='937965'   \/><label for='answer-id-937965' id='answer-label-937965' class=' answer'><span>program execution.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236374[]' id='answer-id-937966' class='answer   answerof-236374 ' value='937966'   \/><label for='answer-id-937966' id='answer-label-937966' class=' answer'><span>security control options.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236374[]' id='answer-id-937967' class='answer   answerof-236374 ' value='937967'   \/><label for='answer-id-937967' id='answer-label-937967' class=' answer'><span>operator overrides.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-28' style=';'><div id='questionWrap-28'  class='   watupro-question-id-236375'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>28. <\/span>An organization's enterprise architecture (EA) department decides to change a legacy system's components while maintaining its original functionality. <br \/>\r<br>Which of the following is MOST important for an IS auditor to understand when reviewing this decision?<\/div><input type='hidden' name='question_id[]' id='qID_28' value='236375' \/><input type='hidden' id='answerType236375' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236375[]' id='answer-id-937968' class='answer   answerof-236375 ' value='937968'   \/><label for='answer-id-937968' id='answer-label-937968' class=' answer'><span>The current business capabilities delivered by the legacy system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236375[]' id='answer-id-937969' class='answer   answerof-236375 ' value='937969'   \/><label for='answer-id-937969' id='answer-label-937969' class=' answer'><span>The proposed network topology to be used by the redesigned system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236375[]' id='answer-id-937970' class='answer   answerof-236375 ' value='937970'   \/><label for='answer-id-937970' id='answer-label-937970' class=' answer'><span>The data flows between the components to be used by the redesigned system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236375[]' id='answer-id-937971' class='answer   answerof-236375 ' value='937971'   \/><label for='answer-id-937971' id='answer-label-937971' class=' answer'><span>The database entity relationships within the legacy system<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-29' style=';'><div id='questionWrap-29'  class='   watupro-question-id-236376'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>29. <\/span>Which of the following should be an IS auditor's GREATEST consideration when scheduling follow-up activities for agreed-upon management responses to remediate audit observations?<\/div><input type='hidden' name='question_id[]' id='qID_29' value='236376' \/><input type='hidden' id='answerType236376' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236376[]' id='answer-id-937972' class='answer   answerof-236376 ' value='937972'   \/><label for='answer-id-937972' id='answer-label-937972' class=' answer'><span>Business interruption due to remediation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236376[]' id='answer-id-937973' class='answer   answerof-236376 ' value='937973'   \/><label for='answer-id-937973' id='answer-label-937973' class=' answer'><span>IT budgeting constraints<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236376[]' id='answer-id-937974' class='answer   answerof-236376 ' value='937974'   \/><label for='answer-id-937974' id='answer-label-937974' class=' answer'><span>Availability of responsible IT personnel<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236376[]' id='answer-id-937975' class='answer   answerof-236376 ' value='937975'   \/><label for='answer-id-937975' id='answer-label-937975' class=' answer'><span>Risk rating of original findings<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-30' style=';'><div id='questionWrap-30'  class='   watupro-question-id-236377'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>30. <\/span>Which of the following should an IS auditor recommend as a PRIMARY area of focus when an organization decides to outsource technical support for its external customers?<\/div><input type='hidden' name='question_id[]' id='qID_30' value='236377' \/><input type='hidden' id='answerType236377' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236377[]' id='answer-id-937976' class='answer   answerof-236377 ' value='937976'   \/><label for='answer-id-937976' id='answer-label-937976' class=' answer'><span>Align service level agreements (SLAs) with current needs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236377[]' id='answer-id-937977' class='answer   answerof-236377 ' value='937977'   \/><label for='answer-id-937977' id='answer-label-937977' class=' answer'><span>Monitor customer satisfaction with the change.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236377[]' id='answer-id-937978' class='answer   answerof-236377 ' value='937978'   \/><label for='answer-id-937978' id='answer-label-937978' class=' answer'><span>Minimize costs related to the third-party agreement.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236377[]' id='answer-id-937979' class='answer   answerof-236377 ' value='937979'   \/><label for='answer-id-937979' id='answer-label-937979' class=' answer'><span>Ensure right to audit is included within the contract.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-31' style=';'><div id='questionWrap-31'  class='   watupro-question-id-236378'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>31. <\/span>Which audit approach is MOST helpful in optimizing the use of IS audit resources?<\/div><input type='hidden' name='question_id[]' id='qID_31' value='236378' \/><input type='hidden' id='answerType236378' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236378[]' id='answer-id-937980' class='answer   answerof-236378 ' value='937980'   \/><label for='answer-id-937980' id='answer-label-937980' class=' answer'><span>Agile auditing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236378[]' id='answer-id-937981' class='answer   answerof-236378 ' value='937981'   \/><label for='answer-id-937981' id='answer-label-937981' class=' answer'><span>Continuous auditing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236378[]' id='answer-id-937982' class='answer   answerof-236378 ' value='937982'   \/><label for='answer-id-937982' id='answer-label-937982' class=' answer'><span>Outsourced auditing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236378[]' id='answer-id-937983' class='answer   answerof-236378 ' value='937983'   \/><label for='answer-id-937983' id='answer-label-937983' class=' answer'><span>Risk-based auditing<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-32' style=';'><div id='questionWrap-32'  class='   watupro-question-id-236379'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>32. <\/span>What is the BEST control to address SQL injection vulnerabilities?<\/div><input type='hidden' name='question_id[]' id='qID_32' value='236379' \/><input type='hidden' id='answerType236379' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236379[]' id='answer-id-937984' class='answer   answerof-236379 ' value='937984'   \/><label for='answer-id-937984' id='answer-label-937984' class=' answer'><span>Unicode translation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236379[]' id='answer-id-937985' class='answer   answerof-236379 ' value='937985'   \/><label for='answer-id-937985' id='answer-label-937985' class=' answer'><span>Secure Sockets Layer (SSL) encryption<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236379[]' id='answer-id-937986' class='answer   answerof-236379 ' value='937986'   \/><label for='answer-id-937986' id='answer-label-937986' class=' answer'><span>Input validation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236379[]' id='answer-id-937987' class='answer   answerof-236379 ' value='937987'   \/><label for='answer-id-937987' id='answer-label-937987' class=' answer'><span>Digital signatures<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-33' style=';'><div id='questionWrap-33'  class='   watupro-question-id-236380'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>33. <\/span>The PRIMARY benefit lo using a dry-pipe fire-suppression system rather than a wet-pipe system is that a dry-pipe system:<\/div><input type='hidden' name='question_id[]' id='qID_33' value='236380' \/><input type='hidden' id='answerType236380' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236380[]' id='answer-id-937988' class='answer   answerof-236380 ' value='937988'   \/><label for='answer-id-937988' id='answer-label-937988' class=' answer'><span>is more effective at suppressing flames.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236380[]' id='answer-id-937989' class='answer   answerof-236380 ' value='937989'   \/><label for='answer-id-937989' id='answer-label-937989' class=' answer'><span>allows more time to abort release of the suppressant.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236380[]' id='answer-id-937990' class='answer   answerof-236380 ' value='937990'   \/><label for='answer-id-937990' id='answer-label-937990' class=' answer'><span>has a decreased risk of leakage.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236380[]' id='answer-id-937991' class='answer   answerof-236380 ' value='937991'   \/><label for='answer-id-937991' id='answer-label-937991' class=' answer'><span>disperses dry chemical suppressants exclusively.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-34' style=';'><div id='questionWrap-34'  class='   watupro-question-id-236381'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>34. <\/span>Which of the following is a social engineering attack method?<\/div><input type='hidden' name='question_id[]' id='qID_34' value='236381' \/><input type='hidden' id='answerType236381' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236381[]' id='answer-id-937992' class='answer   answerof-236381 ' value='937992'   \/><label for='answer-id-937992' id='answer-label-937992' class=' answer'><span>An unauthorized person attempts to gam access to secure premises by following an authonzed person through a secure door.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236381[]' id='answer-id-937993' class='answer   answerof-236381 ' value='937993'   \/><label for='answer-id-937993' id='answer-label-937993' class=' answer'><span>An employee is induced to reveal confidential IP addresses and passwords by answering questions over the phone.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236381[]' id='answer-id-937994' class='answer   answerof-236381 ' value='937994'   \/><label for='answer-id-937994' id='answer-label-937994' class=' answer'><span>A hacker walks around an office building using scanning tools to search for a wireless network to gain access.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236381[]' id='answer-id-937995' class='answer   answerof-236381 ' value='937995'   \/><label for='answer-id-937995' id='answer-label-937995' class=' answer'><span>An intruder eavesdrops and collects sensitive information flowing through the network and sells it to third parties.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-35' style=';'><div id='questionWrap-35'  class='   watupro-question-id-236382'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>35. <\/span>From an IS auditor's perspective, which of the following would be the GREATEST risk associated with an incomplete inventory of deployed software in an organization?<\/div><input type='hidden' name='question_id[]' id='qID_35' value='236382' \/><input type='hidden' id='answerType236382' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236382[]' id='answer-id-937996' class='answer   answerof-236382 ' value='937996'   \/><label for='answer-id-937996' id='answer-label-937996' class=' answer'><span>Inability to close unused ports on critical servers<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236382[]' id='answer-id-937997' class='answer   answerof-236382 ' value='937997'   \/><label for='answer-id-937997' id='answer-label-937997' class=' answer'><span>Inability to identify unused licenses within the organization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236382[]' id='answer-id-937998' class='answer   answerof-236382 ' value='937998'   \/><label for='answer-id-937998' id='answer-label-937998' class=' answer'><span>Inability to deploy updated security patches<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236382[]' id='answer-id-937999' class='answer   answerof-236382 ' value='937999'   \/><label for='answer-id-937999' id='answer-label-937999' class=' answer'><span>Inability to determine the cost of deployed software<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-36' style=';'><div id='questionWrap-36'  class='   watupro-question-id-236383'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>36. <\/span>Which of the following is the BEST method to safeguard data on an organization's laptop computers?<\/div><input type='hidden' name='question_id[]' id='qID_36' value='236383' \/><input type='hidden' id='answerType236383' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236383[]' id='answer-id-938000' class='answer   answerof-236383 ' value='938000'   \/><label for='answer-id-938000' id='answer-label-938000' class=' answer'><span>Disabled USB ports<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236383[]' id='answer-id-938001' class='answer   answerof-236383 ' value='938001'   \/><label for='answer-id-938001' id='answer-label-938001' class=' answer'><span>Full disk encryption<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236383[]' id='answer-id-938002' class='answer   answerof-236383 ' value='938002'   \/><label for='answer-id-938002' id='answer-label-938002' class=' answer'><span>Biometric access control<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236383[]' id='answer-id-938003' class='answer   answerof-236383 ' value='938003'   \/><label for='answer-id-938003' id='answer-label-938003' class=' answer'><span>Two-factor authentication<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-37' style=';'><div id='questionWrap-37'  class='   watupro-question-id-236384'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>37. <\/span>When evaluating the design of controls related to network monitoring, which of the following is MOST important for an IS auditor to review?<\/div><input type='hidden' name='question_id[]' id='qID_37' value='236384' \/><input type='hidden' id='answerType236384' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236384[]' id='answer-id-938004' class='answer   answerof-236384 ' value='938004'   \/><label for='answer-id-938004' id='answer-label-938004' class=' answer'><span>Incident monitoring togs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236384[]' id='answer-id-938005' class='answer   answerof-236384 ' value='938005'   \/><label for='answer-id-938005' id='answer-label-938005' class=' answer'><span>The ISP service level agreement<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236384[]' id='answer-id-938006' class='answer   answerof-236384 ' value='938006'   \/><label for='answer-id-938006' id='answer-label-938006' class=' answer'><span>Reports of network traffic analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236384[]' id='answer-id-938007' class='answer   answerof-236384 ' value='938007'   \/><label for='answer-id-938007' id='answer-label-938007' class=' answer'><span>Network topology diagrams<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-38' style=';'><div id='questionWrap-38'  class='   watupro-question-id-236385'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>38. <\/span>Which of the following will be the MOST effective method to verify that a service vendor keeps control levels as required by the client?<\/div><input type='hidden' name='question_id[]' id='qID_38' value='236385' \/><input type='hidden' id='answerType236385' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236385[]' id='answer-id-938008' class='answer   answerof-236385 ' value='938008'   \/><label for='answer-id-938008' id='answer-label-938008' class=' answer'><span>Conduct periodic on-site assessments using agreed-upon criteria.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236385[]' id='answer-id-938009' class='answer   answerof-236385 ' value='938009'   \/><label for='answer-id-938009' id='answer-label-938009' class=' answer'><span>Periodically review the service level agreement (SLA) with the vendor.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236385[]' id='answer-id-938010' class='answer   answerof-236385 ' value='938010'   \/><label for='answer-id-938010' id='answer-label-938010' class=' answer'><span>Conduct an unannounced vulnerability assessment of vendor's IT systems.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236385[]' id='answer-id-938011' class='answer   answerof-236385 ' value='938011'   \/><label for='answer-id-938011' id='answer-label-938011' class=' answer'><span>Obtain evidence of the vendor's control self-assessment (CSA).<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-39' style=';'><div id='questionWrap-39'  class='   watupro-question-id-236386'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>39. <\/span>During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization. <br \/>\r<br>Which of the following should be recommended as the PRIMARY factor to determine system criticality?<\/div><input type='hidden' name='question_id[]' id='qID_39' value='236386' \/><input type='hidden' id='answerType236386' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236386[]' id='answer-id-938012' class='answer   answerof-236386 ' value='938012'   \/><label for='answer-id-938012' id='answer-label-938012' class=' answer'><span>Key performance indicators (KPIs)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236386[]' id='answer-id-938013' class='answer   answerof-236386 ' value='938013'   \/><label for='answer-id-938013' id='answer-label-938013' class=' answer'><span>Maximum allowable downtime (MAD)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236386[]' id='answer-id-938014' class='answer   answerof-236386 ' value='938014'   \/><label for='answer-id-938014' id='answer-label-938014' class=' answer'><span>Recovery point objective (RPO)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236386[]' id='answer-id-938015' class='answer   answerof-236386 ' value='938015'   \/><label for='answer-id-938015' id='answer-label-938015' class=' answer'><span>Mean time to restore (MTTR)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-40' style=';'><div id='questionWrap-40'  class='   watupro-question-id-236387'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>40. <\/span>Which of the following attack techniques will succeed because of an inherent security weakness in an Internet firewall?<\/div><input type='hidden' name='question_id[]' id='qID_40' value='236387' \/><input type='hidden' id='answerType236387' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236387[]' id='answer-id-938016' class='answer   answerof-236387 ' value='938016'   \/><label for='answer-id-938016' id='answer-label-938016' class=' answer'><span>Phishing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236387[]' id='answer-id-938017' class='answer   answerof-236387 ' value='938017'   \/><label for='answer-id-938017' id='answer-label-938017' class=' answer'><span>Using a dictionary attack of encrypted passwords<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236387[]' id='answer-id-938018' class='answer   answerof-236387 ' value='938018'   \/><label for='answer-id-938018' id='answer-label-938018' class=' answer'><span>Intercepting packets and viewing passwords<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236387[]' id='answer-id-938019' class='answer   answerof-236387 ' value='938019'   \/><label for='answer-id-938019' id='answer-label-938019' class=' answer'><span>Flooding the site with an excessive number of packets<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-41' style=';'><div id='questionWrap-41'  class='   watupro-question-id-236388'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>41. <\/span>Cross-site scripting (XSS) attacks are BEST prevented through:<\/div><input type='hidden' name='question_id[]' id='qID_41' value='236388' \/><input type='hidden' id='answerType236388' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236388[]' id='answer-id-938020' class='answer   answerof-236388 ' value='938020'   \/><label for='answer-id-938020' id='answer-label-938020' class=' answer'><span>application firewall policy settings.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236388[]' id='answer-id-938021' class='answer   answerof-236388 ' value='938021'   \/><label for='answer-id-938021' id='answer-label-938021' class=' answer'><span>a three-tier web architecture.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236388[]' id='answer-id-938022' class='answer   answerof-236388 ' value='938022'   \/><label for='answer-id-938022' id='answer-label-938022' class=' answer'><span>secure coding practices.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236388[]' id='answer-id-938023' class='answer   answerof-236388 ' value='938023'   \/><label for='answer-id-938023' id='answer-label-938023' class=' answer'><span>use of common industry frameworks.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-42' style=';'><div id='questionWrap-42'  class='   watupro-question-id-236389'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>42. <\/span>Management is concerned about sensitive information being intentionally or unintentionally emailed as attachments outside the organization by employees. <br \/>\r<br>What is the MOST important task before implementing any associated email controls?<\/div><input type='hidden' name='question_id[]' id='qID_42' value='236389' \/><input type='hidden' id='answerType236389' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236389[]' id='answer-id-938024' class='answer   answerof-236389 ' value='938024'   \/><label for='answer-id-938024' id='answer-label-938024' class=' answer'><span>Require all employees to sign nondisclosure agreements (NDAs).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236389[]' id='answer-id-938025' class='answer   answerof-236389 ' value='938025'   \/><label for='answer-id-938025' id='answer-label-938025' class=' answer'><span>Develop an acceptable use policy for end-user computing (EUC).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236389[]' id='answer-id-938026' class='answer   answerof-236389 ' value='938026'   \/><label for='answer-id-938026' id='answer-label-938026' class=' answer'><span>Develop an information classification scheme.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236389[]' id='answer-id-938027' class='answer   answerof-236389 ' value='938027'   \/><label for='answer-id-938027' id='answer-label-938027' class=' answer'><span>Provide notification to employees about possible email monitoring.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-43' style=';'><div id='questionWrap-43'  class='   watupro-question-id-236390'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>43. <\/span>An IS auditor notes that several employees are spending an excessive amount of time using social media sites for personal reasons. <br \/>\r<br>Which of the following should the auditor recommend be performed FIRST?<\/div><input type='hidden' name='question_id[]' id='qID_43' value='236390' \/><input type='hidden' id='answerType236390' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236390[]' id='answer-id-938028' class='answer   answerof-236390 ' value='938028'   \/><label for='answer-id-938028' id='answer-label-938028' class=' answer'><span>Implement a process to actively monitor postings on social networking sites.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236390[]' id='answer-id-938029' class='answer   answerof-236390 ' value='938029'   \/><label for='answer-id-938029' id='answer-label-938029' class=' answer'><span>Adjust budget for network usage to include social media usage.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236390[]' id='answer-id-938030' class='answer   answerof-236390 ' value='938030'   \/><label for='answer-id-938030' id='answer-label-938030' class=' answer'><span>Use data loss prevention (DLP) tools on endpoints.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236390[]' id='answer-id-938031' class='answer   answerof-236390 ' value='938031'   \/><label for='answer-id-938031' id='answer-label-938031' class=' answer'><span>implement policies addressing acceptable usage of social media during working hours.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-44' style=';'><div id='questionWrap-44'  class='   watupro-question-id-236391'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>44. <\/span>Which of the following should be an IS auditor's PRIMARY focus when developing a risk-based IS audit program?<\/div><input type='hidden' name='question_id[]' id='qID_44' value='236391' \/><input type='hidden' id='answerType236391' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236391[]' id='answer-id-938032' class='answer   answerof-236391 ' value='938032'   \/><label for='answer-id-938032' id='answer-label-938032' class=' answer'><span>Portfolio management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236391[]' id='answer-id-938033' class='answer   answerof-236391 ' value='938033'   \/><label for='answer-id-938033' id='answer-label-938033' class=' answer'><span>Business plans<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236391[]' id='answer-id-938034' class='answer   answerof-236391 ' value='938034'   \/><label for='answer-id-938034' id='answer-label-938034' class=' answer'><span>Business processes<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236391[]' id='answer-id-938035' class='answer   answerof-236391 ' value='938035'   \/><label for='answer-id-938035' id='answer-label-938035' class=' answer'><span>IT strategic plans<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-45' style=';'><div id='questionWrap-45'  class='   watupro-question-id-236392'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>45. <\/span>Which of the following is the BEST source of information for assessing the effectiveness of IT process monitoring?<\/div><input type='hidden' name='question_id[]' id='qID_45' value='236392' \/><input type='hidden' id='answerType236392' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236392[]' id='answer-id-938036' class='answer   answerof-236392 ' value='938036'   \/><label for='answer-id-938036' id='answer-label-938036' class=' answer'><span>Real-time audit software<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236392[]' id='answer-id-938037' class='answer   answerof-236392 ' value='938037'   \/><label for='answer-id-938037' id='answer-label-938037' class=' answer'><span>Performance data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236392[]' id='answer-id-938038' class='answer   answerof-236392 ' value='938038'   \/><label for='answer-id-938038' id='answer-label-938038' class=' answer'><span>Quality assurance (QA) reviews<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236392[]' id='answer-id-938039' class='answer   answerof-236392 ' value='938039'   \/><label for='answer-id-938039' id='answer-label-938039' class=' answer'><span>Participative management techniques<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-46' style=';'><div id='questionWrap-46'  class='   watupro-question-id-236393'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>46. <\/span>What should be the PRIMARY basis for selecting which IS audits to perform in the coming year?<\/div><input type='hidden' name='question_id[]' id='qID_46' value='236393' \/><input type='hidden' id='answerType236393' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236393[]' id='answer-id-938040' class='answer   answerof-236393 ' value='938040'   \/><label for='answer-id-938040' id='answer-label-938040' class=' answer'><span>Senior management's request<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236393[]' id='answer-id-938041' class='answer   answerof-236393 ' value='938041'   \/><label for='answer-id-938041' id='answer-label-938041' class=' answer'><span>Prior year's audit findings<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236393[]' id='answer-id-938042' class='answer   answerof-236393 ' value='938042'   \/><label for='answer-id-938042' id='answer-label-938042' class=' answer'><span>Organizational risk assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236393[]' id='answer-id-938043' class='answer   answerof-236393 ' value='938043'   \/><label for='answer-id-938043' id='answer-label-938043' class=' answer'><span>Previous audit coverage and scope<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-47' style=';'><div id='questionWrap-47'  class='   watupro-question-id-236394'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>47. <\/span>Which of the following provides the MOST reliable audit evidence on the validity of transactions in a financial application?<\/div><input type='hidden' name='question_id[]' id='qID_47' value='236394' \/><input type='hidden' id='answerType236394' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236394[]' id='answer-id-938044' class='answer   answerof-236394 ' value='938044'   \/><label for='answer-id-938044' id='answer-label-938044' class=' answer'><span>Walk-through reviews<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236394[]' id='answer-id-938045' class='answer   answerof-236394 ' value='938045'   \/><label for='answer-id-938045' id='answer-label-938045' class=' answer'><span>Substantive testing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236394[]' id='answer-id-938046' class='answer   answerof-236394 ' value='938046'   \/><label for='answer-id-938046' id='answer-label-938046' class=' answer'><span>Compliance testing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236394[]' id='answer-id-938047' class='answer   answerof-236394 ' value='938047'   \/><label for='answer-id-938047' id='answer-label-938047' class=' answer'><span>Design documentation reviews<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-48' style=';'><div id='questionWrap-48'  class='   watupro-question-id-236395'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>48. <\/span>Which of the following MOST effectively minimizes downtime during system conversions?<\/div><input type='hidden' name='question_id[]' id='qID_48' value='236395' \/><input type='hidden' id='answerType236395' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236395[]' id='answer-id-938048' class='answer   answerof-236395 ' value='938048'   \/><label for='answer-id-938048' id='answer-label-938048' class=' answer'><span>Phased approach<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236395[]' id='answer-id-938049' class='answer   answerof-236395 ' value='938049'   \/><label for='answer-id-938049' id='answer-label-938049' class=' answer'><span>Direct cutover<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236395[]' id='answer-id-938050' class='answer   answerof-236395 ' value='938050'   \/><label for='answer-id-938050' id='answer-label-938050' class=' answer'><span>Pilot study<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236395[]' id='answer-id-938051' class='answer   answerof-236395 ' value='938051'   \/><label for='answer-id-938051' id='answer-label-938051' class=' answer'><span>Parallel run<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-49' style=';'><div id='questionWrap-49'  class='   watupro-question-id-236396'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>49. <\/span>Which of the following is MOST important for an IS auditor to examine when reviewing an organization's privacy policy?<\/div><input type='hidden' name='question_id[]' id='qID_49' value='236396' \/><input type='hidden' id='answerType236396' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236396[]' id='answer-id-938052' class='answer   answerof-236396 ' value='938052'   \/><label for='answer-id-938052' id='answer-label-938052' class=' answer'><span>Whether there is explicit permission from regulators to collect personal data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236396[]' id='answer-id-938053' class='answer   answerof-236396 ' value='938053'   \/><label for='answer-id-938053' id='answer-label-938053' class=' answer'><span>The organization's legitimate purpose for collecting personal data<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236396[]' id='answer-id-938054' class='answer   answerof-236396 ' value='938054'   \/><label for='answer-id-938054' id='answer-label-938054' class=' answer'><span>Whether sharing of personal information with third-party service providers is prohibited<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236396[]' id='answer-id-938055' class='answer   answerof-236396 ' value='938055'   \/><label for='answer-id-938055' id='answer-label-938055' class=' answer'><span>The encryption mechanism selected by the organization for protecting personal data<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-50' style=';'><div id='questionWrap-50'  class='   watupro-question-id-236397'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>50. <\/span>Which of the following would BEST demonstrate that an effective disaster recovery plan (DRP) is in place?<\/div><input type='hidden' name='question_id[]' id='qID_50' value='236397' \/><input type='hidden' id='answerType236397' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236397[]' id='answer-id-938056' class='answer   answerof-236397 ' value='938056'   \/><label for='answer-id-938056' id='answer-label-938056' class=' answer'><span>Frequent testing of backups<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236397[]' id='answer-id-938057' class='answer   answerof-236397 ' value='938057'   \/><label for='answer-id-938057' id='answer-label-938057' class=' answer'><span>Annual walk-through testing<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236397[]' id='answer-id-938058' class='answer   answerof-236397 ' value='938058'   \/><label for='answer-id-938058' id='answer-label-938058' class=' answer'><span>Periodic risk assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236397[]' id='answer-id-938059' class='answer   answerof-236397 ' value='938059'   \/><label for='answer-id-938059' id='answer-label-938059' class=' answer'><span>Full operational test<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-51' style=';'><div id='questionWrap-51'  class='   watupro-question-id-236398'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>51. <\/span>An IS auditor is conducting a post-implementation review of an enterprise resource planning (ERP) system. End users indicated concerns with the accuracy of critical automatic calculations made by the system. <br \/>\r<br>The auditor's FIRST course of action should be to:<\/div><input type='hidden' name='question_id[]' id='qID_51' value='236398' \/><input type='hidden' id='answerType236398' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236398[]' id='answer-id-938060' class='answer   answerof-236398 ' value='938060'   \/><label for='answer-id-938060' id='answer-label-938060' class=' answer'><span>review recent changes to the system.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236398[]' id='answer-id-938061' class='answer   answerof-236398 ' value='938061'   \/><label for='answer-id-938061' id='answer-label-938061' class=' answer'><span>verify completeness of user acceptance testing (UAT).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236398[]' id='answer-id-938062' class='answer   answerof-236398 ' value='938062'   \/><label for='answer-id-938062' id='answer-label-938062' class=' answer'><span>verify results to determine validity of user concerns.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236398[]' id='answer-id-938063' class='answer   answerof-236398 ' value='938063'   \/><label for='answer-id-938063' id='answer-label-938063' class=' answer'><span>review initial business requirements.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-52' style=';'><div id='questionWrap-52'  class='   watupro-question-id-236399'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>52. <\/span>Which of the following should be done FIRST when planning a penetration test?<\/div><input type='hidden' name='question_id[]' id='qID_52' value='236399' \/><input type='hidden' id='answerType236399' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236399[]' id='answer-id-938064' class='answer   answerof-236399 ' value='938064'   \/><label for='answer-id-938064' id='answer-label-938064' class=' answer'><span>Execute nondisclosure agreements (NDAs).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236399[]' id='answer-id-938065' class='answer   answerof-236399 ' value='938065'   \/><label for='answer-id-938065' id='answer-label-938065' class=' answer'><span>Determine reporting requirements for vulnerabilities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236399[]' id='answer-id-938066' class='answer   answerof-236399 ' value='938066'   \/><label for='answer-id-938066' id='answer-label-938066' class=' answer'><span>Define the testing scope.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236399[]' id='answer-id-938067' class='answer   answerof-236399 ' value='938067'   \/><label for='answer-id-938067' id='answer-label-938067' class=' answer'><span>Obtain management consent for the testing.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-53' style=';'><div id='questionWrap-53'  class='   watupro-question-id-236400'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>53. <\/span>A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. <br \/>\r<br>Which of the following is MOST effective in detecting such an intrusion?<\/div><input type='hidden' name='question_id[]' id='qID_53' value='236400' \/><input type='hidden' id='answerType236400' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236400[]' id='answer-id-938068' class='answer   answerof-236400 ' value='938068'   \/><label for='answer-id-938068' id='answer-label-938068' class=' answer'><span>Periodically reviewing log files<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236400[]' id='answer-id-938069' class='answer   answerof-236400 ' value='938069'   \/><label for='answer-id-938069' id='answer-label-938069' class=' answer'><span>Configuring the router as a firewall<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236400[]' id='answer-id-938070' class='answer   answerof-236400 ' value='938070'   \/><label for='answer-id-938070' id='answer-label-938070' class=' answer'><span>Using smart cards with one-time passwords<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236400[]' id='answer-id-938071' class='answer   answerof-236400 ' value='938071'   \/><label for='answer-id-938071' id='answer-label-938071' class=' answer'><span>Installing biometrics-based authentication<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-54' style=';'><div id='questionWrap-54'  class='   watupro-question-id-236401'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>54. <\/span>An IS auditor finds that a key Internet-facing system is vulnerable to attack and that patches are not available. <br \/>\r<br>What should the auditor recommend be done FIRST?<\/div><input type='hidden' name='question_id[]' id='qID_54' value='236401' \/><input type='hidden' id='answerType236401' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236401[]' id='answer-id-938072' class='answer   answerof-236401 ' value='938072'   \/><label for='answer-id-938072' id='answer-label-938072' class=' answer'><span>Implement a new system that can be patched.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236401[]' id='answer-id-938073' class='answer   answerof-236401 ' value='938073'   \/><label for='answer-id-938073' id='answer-label-938073' class=' answer'><span>Implement additional firewalls to protect the system.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236401[]' id='answer-id-938074' class='answer   answerof-236401 ' value='938074'   \/><label for='answer-id-938074' id='answer-label-938074' class=' answer'><span>Decommission the server.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236401[]' id='answer-id-938075' class='answer   answerof-236401 ' value='938075'   \/><label for='answer-id-938075' id='answer-label-938075' class=' answer'><span>Evaluate the associated risk.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-55' style=';'><div id='questionWrap-55'  class='   watupro-question-id-236402'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>55. <\/span>Which of the following is the PRIMARY reason for an IS auditor to conduct post-implementation reviews?<\/div><input type='hidden' name='question_id[]' id='qID_55' value='236402' \/><input type='hidden' id='answerType236402' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236402[]' id='answer-id-938076' class='answer   answerof-236402 ' value='938076'   \/><label for='answer-id-938076' id='answer-label-938076' class=' answer'><span>To determine whether project objectives in the business case have been achieved<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236402[]' id='answer-id-938077' class='answer   answerof-236402 ' value='938077'   \/><label for='answer-id-938077' id='answer-label-938077' class=' answer'><span>To ensure key stakeholder sign-off has been obtained<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236402[]' id='answer-id-938078' class='answer   answerof-236402 ' value='938078'   \/><label for='answer-id-938078' id='answer-label-938078' class=' answer'><span>To align project objectives with business needs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236402[]' id='answer-id-938079' class='answer   answerof-236402 ' value='938079'   \/><label for='answer-id-938079' id='answer-label-938079' class=' answer'><span>To document lessons learned to improve future project delivery<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-56' style=';'><div id='questionWrap-56'  class='   watupro-question-id-236403'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>56. <\/span>Which of the following is the BEST way to mitigate the impact of ransomware attacks?<\/div><input type='hidden' name='question_id[]' id='qID_56' value='236403' \/><input type='hidden' id='answerType236403' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236403[]' id='answer-id-938080' class='answer   answerof-236403 ' value='938080'   \/><label for='answer-id-938080' id='answer-label-938080' class=' answer'><span>Invoking the disaster recovery plan (DRP)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236403[]' id='answer-id-938081' class='answer   answerof-236403 ' value='938081'   \/><label for='answer-id-938081' id='answer-label-938081' class=' answer'><span>Backing up data frequently<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236403[]' id='answer-id-938082' class='answer   answerof-236403 ' value='938082'   \/><label for='answer-id-938082' id='answer-label-938082' class=' answer'><span>Paying the ransom<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236403[]' id='answer-id-938083' class='answer   answerof-236403 ' value='938083'   \/><label for='answer-id-938083' id='answer-label-938083' class=' answer'><span>Requiring password changes for administrative accounts<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-57' style=';'><div id='questionWrap-57'  class='   watupro-question-id-236404'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>57. <\/span>Which of the following is the BEST way to determine whether a test of a disaster recovery plan (DRP) was successful?<\/div><input type='hidden' name='question_id[]' id='qID_57' value='236404' \/><input type='hidden' id='answerType236404' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236404[]' id='answer-id-938084' class='answer   answerof-236404 ' value='938084'   \/><label for='answer-id-938084' id='answer-label-938084' class=' answer'><span>Analyze whether predetermined test objectives were met.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236404[]' id='answer-id-938085' class='answer   answerof-236404 ' value='938085'   \/><label for='answer-id-938085' id='answer-label-938085' class=' answer'><span>Perform testing at the backup data center.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236404[]' id='answer-id-938086' class='answer   answerof-236404 ' value='938086'   \/><label for='answer-id-938086' id='answer-label-938086' class=' answer'><span>Evaluate participation by key personnel.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236404[]' id='answer-id-938087' class='answer   answerof-236404 ' value='938087'   \/><label for='answer-id-938087' id='answer-label-938087' class=' answer'><span>Test offsite backup files.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-58' style=';'><div id='questionWrap-58'  class='   watupro-question-id-236405'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>58. <\/span>The PRIMARY advantage of object-oriented technology is enhanced:<\/div><input type='hidden' name='question_id[]' id='qID_58' value='236405' \/><input type='hidden' id='answerType236405' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236405[]' id='answer-id-938088' class='answer   answerof-236405 ' value='938088'   \/><label for='answer-id-938088' id='answer-label-938088' class=' answer'><span>efficiency due to the re-use of elements of logic.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236405[]' id='answer-id-938089' class='answer   answerof-236405 ' value='938089'   \/><label for='answer-id-938089' id='answer-label-938089' class=' answer'><span>management of sequential program execution for data access.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236405[]' id='answer-id-938090' class='answer   answerof-236405 ' value='938090'   \/><label for='answer-id-938090' id='answer-label-938090' class=' answer'><span>grouping of objects into methods for data access.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236405[]' id='answer-id-938091' class='answer   answerof-236405 ' value='938091'   \/><label for='answer-id-938091' id='answer-label-938091' class=' answer'><span>management of a restricted variety of data types for a data object.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-59' style=';'><div id='questionWrap-59'  class='   watupro-question-id-236406'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>59. <\/span>Which of the following is the PRIMARY concern when negotiating a contract for a hot site?<\/div><input type='hidden' name='question_id[]' id='qID_59' value='236406' \/><input type='hidden' id='answerType236406' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236406[]' id='answer-id-938092' class='answer   answerof-236406 ' value='938092'   \/><label for='answer-id-938092' id='answer-label-938092' class=' answer'><span>Availability of the site in the event of multiple disaster declarations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236406[]' id='answer-id-938093' class='answer   answerof-236406 ' value='938093'   \/><label for='answer-id-938093' id='answer-label-938093' class=' answer'><span>Coordination with the site staff in the event of multiple disaster declarations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236406[]' id='answer-id-938094' class='answer   answerof-236406 ' value='938094'   \/><label for='answer-id-938094' id='answer-label-938094' class=' answer'><span>Reciprocal agreements with other organizations<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236406[]' id='answer-id-938095' class='answer   answerof-236406 ' value='938095'   \/><label for='answer-id-938095' id='answer-label-938095' class=' answer'><span>Complete testing of the recovery plan<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-60' style=';'><div id='questionWrap-60'  class='   watupro-question-id-236407'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>60. <\/span>An IS auditor notes the transaction processing times in an order processing system have significantly increased after a major release. <br \/>\r<br>Which of the following should the IS auditor review FIRST?<\/div><input type='hidden' name='question_id[]' id='qID_60' value='236407' \/><input type='hidden' id='answerType236407' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236407[]' id='answer-id-938096' class='answer   answerof-236407 ' value='938096'   \/><label for='answer-id-938096' id='answer-label-938096' class=' answer'><span>Capacity management plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236407[]' id='answer-id-938097' class='answer   answerof-236407 ' value='938097'   \/><label for='answer-id-938097' id='answer-label-938097' class=' answer'><span>Training plans<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236407[]' id='answer-id-938098' class='answer   answerof-236407 ' value='938098'   \/><label for='answer-id-938098' id='answer-label-938098' class=' answer'><span>Database conversion results<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236407[]' id='answer-id-938099' class='answer   answerof-236407 ' value='938099'   \/><label for='answer-id-938099' id='answer-label-938099' class=' answer'><span>Stress testing results<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-61' style=';'><div id='questionWrap-61'  class='   watupro-question-id-236408'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>61. <\/span>One benefit of return on investment (ROI) analysts in IT decision making is that it provides the:<\/div><input type='hidden' name='question_id[]' id='qID_61' value='236408' \/><input type='hidden' id='answerType236408' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236408[]' id='answer-id-938100' class='answer   answerof-236408 ' value='938100'   \/><label for='answer-id-938100' id='answer-label-938100' class=' answer'><span>basis for allocating indirect costs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236408[]' id='answer-id-938101' class='answer   answerof-236408 ' value='938101'   \/><label for='answer-id-938101' id='answer-label-938101' class=' answer'><span>cost of replacing equipment.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236408[]' id='answer-id-938102' class='answer   answerof-236408 ' value='938102'   \/><label for='answer-id-938102' id='answer-label-938102' class=' answer'><span>estimated cost of ownership.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236408[]' id='answer-id-938103' class='answer   answerof-236408 ' value='938103'   \/><label for='answer-id-938103' id='answer-label-938103' class=' answer'><span>basis for allocating financial resources.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-62' style=';'><div id='questionWrap-62'  class='   watupro-question-id-236409'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>62. <\/span>An IS auditor discovers that validation controls m a web application have been moved from the server side into the browser to boost performance. <br \/>\r<br>This would MOST likely increase the risk of a successful attack by.<\/div><input type='hidden' name='question_id[]' id='qID_62' value='236409' \/><input type='hidden' id='answerType236409' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236409[]' id='answer-id-938104' class='answer   answerof-236409 ' value='938104'   \/><label for='answer-id-938104' id='answer-label-938104' class=' answer'><span>phishing.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236409[]' id='answer-id-938105' class='answer   answerof-236409 ' value='938105'   \/><label for='answer-id-938105' id='answer-label-938105' class=' answer'><span>denial of service (DoS)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236409[]' id='answer-id-938106' class='answer   answerof-236409 ' value='938106'   \/><label for='answer-id-938106' id='answer-label-938106' class=' answer'><span>structured query language (SQL) injection<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236409[]' id='answer-id-938107' class='answer   answerof-236409 ' value='938107'   \/><label for='answer-id-938107' id='answer-label-938107' class=' answer'><span>buffer overflow<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-63' style=';'><div id='questionWrap-63'  class='   watupro-question-id-236410'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>63. <\/span>Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organization's information security policy?<\/div><input type='hidden' name='question_id[]' id='qID_63' value='236410' \/><input type='hidden' id='answerType236410' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236410[]' id='answer-id-938108' class='answer   answerof-236410 ' value='938108'   \/><label for='answer-id-938108' id='answer-label-938108' class=' answer'><span>Alignment with the IT tactical plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236410[]' id='answer-id-938109' class='answer   answerof-236410 ' value='938109'   \/><label for='answer-id-938109' id='answer-label-938109' class=' answer'><span>IT steering committee minutes<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236410[]' id='answer-id-938110' class='answer   answerof-236410 ' value='938110'   \/><label for='answer-id-938110' id='answer-label-938110' class=' answer'><span>Compliance with industry best practice<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236410[]' id='answer-id-938111' class='answer   answerof-236410 ' value='938111'   \/><label for='answer-id-938111' id='answer-label-938111' class=' answer'><span>Business objectives<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-64' style=';'><div id='questionWrap-64'  class='   watupro-question-id-236411'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>64. <\/span>Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?<\/div><input type='hidden' name='question_id[]' id='qID_64' value='236411' \/><input type='hidden' id='answerType236411' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236411[]' id='answer-id-938112' class='answer   answerof-236411 ' value='938112'   \/><label for='answer-id-938112' id='answer-label-938112' class=' answer'><span>File level encryption<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236411[]' id='answer-id-938113' class='answer   answerof-236411 ' value='938113'   \/><label for='answer-id-938113' id='answer-label-938113' class=' answer'><span>File Transfer Protocol (FTP)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236411[]' id='answer-id-938114' class='answer   answerof-236411 ' value='938114'   \/><label for='answer-id-938114' id='answer-label-938114' class=' answer'><span>Instant messaging policy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236411[]' id='answer-id-938115' class='answer   answerof-236411 ' value='938115'   \/><label for='answer-id-938115' id='answer-label-938115' class=' answer'><span>Application level firewalls<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-65' style=';'><div id='questionWrap-65'  class='   watupro-question-id-236412'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>65. <\/span>Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?<\/div><input type='hidden' name='question_id[]' id='qID_65' value='236412' \/><input type='hidden' id='answerType236412' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236412[]' id='answer-id-938116' class='answer   answerof-236412 ' value='938116'   \/><label for='answer-id-938116' id='answer-label-938116' class=' answer'><span>Write access to production program libraries<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236412[]' id='answer-id-938117' class='answer   answerof-236412 ' value='938117'   \/><label for='answer-id-938117' id='answer-label-938117' class=' answer'><span>Write access to development data libraries<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236412[]' id='answer-id-938118' class='answer   answerof-236412 ' value='938118'   \/><label for='answer-id-938118' id='answer-label-938118' class=' answer'><span>Execute access to production program libraries<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236412[]' id='answer-id-938119' class='answer   answerof-236412 ' value='938119'   \/><label for='answer-id-938119' id='answer-label-938119' class=' answer'><span>Execute access to development program libraries<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-66' style=';'><div id='questionWrap-66'  class='   watupro-question-id-236413'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>66. <\/span>The implementation of an IT governance framework requires that the board of directors of an organization:<\/div><input type='hidden' name='question_id[]' id='qID_66' value='236413' \/><input type='hidden' id='answerType236413' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236413[]' id='answer-id-938120' class='answer   answerof-236413 ' value='938120'   \/><label for='answer-id-938120' id='answer-label-938120' class=' answer'><span>Address technical IT issues.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236413[]' id='answer-id-938121' class='answer   answerof-236413 ' value='938121'   \/><label for='answer-id-938121' id='answer-label-938121' class=' answer'><span>Be informed of all IT initiatives.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236413[]' id='answer-id-938122' class='answer   answerof-236413 ' value='938122'   \/><label for='answer-id-938122' id='answer-label-938122' class=' answer'><span>Have an IT strategy committee.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236413[]' id='answer-id-938123' class='answer   answerof-236413 ' value='938123'   \/><label for='answer-id-938123' id='answer-label-938123' class=' answer'><span>Approve the IT strategy.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-67' style=';'><div id='questionWrap-67'  class='   watupro-question-id-236414'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>67. <\/span>An organization's software developers need access to personally identifiable information (Pll) stored in a particular data format. <br \/>\r<br>Which of the following is the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?<\/div><input type='hidden' name='question_id[]' id='qID_67' value='236414' \/><input type='hidden' id='answerType236414' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236414[]' id='answer-id-938124' class='answer   answerof-236414 ' value='938124'   \/><label for='answer-id-938124' id='answer-label-938124' class=' answer'><span>Data masking<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236414[]' id='answer-id-938125' class='answer   answerof-236414 ' value='938125'   \/><label for='answer-id-938125' id='answer-label-938125' class=' answer'><span>Data tokenization<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236414[]' id='answer-id-938126' class='answer   answerof-236414 ' value='938126'   \/><label for='answer-id-938126' id='answer-label-938126' class=' answer'><span>Data encryption<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236414[]' id='answer-id-938127' class='answer   answerof-236414 ' value='938127'   \/><label for='answer-id-938127' id='answer-label-938127' class=' answer'><span>Data abstraction<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-68' style=';'><div id='questionWrap-68'  class='   watupro-question-id-236415'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>68. <\/span>Which of the following is MOST important for an effective control self-assessment (CSA) program?<\/div><input type='hidden' name='question_id[]' id='qID_68' value='236415' \/><input type='hidden' id='answerType236415' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236415[]' id='answer-id-938128' class='answer   answerof-236415 ' value='938128'   \/><label for='answer-id-938128' id='answer-label-938128' class=' answer'><span>Determining the scope of the assessment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236415[]' id='answer-id-938129' class='answer   answerof-236415 ' value='938129'   \/><label for='answer-id-938129' id='answer-label-938129' class=' answer'><span>Performing detailed test procedures<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236415[]' id='answer-id-938130' class='answer   answerof-236415 ' value='938130'   \/><label for='answer-id-938130' id='answer-label-938130' class=' answer'><span>Evaluating changes to the risk environment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236415[]' id='answer-id-938131' class='answer   answerof-236415 ' value='938131'   \/><label for='answer-id-938131' id='answer-label-938131' class=' answer'><span>Understanding the business process<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-69' style=';'><div id='questionWrap-69'  class='   watupro-question-id-236416'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>69. <\/span>When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:<\/div><input type='hidden' name='question_id[]' id='qID_69' value='236416' \/><input type='hidden' id='answerType236416' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236416[]' id='answer-id-938132' class='answer   answerof-236416 ' value='938132'   \/><label for='answer-id-938132' id='answer-label-938132' class=' answer'><span>the Internet.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236416[]' id='answer-id-938133' class='answer   answerof-236416 ' value='938133'   \/><label for='answer-id-938133' id='answer-label-938133' class=' answer'><span>the demilitarized zone (DMZ).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236416[]' id='answer-id-938134' class='answer   answerof-236416 ' value='938134'   \/><label for='answer-id-938134' id='answer-label-938134' class=' answer'><span>the organization's web server.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236416[]' id='answer-id-938135' class='answer   answerof-236416 ' value='938135'   \/><label for='answer-id-938135' id='answer-label-938135' class=' answer'><span>the organization's network.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-70' style=';'><div id='questionWrap-70'  class='   watupro-question-id-236417'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>70. <\/span>During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. <br \/>\r<br>What is the auditor's BEST course of action?<\/div><input type='hidden' name='question_id[]' id='qID_70' value='236417' \/><input type='hidden' id='answerType236417' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236417[]' id='answer-id-938136' class='answer   answerof-236417 ' value='938136'   \/><label for='answer-id-938136' id='answer-label-938136' class=' answer'><span>Notify the chair of the audit committee.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236417[]' id='answer-id-938137' class='answer   answerof-236417 ' value='938137'   \/><label for='answer-id-938137' id='answer-label-938137' class=' answer'><span>Notify the audit manager.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236417[]' id='answer-id-938138' class='answer   answerof-236417 ' value='938138'   \/><label for='answer-id-938138' id='answer-label-938138' class=' answer'><span>Retest the control.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236417[]' id='answer-id-938139' class='answer   answerof-236417 ' value='938139'   \/><label for='answer-id-938139' id='answer-label-938139' class=' answer'><span>Close the audit finding.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-71' style=';'><div id='questionWrap-71'  class='   watupro-question-id-236418'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>71. <\/span>Which of the following should an IS auditor be MOST concerned with during a post-implementation review?<\/div><input type='hidden' name='question_id[]' id='qID_71' value='236418' \/><input type='hidden' id='answerType236418' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236418[]' id='answer-id-938140' class='answer   answerof-236418 ' value='938140'   \/><label for='answer-id-938140' id='answer-label-938140' class=' answer'><span>The system does not have a maintenance plan.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236418[]' id='answer-id-938141' class='answer   answerof-236418 ' value='938141'   \/><label for='answer-id-938141' id='answer-label-938141' class=' answer'><span>The system contains several minor defects.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236418[]' id='answer-id-938142' class='answer   answerof-236418 ' value='938142'   \/><label for='answer-id-938142' id='answer-label-938142' class=' answer'><span>The system deployment was delayed by three weeks.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236418[]' id='answer-id-938143' class='answer   answerof-236418 ' value='938143'   \/><label for='answer-id-938143' id='answer-label-938143' class=' answer'><span>The system was over budget by 15%.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-72' style=';'><div id='questionWrap-72'  class='   watupro-question-id-236419'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>72. <\/span>An organization conducted an exercise to test the security awareness level of users by sending an email offering a cash reward 10 those who click on a link embedded in the body of the email. <br \/>\r<br>Which of the following metrics BEST indicates the effectiveness of awareness training?<\/div><input type='hidden' name='question_id[]' id='qID_72' value='236419' \/><input type='hidden' id='answerType236419' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236419[]' id='answer-id-938144' class='answer   answerof-236419 ' value='938144'   \/><label for='answer-id-938144' id='answer-label-938144' class=' answer'><span>The number of users deleting the email without reporting because it is a phishing email<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236419[]' id='answer-id-938145' class='answer   answerof-236419 ' value='938145'   \/><label for='answer-id-938145' id='answer-label-938145' class=' answer'><span>The number of users clicking on the link to learn more about the sender of the email<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236419[]' id='answer-id-938146' class='answer   answerof-236419 ' value='938146'   \/><label for='answer-id-938146' id='answer-label-938146' class=' answer'><span>The number of users forwarding the email to their business unit managers<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236419[]' id='answer-id-938147' class='answer   answerof-236419 ' value='938147'   \/><label for='answer-id-938147' id='answer-label-938147' class=' answer'><span>The number of users reporting receipt of the email to the information security team<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-73' style=';'><div id='questionWrap-73'  class='   watupro-question-id-236420'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>73. <\/span>During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures. <br \/>\r<br>The auditor's NEXT step should be to:<\/div><input type='hidden' name='question_id[]' id='qID_73' value='236420' \/><input type='hidden' id='answerType236420' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236420[]' id='answer-id-938148' class='answer   answerof-236420 ' value='938148'   \/><label for='answer-id-938148' id='answer-label-938148' class=' answer'><span>note the noncompliance in the audit working papers.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236420[]' id='answer-id-938149' class='answer   answerof-236420 ' value='938149'   \/><label for='answer-id-938149' id='answer-label-938149' class=' answer'><span>issue an audit memorandum identifying the noncompliance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236420[]' id='answer-id-938150' class='answer   answerof-236420 ' value='938150'   \/><label for='answer-id-938150' id='answer-label-938150' class=' answer'><span>include the noncompliance in the audit report.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236420[]' id='answer-id-938151' class='answer   answerof-236420 ' value='938151'   \/><label for='answer-id-938151' id='answer-label-938151' class=' answer'><span>determine why the procedures were not followed.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-74' style=';'><div id='questionWrap-74'  class='   watupro-question-id-236421'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>74. <\/span>An IS auditor who was instrumental in designing an application is called upon to review the application. The auditor should:<\/div><input type='hidden' name='question_id[]' id='qID_74' value='236421' \/><input type='hidden' id='answerType236421' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236421[]' id='answer-id-938152' class='answer   answerof-236421 ' value='938152'   \/><label for='answer-id-938152' id='answer-label-938152' class=' answer'><span>refuse the assignment to avoid conflict of interest.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236421[]' id='answer-id-938153' class='answer   answerof-236421 ' value='938153'   \/><label for='answer-id-938153' id='answer-label-938153' class=' answer'><span>use the knowledge of the application to carry out the audit.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236421[]' id='answer-id-938154' class='answer   answerof-236421 ' value='938154'   \/><label for='answer-id-938154' id='answer-label-938154' class=' answer'><span>inform audit management of the earlier involvement.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236421[]' id='answer-id-938155' class='answer   answerof-236421 ' value='938155'   \/><label for='answer-id-938155' id='answer-label-938155' class=' answer'><span>modify the scope of the audit.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-75' style=';'><div id='questionWrap-75'  class='   watupro-question-id-236422'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>75. <\/span>Malicious program code was found in an application and corrected prior to release into production. After the release, the same issue was reported. <br \/>\r<br>Which of the following is the IS auditor's BEST recommendation?<\/div><input type='hidden' name='question_id[]' id='qID_75' value='236422' \/><input type='hidden' id='answerType236422' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236422[]' id='answer-id-938156' class='answer   answerof-236422 ' value='938156'   \/><label for='answer-id-938156' id='answer-label-938156' class=' answer'><span>Ensure corrected program code is compiled in a dedicated server.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236422[]' id='answer-id-938157' class='answer   answerof-236422 ' value='938157'   \/><label for='answer-id-938157' id='answer-label-938157' class=' answer'><span>Ensure change management reports are independently reviewed.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236422[]' id='answer-id-938158' class='answer   answerof-236422 ' value='938158'   \/><label for='answer-id-938158' id='answer-label-938158' class=' answer'><span>Ensure programmers cannot access code after the completion of program edits.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236422[]' id='answer-id-938159' class='answer   answerof-236422 ' value='938159'   \/><label for='answer-id-938159' id='answer-label-938159' class=' answer'><span>Ensure the business signs off on end-to-end user acceptance test (UAT) results.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-76' style=';'><div id='questionWrap-76'  class='   watupro-question-id-236423'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>76. <\/span>Which of the following demonstrates the use of data analytics for a loan origination process?<\/div><input type='hidden' name='question_id[]' id='qID_76' value='236423' \/><input type='hidden' id='answerType236423' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236423[]' id='answer-id-938160' class='answer   answerof-236423 ' value='938160'   \/><label for='answer-id-938160' id='answer-label-938160' class=' answer'><span>Evaluating whether loan records are included in the batch file and are validated by the servicing system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236423[]' id='answer-id-938161' class='answer   answerof-236423 ' value='938161'   \/><label for='answer-id-938161' id='answer-label-938161' class=' answer'><span>Comparing a population of loans input in the origination system to loans booked on the servicing system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236423[]' id='answer-id-938162' class='answer   answerof-236423 ' value='938162'   \/><label for='answer-id-938162' id='answer-label-938162' class=' answer'><span>Validating whether reconciliations between the two systems are performed and discrepancies are investigated<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236423[]' id='answer-id-938163' class='answer   answerof-236423 ' value='938163'   \/><label for='answer-id-938163' id='answer-label-938163' class=' answer'><span>Reviewing error handling controls to notify appropriate personnel in the event of a transmission failure<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-77' style=';'><div id='questionWrap-77'  class='   watupro-question-id-236424'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>77. <\/span>During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective. <br \/>\r<br>Which of the following is the auditor's BEST action?<\/div><input type='hidden' name='question_id[]' id='qID_77' value='236424' \/><input type='hidden' id='answerType236424' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236424[]' id='answer-id-938164' class='answer   answerof-236424 ' value='938164'   \/><label for='answer-id-938164' id='answer-label-938164' class=' answer'><span>Explain to IT management that the new control will be evaluated during follow-up<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236424[]' id='answer-id-938165' class='answer   answerof-236424 ' value='938165'   \/><label for='answer-id-938165' id='answer-label-938165' class=' answer'><span>Re-perform the audit before changing the conclusion.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236424[]' id='answer-id-938166' class='answer   answerof-236424 ' value='938166'   \/><label for='answer-id-938166' id='answer-label-938166' class=' answer'><span>Change the conclusion based on evidence provided by IT management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236424[]' id='answer-id-938167' class='answer   answerof-236424 ' value='938167'   \/><label for='answer-id-938167' id='answer-label-938167' class=' answer'><span>Add comments about the action taken by IT management in the report.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-78' style=';'><div id='questionWrap-78'  class='   watupro-question-id-236425'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>78. <\/span>During a disaster recovery audit, an IS auditor finds that a business impact analysis (BIA) has not been performed. The auditor should FIRST<\/div><input type='hidden' name='question_id[]' id='qID_78' value='236425' \/><input type='hidden' id='answerType236425' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236425[]' id='answer-id-938168' class='answer   answerof-236425 ' value='938168'   \/><label for='answer-id-938168' id='answer-label-938168' class=' answer'><span>perform a business impact analysis (BIA).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236425[]' id='answer-id-938169' class='answer   answerof-236425 ' value='938169'   \/><label for='answer-id-938169' id='answer-label-938169' class=' answer'><span>issue an intermediate report to management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236425[]' id='answer-id-938170' class='answer   answerof-236425 ' value='938170'   \/><label for='answer-id-938170' id='answer-label-938170' class=' answer'><span>evaluate the impact on current disaster recovery capability.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236425[]' id='answer-id-938171' class='answer   answerof-236425 ' value='938171'   \/><label for='answer-id-938171' id='answer-label-938171' class=' answer'><span>conduct additional compliance testing.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-79' style=';'><div id='questionWrap-79'  class='   watupro-question-id-236426'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>79. <\/span>Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?<\/div><input type='hidden' name='question_id[]' id='qID_79' value='236426' \/><input type='hidden' id='answerType236426' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236426[]' id='answer-id-938172' class='answer   answerof-236426 ' value='938172'   \/><label for='answer-id-938172' id='answer-label-938172' class=' answer'><span>System flowchart<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236426[]' id='answer-id-938173' class='answer   answerof-236426 ' value='938173'   \/><label for='answer-id-938173' id='answer-label-938173' class=' answer'><span>Data flow diagram<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236426[]' id='answer-id-938174' class='answer   answerof-236426 ' value='938174'   \/><label for='answer-id-938174' id='answer-label-938174' class=' answer'><span>Process flowchart<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236426[]' id='answer-id-938175' class='answer   answerof-236426 ' value='938175'   \/><label for='answer-id-938175' id='answer-label-938175' class=' answer'><span>Entity-relationship diagram<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-80' style=';'><div id='questionWrap-80'  class='   watupro-question-id-236427'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>80. <\/span>An IS auditor is examining a front-end subledger and a main ledger. <br \/>\r<br>Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?<\/div><input type='hidden' name='question_id[]' id='qID_80' value='236427' \/><input type='hidden' id='answerType236427' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236427[]' id='answer-id-938176' class='answer   answerof-236427 ' value='938176'   \/><label for='answer-id-938176' id='answer-label-938176' class=' answer'><span>Double-posting of a single journal entry<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236427[]' id='answer-id-938177' class='answer   answerof-236427 ' value='938177'   \/><label for='answer-id-938177' id='answer-label-938177' class=' answer'><span>Inability to support new business transactions<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236427[]' id='answer-id-938178' class='answer   answerof-236427 ' value='938178'   \/><label for='answer-id-938178' id='answer-label-938178' class=' answer'><span>Unauthorized alteration of account attributes<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236427[]' id='answer-id-938179' class='answer   answerof-236427 ' value='938179'   \/><label for='answer-id-938179' id='answer-label-938179' class=' answer'><span>Inaccuracy of financial reporting<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-81' style=';'><div id='questionWrap-81'  class='   watupro-question-id-236428'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>81. <\/span>An IS auditor will be testing accounts payable controls by performing data analytics on the entire population of transactions. <br \/>\r<br>Which of the following is MOST important for the auditor to confirm when sourcing the population data?<\/div><input type='hidden' name='question_id[]' id='qID_81' value='236428' \/><input type='hidden' id='answerType236428' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236428[]' id='answer-id-938180' class='answer   answerof-236428 ' value='938180'   \/><label for='answer-id-938180' id='answer-label-938180' class=' answer'><span>The data is taken directly from the system.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236428[]' id='answer-id-938181' class='answer   answerof-236428 ' value='938181'   \/><label for='answer-id-938181' id='answer-label-938181' class=' answer'><span>There is no privacy information in the data.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236428[]' id='answer-id-938182' class='answer   answerof-236428 ' value='938182'   \/><label for='answer-id-938182' id='answer-label-938182' class=' answer'><span>The data can be obtained in a timely manner.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236428[]' id='answer-id-938183' class='answer   answerof-236428 ' value='938183'   \/><label for='answer-id-938183' id='answer-label-938183' class=' answer'><span>The data analysis tools have been recently updated.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-82' style=';'><div id='questionWrap-82'  class='   watupro-question-id-236429'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>82. <\/span>To confirm integrity for a hashed message, the receiver should use:<\/div><input type='hidden' name='question_id[]' id='qID_82' value='236429' \/><input type='hidden' id='answerType236429' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236429[]' id='answer-id-938184' class='answer   answerof-236429 ' value='938184'   \/><label for='answer-id-938184' id='answer-label-938184' class=' answer'><span>the same hashing algorithm as the sender's to create a binary image of the file.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236429[]' id='answer-id-938185' class='answer   answerof-236429 ' value='938185'   \/><label for='answer-id-938185' id='answer-label-938185' class=' answer'><span>a different hashing algorithm from the sender's to create a binary image of the file.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236429[]' id='answer-id-938186' class='answer   answerof-236429 ' value='938186'   \/><label for='answer-id-938186' id='answer-label-938186' class=' answer'><span>the same hashing algorithm as the sender's to create a numerical representation of the file.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236429[]' id='answer-id-938187' class='answer   answerof-236429 ' value='938187'   \/><label for='answer-id-938187' id='answer-label-938187' class=' answer'><span>a different hashing algorithm from the sender's to create a numerical representation of the file.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-83' style=';'><div id='questionWrap-83'  class='   watupro-question-id-236430'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>83. <\/span>When an intrusion into an organization network is deleted, which of the following should be done FIRST?<\/div><input type='hidden' name='question_id[]' id='qID_83' value='236430' \/><input type='hidden' id='answerType236430' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236430[]' id='answer-id-938188' class='answer   answerof-236430 ' value='938188'   \/><label for='answer-id-938188' id='answer-label-938188' class=' answer'><span>Block all compromised network nodes.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236430[]' id='answer-id-938189' class='answer   answerof-236430 ' value='938189'   \/><label for='answer-id-938189' id='answer-label-938189' class=' answer'><span>Contact law enforcement.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236430[]' id='answer-id-938190' class='answer   answerof-236430 ' value='938190'   \/><label for='answer-id-938190' id='answer-label-938190' class=' answer'><span>Notify senior management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236430[]' id='answer-id-938191' class='answer   answerof-236430 ' value='938191'   \/><label for='answer-id-938191' id='answer-label-938191' class=' answer'><span>Identity nodes that have been compromised.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-84' style=';'><div id='questionWrap-84'  class='   watupro-question-id-236431'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>84. <\/span>Prior to a follow-up engagement, an IS auditor learns that management has decided to accept a level of residual risk related to an audit finding without remediation. The IS auditor is concerned about management's decision. <br \/>\r<br>Which of the following should be the IS auditor's NEXT course of action?<\/div><input type='hidden' name='question_id[]' id='qID_84' value='236431' \/><input type='hidden' id='answerType236431' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236431[]' id='answer-id-938192' class='answer   answerof-236431 ' value='938192'   \/><label for='answer-id-938192' id='answer-label-938192' class=' answer'><span>Accept management's decision and continue the follow-up.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236431[]' id='answer-id-938193' class='answer   answerof-236431 ' value='938193'   \/><label for='answer-id-938193' id='answer-label-938193' class=' answer'><span>Report the issue to IS audit management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236431[]' id='answer-id-938194' class='answer   answerof-236431 ' value='938194'   \/><label for='answer-id-938194' id='answer-label-938194' class=' answer'><span>Report the disagreement to the board.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236431[]' id='answer-id-938195' class='answer   answerof-236431 ' value='938195'   \/><label for='answer-id-938195' id='answer-label-938195' class=' answer'><span>Present the issue to executive management.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-85' style=';'><div id='questionWrap-85'  class='   watupro-question-id-236432'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>85. <\/span>Which of the following is the BEST detective control for a job scheduling process involving data transmission?<\/div><input type='hidden' name='question_id[]' id='qID_85' value='236432' \/><input type='hidden' id='answerType236432' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236432[]' id='answer-id-938196' class='answer   answerof-236432 ' value='938196'   \/><label for='answer-id-938196' id='answer-label-938196' class=' answer'><span>Metrics denoting the volume of monthly job failures are reported and reviewed by senior management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236432[]' id='answer-id-938197' class='answer   answerof-236432 ' value='938197'   \/><label for='answer-id-938197' id='answer-label-938197' class=' answer'><span>Jobs are scheduled to be completed daily and data is transmitted using a Secure File Transfer Protocol (SFTP).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236432[]' id='answer-id-938198' class='answer   answerof-236432 ' value='938198'   \/><label for='answer-id-938198' id='answer-label-938198' class=' answer'><span>Jobs are scheduled and a log of this activity is retained for subsequent review.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236432[]' id='answer-id-938199' class='answer   answerof-236432 ' value='938199'   \/><label for='answer-id-938199' id='answer-label-938199' class=' answer'><span>Job failure alerts are automatically generated and routed to support personnel.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-86' style=';'><div id='questionWrap-86'  class='   watupro-question-id-236433'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>86. <\/span>Which of the following is MOST useful for determining whether the goals of IT are aligned with the organization's goals?<\/div><input type='hidden' name='question_id[]' id='qID_86' value='236433' \/><input type='hidden' id='answerType236433' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236433[]' id='answer-id-938200' class='answer   answerof-236433 ' value='938200'   \/><label for='answer-id-938200' id='answer-label-938200' class=' answer'><span>Balanced scorecard<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236433[]' id='answer-id-938201' class='answer   answerof-236433 ' value='938201'   \/><label for='answer-id-938201' id='answer-label-938201' class=' answer'><span>Enterprise dashboard<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236433[]' id='answer-id-938202' class='answer   answerof-236433 ' value='938202'   \/><label for='answer-id-938202' id='answer-label-938202' class=' answer'><span>Enterprise architecture (EA)<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236433[]' id='answer-id-938203' class='answer   answerof-236433 ' value='938203'   \/><label for='answer-id-938203' id='answer-label-938203' class=' answer'><span>Key performance indicators (KPIs)<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-87' style=';'><div id='questionWrap-87'  class='   watupro-question-id-236434'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>87. <\/span>Which of the following BEST guards against the risk of attack by hackers?<\/div><input type='hidden' name='question_id[]' id='qID_87' value='236434' \/><input type='hidden' id='answerType236434' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236434[]' id='answer-id-938204' class='answer   answerof-236434 ' value='938204'   \/><label for='answer-id-938204' id='answer-label-938204' class=' answer'><span>Tunneling<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236434[]' id='answer-id-938205' class='answer   answerof-236434 ' value='938205'   \/><label for='answer-id-938205' id='answer-label-938205' class=' answer'><span>Encryption<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236434[]' id='answer-id-938206' class='answer   answerof-236434 ' value='938206'   \/><label for='answer-id-938206' id='answer-label-938206' class=' answer'><span>Message validation<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236434[]' id='answer-id-938207' class='answer   answerof-236434 ' value='938207'   \/><label for='answer-id-938207' id='answer-label-938207' class=' answer'><span>Firewalls<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-88' style=';'><div id='questionWrap-88'  class='   watupro-question-id-236435'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>88. <\/span>Which of the following is MOST important with regard to an application development acceptance test?<\/div><input type='hidden' name='question_id[]' id='qID_88' value='236435' \/><input type='hidden' id='answerType236435' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236435[]' id='answer-id-938208' class='answer   answerof-236435 ' value='938208'   \/><label for='answer-id-938208' id='answer-label-938208' class=' answer'><span>The programming team is involved in the testing process.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236435[]' id='answer-id-938209' class='answer   answerof-236435 ' value='938209'   \/><label for='answer-id-938209' id='answer-label-938209' class=' answer'><span>All data files are tested for valid information before conversion.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236435[]' id='answer-id-938210' class='answer   answerof-236435 ' value='938210'   \/><label for='answer-id-938210' id='answer-label-938210' class=' answer'><span>User management approves the test design before the test is started.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236435[]' id='answer-id-938211' class='answer   answerof-236435 ' value='938211'   \/><label for='answer-id-938211' id='answer-label-938211' class=' answer'><span>The quality assurance (QA) team is in charge of the testing process.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-89' style=';'><div id='questionWrap-89'  class='   watupro-question-id-236436'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>89. <\/span>Which of the following is MOST important to ensure when planning a black box penetration test?<\/div><input type='hidden' name='question_id[]' id='qID_89' value='236436' \/><input type='hidden' id='answerType236436' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236436[]' id='answer-id-938212' class='answer   answerof-236436 ' value='938212'   \/><label for='answer-id-938212' id='answer-label-938212' class=' answer'><span>The management of the client organization is aware of the testing.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236436[]' id='answer-id-938213' class='answer   answerof-236436 ' value='938213'   \/><label for='answer-id-938213' id='answer-label-938213' class=' answer'><span>The test results will be documented and communicated to management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236436[]' id='answer-id-938214' class='answer   answerof-236436 ' value='938214'   \/><label for='answer-id-938214' id='answer-label-938214' class=' answer'><span>The environment and penetration test scope have been determined.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236436[]' id='answer-id-938215' class='answer   answerof-236436 ' value='938215'   \/><label for='answer-id-938215' id='answer-label-938215' class=' answer'><span>Diagrams of the organization's network architecture are available.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-90' style=';'><div id='questionWrap-90'  class='   watupro-question-id-236437'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>90. <\/span>Which of the following BEST indicates the effectiveness of an organization's risk management program?<\/div><input type='hidden' name='question_id[]' id='qID_90' value='236437' \/><input type='hidden' id='answerType236437' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236437[]' id='answer-id-938216' class='answer   answerof-236437 ' value='938216'   \/><label for='answer-id-938216' id='answer-label-938216' class=' answer'><span>Inherent risk is eliminated.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236437[]' id='answer-id-938217' class='answer   answerof-236437 ' value='938217'   \/><label for='answer-id-938217' id='answer-label-938217' class=' answer'><span>Residual risk is minimized.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236437[]' id='answer-id-938218' class='answer   answerof-236437 ' value='938218'   \/><label for='answer-id-938218' id='answer-label-938218' class=' answer'><span>Control risk is minimized.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236437[]' id='answer-id-938219' class='answer   answerof-236437 ' value='938219'   \/><label for='answer-id-938219' id='answer-label-938219' class=' answer'><span>Overall risk is quantified.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-91' style=';'><div id='questionWrap-91'  class='   watupro-question-id-236438'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>91. <\/span>IS management has recently disabled certain referential integrity controls in the database management system (DBMS) software to provide users increased query performance. <br \/>\r<br>Which of the following controls will MOST effectively compensate for the lack of referential integrity?<\/div><input type='hidden' name='question_id[]' id='qID_91' value='236438' \/><input type='hidden' id='answerType236438' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236438[]' id='answer-id-938220' class='answer   answerof-236438 ' value='938220'   \/><label for='answer-id-938220' id='answer-label-938220' class=' answer'><span>More frequent data backups<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236438[]' id='answer-id-938221' class='answer   answerof-236438 ' value='938221'   \/><label for='answer-id-938221' id='answer-label-938221' class=' answer'><span>Periodic table link checks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236438[]' id='answer-id-938222' class='answer   answerof-236438 ' value='938222'   \/><label for='answer-id-938222' id='answer-label-938222' class=' answer'><span>Concurrent access controls<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236438[]' id='answer-id-938223' class='answer   answerof-236438 ' value='938223'   \/><label for='answer-id-938223' id='answer-label-938223' class=' answer'><span>Performance monitoring tools<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-92' style=';'><div id='questionWrap-92'  class='   watupro-question-id-236439'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>92. <\/span>Which of the following should be the PRIMARY basis for prioritizing follow-up audits?<\/div><input type='hidden' name='question_id[]' id='qID_92' value='236439' \/><input type='hidden' id='answerType236439' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236439[]' id='answer-id-938224' class='answer   answerof-236439 ' value='938224'   \/><label for='answer-id-938224' id='answer-label-938224' class=' answer'><span>Audit cycle defined in the audit plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236439[]' id='answer-id-938225' class='answer   answerof-236439 ' value='938225'   \/><label for='answer-id-938225' id='answer-label-938225' class=' answer'><span>Complexity of management's action plans<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236439[]' id='answer-id-938226' class='answer   answerof-236439 ' value='938226'   \/><label for='answer-id-938226' id='answer-label-938226' class=' answer'><span>Recommendation from executive management<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236439[]' id='answer-id-938227' class='answer   answerof-236439 ' value='938227'   \/><label for='answer-id-938227' id='answer-label-938227' class=' answer'><span>Residual risk from the findings of previous audits<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-93' style=';'><div id='questionWrap-93'  class='   watupro-question-id-236440'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>93. <\/span>When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?<\/div><input type='hidden' name='question_id[]' id='qID_93' value='236440' \/><input type='hidden' id='answerType236440' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236440[]' id='answer-id-938228' class='answer   answerof-236440 ' value='938228'   \/><label for='answer-id-938228' id='answer-label-938228' class=' answer'><span>Implementation plan<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236440[]' id='answer-id-938229' class='answer   answerof-236440 ' value='938229'   \/><label for='answer-id-938229' id='answer-label-938229' class=' answer'><span>Project budget provisions<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236440[]' id='answer-id-938230' class='answer   answerof-236440 ' value='938230'   \/><label for='answer-id-938230' id='answer-label-938230' class=' answer'><span>Requirements analysis<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236440[]' id='answer-id-938231' class='answer   answerof-236440 ' value='938231'   \/><label for='answer-id-938231' id='answer-label-938231' class=' answer'><span>Project plan<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-94' style=';'><div id='questionWrap-94'  class='   watupro-question-id-236441'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>94. <\/span>Which of the following is MOST important to ensure when developing an effective security awareness program?<\/div><input type='hidden' name='question_id[]' id='qID_94' value='236441' \/><input type='hidden' id='answerType236441' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236441[]' id='answer-id-938232' class='answer   answerof-236441 ' value='938232'   \/><label for='answer-id-938232' id='answer-label-938232' class=' answer'><span>Training personnel are information security professionals.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236441[]' id='answer-id-938233' class='answer   answerof-236441 ' value='938233'   \/><label for='answer-id-938233' id='answer-label-938233' class=' answer'><span>Phishing exercises are conducted post-training.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236441[]' id='answer-id-938234' class='answer   answerof-236441 ' value='938234'   \/><label for='answer-id-938234' id='answer-label-938234' class=' answer'><span>Security threat scenarios are included in the program content.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236441[]' id='answer-id-938235' class='answer   answerof-236441 ' value='938235'   \/><label for='answer-id-938235' id='answer-label-938235' class=' answer'><span>Outcome metrics for the program are established.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-95' style=';'><div id='questionWrap-95'  class='   watupro-question-id-236442'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>95. <\/span>An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider. <br \/>\r<br>Which of the following would be the BEST way to prevent accepting bad data?<\/div><input type='hidden' name='question_id[]' id='qID_95' value='236442' \/><input type='hidden' id='answerType236442' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236442[]' id='answer-id-938236' class='answer   answerof-236442 ' value='938236'   \/><label for='answer-id-938236' id='answer-label-938236' class=' answer'><span>Obtain error codes indicating failed data feeds.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236442[]' id='answer-id-938237' class='answer   answerof-236442 ' value='938237'   \/><label for='answer-id-938237' id='answer-label-938237' class=' answer'><span>Appoint data quality champions across the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236442[]' id='answer-id-938238' class='answer   answerof-236442 ' value='938238'   \/><label for='answer-id-938238' id='answer-label-938238' class=' answer'><span>Purchase data cleansing tools from a reputable vendor.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236442[]' id='answer-id-938239' class='answer   answerof-236442 ' value='938239'   \/><label for='answer-id-938239' id='answer-label-938239' class=' answer'><span>Implement business rules to reject invalid data.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-96' style=';'><div id='questionWrap-96'  class='   watupro-question-id-236443'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>96. <\/span>Which of the following strategies BEST optimizes data storage without compromising data retention practices?<\/div><input type='hidden' name='question_id[]' id='qID_96' value='236443' \/><input type='hidden' id='answerType236443' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236443[]' id='answer-id-938240' class='answer   answerof-236443 ' value='938240'   \/><label for='answer-id-938240' id='answer-label-938240' class=' answer'><span>Limiting the size of file attachments being sent via email<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236443[]' id='answer-id-938241' class='answer   answerof-236443 ' value='938241'   \/><label for='answer-id-938241' id='answer-label-938241' class=' answer'><span>Automatically deleting emails older than one year<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236443[]' id='answer-id-938242' class='answer   answerof-236443 ' value='938242'   \/><label for='answer-id-938242' id='answer-label-938242' class=' answer'><span>Moving emails to a virtual email vault after 30 days<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236443[]' id='answer-id-938243' class='answer   answerof-236443 ' value='938243'   \/><label for='answer-id-938243' id='answer-label-938243' class=' answer'><span>Allowing employees to store large emails on flash drives<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-97' style=';'><div id='questionWrap-97'  class='   watupro-question-id-236444'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>97. <\/span>An IS auditor discovers an option in a database that allows the administrator to directly modify any table. This option is necessary to overcome bugs in the software, but is rarely used. Changes to tables are automatically logged. <br \/>\r<br>The IS auditor's FIRST action should be to:<\/div><input type='hidden' name='question_id[]' id='qID_97' value='236444' \/><input type='hidden' id='answerType236444' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236444[]' id='answer-id-938244' class='answer   answerof-236444 ' value='938244'   \/><label for='answer-id-938244' id='answer-label-938244' class=' answer'><span>recommend that the option to directly modify the database be removed immediately.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236444[]' id='answer-id-938245' class='answer   answerof-236444 ' value='938245'   \/><label for='answer-id-938245' id='answer-label-938245' class=' answer'><span>recommend that the system require two persons to be involved in modifying the database.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236444[]' id='answer-id-938246' class='answer   answerof-236444 ' value='938246'   \/><label for='answer-id-938246' id='answer-label-938246' class=' answer'><span>determine whether the log of changes to the tables is backed up.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236444[]' id='answer-id-938247' class='answer   answerof-236444 ' value='938247'   \/><label for='answer-id-938247' id='answer-label-938247' class=' answer'><span>determine whether the audit trail is secured and reviewed.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-98' style=';'><div id='questionWrap-98'  class='   watupro-question-id-236445'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>98. <\/span>An online retailer is receiving customer complaints about receiving different items from what they ordered on the organization's website. The root cause has been traced to poor data quality. Despite efforts to clean erroneous data from the system, multiple data quality issues continue to occur. <br \/>\r<br>Which of the following recommendations would be the BEST way to reduce the likelihood of future occurrences?<\/div><input type='hidden' name='question_id[]' id='qID_98' value='236445' \/><input type='hidden' id='answerType236445' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236445[]' id='answer-id-938248' class='answer   answerof-236445 ' value='938248'   \/><label for='answer-id-938248' id='answer-label-938248' class=' answer'><span>Assign responsibility for improving data quality.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236445[]' id='answer-id-938249' class='answer   answerof-236445 ' value='938249'   \/><label for='answer-id-938249' id='answer-label-938249' class=' answer'><span>Invest in additional employee training for data entry.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236445[]' id='answer-id-938250' class='answer   answerof-236445 ' value='938250'   \/><label for='answer-id-938250' id='answer-label-938250' class=' answer'><span>Outsource data cleansing activities to reliable third parties.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236445[]' id='answer-id-938251' class='answer   answerof-236445 ' value='938251'   \/><label for='answer-id-938251' id='answer-label-938251' class=' answer'><span>Implement business rules to validate employee data entry.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-99' style=';'><div id='questionWrap-99'  class='   watupro-question-id-236446'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>99. <\/span>Which of the following is the PRIMARY advantage of parallel processing for a new system implementation?<\/div><input type='hidden' name='question_id[]' id='qID_99' value='236446' \/><input type='hidden' id='answerType236446' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236446[]' id='answer-id-938252' class='answer   answerof-236446 ' value='938252'   \/><label for='answer-id-938252' id='answer-label-938252' class=' answer'><span>Assurance that the new system meets functional requirements<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236446[]' id='answer-id-938253' class='answer   answerof-236446 ' value='938253'   \/><label for='answer-id-938253' id='answer-label-938253' class=' answer'><span>More time for users to complete training for the new system<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236446[]' id='answer-id-938254' class='answer   answerof-236446 ' value='938254'   \/><label for='answer-id-938254' id='answer-label-938254' class=' answer'><span>Significant cost savings over other system implemental or approaches<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236446[]' id='answer-id-938255' class='answer   answerof-236446 ' value='938255'   \/><label for='answer-id-938255' id='answer-label-938255' class=' answer'><span>Assurance that the new system meets performance requirements<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-100' style=';'><div id='questionWrap-100'  class='   watupro-question-id-236447'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>100. <\/span>Which of the following is the MOST effective control to mitigate unintentional misuse of authorized access?<\/div><input type='hidden' name='question_id[]' id='qID_100' value='236447' \/><input type='hidden' id='answerType236447' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236447[]' id='answer-id-938256' class='answer   answerof-236447 ' value='938256'   \/><label for='answer-id-938256' id='answer-label-938256' class=' answer'><span>Annual sign-off of acceptable use policy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236447[]' id='answer-id-938257' class='answer   answerof-236447 ' value='938257'   \/><label for='answer-id-938257' id='answer-label-938257' class=' answer'><span>Regular monitoring of user access logs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236447[]' id='answer-id-938258' class='answer   answerof-236447 ' value='938258'   \/><label for='answer-id-938258' id='answer-label-938258' class=' answer'><span>Security awareness training<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-236447[]' id='answer-id-938259' class='answer   answerof-236447 ' value='938259'   \/><label for='answer-id-938259' id='answer-label-938259' class=' answer'><span>Formalized disciplinary action<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-101'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons6652\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"6652\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-05-07 19:32:39\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1778182359\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"236348:937860,937861,937862,937863 | 236349:937864,937865,937866,937867 | 236350:937868,937869,937870,937871 | 236351:937872,937873,937874,937875 | 236352:937876,937877,937878,937879 | 236353:937880,937881,937882,937883 | 236354:937884,937885,937886,937887 | 236355:937888,937889,937890,937891 | 236356:937892,937893,937894,937895 | 236357:937896,937897,937898,937899 | 236358:937900,937901,937902,937903 | 236359:937904,937905,937906,937907 | 236360:937908,937909,937910,937911 | 236361:937912,937913,937914,937915 | 236362:937916,937917,937918,937919 | 236363:937920,937921,937922,937923 | 236364:937924,937925,937926,937927 | 236365:937928,937929,937930,937931 | 236366:937932,937933,937934,937935 | 236367:937936,937937,937938,937939 | 236368:937940,937941,937942,937943 | 236369:937944,937945,937946,937947 | 236370:937948,937949,937950,937951 | 236371:937952,937953,937954,937955 | 236372:937956,937957,937958,937959 | 236373:937960,937961,937962,937963 | 236374:937964,937965,937966,937967 | 236375:937968,937969,937970,937971 | 236376:937972,937973,937974,937975 | 236377:937976,937977,937978,937979 | 236378:937980,937981,937982,937983 | 236379:937984,937985,937986,937987 | 236380:937988,937989,937990,937991 | 236381:937992,937993,937994,937995 | 236382:937996,937997,937998,937999 | 236383:938000,938001,938002,938003 | 236384:938004,938005,938006,938007 | 236385:938008,938009,938010,938011 | 236386:938012,938013,938014,938015 | 236387:938016,938017,938018,938019 | 236388:938020,938021,938022,938023 | 236389:938024,938025,938026,938027 | 236390:938028,938029,938030,938031 | 236391:938032,938033,938034,938035 | 236392:938036,938037,938038,938039 | 236393:938040,938041,938042,938043 | 236394:938044,938045,938046,938047 | 236395:938048,938049,938050,938051 | 236396:938052,938053,938054,938055 | 236397:938056,938057,938058,938059 | 236398:938060,938061,938062,938063 | 236399:938064,938065,938066,938067 | 236400:938068,938069,938070,938071 | 236401:938072,938073,938074,938075 | 236402:938076,938077,938078,938079 | 236403:938080,938081,938082,938083 | 236404:938084,938085,938086,938087 | 236405:938088,938089,938090,938091 | 236406:938092,938093,938094,938095 | 236407:938096,938097,938098,938099 | 236408:938100,938101,938102,938103 | 236409:938104,938105,938106,938107 | 236410:938108,938109,938110,938111 | 236411:938112,938113,938114,938115 | 236412:938116,938117,938118,938119 | 236413:938120,938121,938122,938123 | 236414:938124,938125,938126,938127 | 236415:938128,938129,938130,938131 | 236416:938132,938133,938134,938135 | 236417:938136,938137,938138,938139 | 236418:938140,938141,938142,938143 | 236419:938144,938145,938146,938147 | 236420:938148,938149,938150,938151 | 236421:938152,938153,938154,938155 | 236422:938156,938157,938158,938159 | 236423:938160,938161,938162,938163 | 236424:938164,938165,938166,938167 | 236425:938168,938169,938170,938171 | 236426:938172,938173,938174,938175 | 236427:938176,938177,938178,938179 | 236428:938180,938181,938182,938183 | 236429:938184,938185,938186,938187 | 236430:938188,938189,938190,938191 | 236431:938192,938193,938194,938195 | 236432:938196,938197,938198,938199 | 236433:938200,938201,938202,938203 | 236434:938204,938205,938206,938207 | 236435:938208,938209,938210,938211 | 236436:938212,938213,938214,938215 | 236437:938216,938217,938218,938219 | 236438:938220,938221,938222,938223 | 236439:938224,938225,938226,938227 | 236440:938228,938229,938230,938231 | 236441:938232,938233,938234,938235 | 236442:938236,938237,938238,938239 | 236443:938240,938241,938242,938243 | 236444:938244,938245,938246,938247 | 236445:938248,938249,938250,938251 | 236446:938252,938253,938254,938255 | 236447:938256,938257,938258,938259\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"236348,236349,236350,236351,236352,236353,236354,236355,236356,236357,236358,236359,236360,236361,236362,236363,236364,236365,236366,236367,236368,236369,236370,236371,236372,236373,236374,236375,236376,236377,236378,236379,236380,236381,236382,236383,236384,236385,236386,236387,236388,236389,236390,236391,236392,236393,236394,236395,236396,236397,236398,236399,236400,236401,236402,236403,236404,236405,236406,236407,236408,236409,236410,236411,236412,236413,236414,236415,236416,236417,236418,236419,236420,236421,236422,236423,236424,236425,236426,236427,236428,236429,236430,236431,236432,236433,236434,236435,236436,236437,236438,236439,236440,236441,236442,236443,236444,236445,236446,236447\";\nWatuPROSettings[6652] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 6652;\t    \nWatuPRO.post_id = 49109;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.84528600 1778182359\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(6652);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[430,429],"tags":[3595,3603,3601],"class_list":["post-49109","post","type-post","status-publish","format-standard","hentry","category-cisa-certificaton","category-isaca","tag-cisa","tag-cisa-dumps","tag-cisa-study-guide"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/49109","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=49109"}],"version-history":[{"count":1,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/49109\/revisions"}],"predecessor-version":[{"id":49110,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/49109\/revisions\/49110"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=49109"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=49109"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=49109"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}