ISACA-CISA

Which of the following is the BEST control to help ensure that security requirements are considered throughout the life cycle of an agile software development project?

Which of the following is MOST important when assembling an internal team to perform penetration testing for the organization?

Which of the following would a digital signature MOST likely prevent?

An IS auditor is determining the scope for an upcoming audit. Which of the following BEST enables the auditor to ensure appropriate controls are considered?

A PRIMARY objective of risk management is to keep the total cost of risks below the:

When is the BEST time to commence continuity planning for a new application system?

Which of the following BEST indicates that an incident management process is effective?

Prior to the migration of acquired software into production, it is MOST important that the IS auditor review the:

Which type of attack poses the GREATEST risk to an organization's most sensitive data?

Using swipe cards to limit employee access to restricted areas requires implementing which additional control?

When developing metrics to measure the contribution of IT to the achievement of business goals, the MOST important consideration is that the metrics:

The MOST important function of a business continuity plan (BCP) is to:

A small financial institution is preparing to implement a check image processing system to support planned mobile banking product offerings. Which of the following is MOST critical to the successful implementation of the system?

A characteristic of a digital signature is that it:

What is the BEST way to control updates to the vendor master file in an accounts payable system?

A current project to develop IT-based solutions will need additional funding to meet changes in business requirements. Who is BEST suited to obtain this additional funding?

During the implementation of an enterprise resource planning (ERP) system, an IS auditor is reviewing the results of user acceptance testing (UAT). Which of the following should be the auditor's PRIMARY focus?

Which of the following observations should be of GREATEST concern to an IS auditor assessing access controls for the accounts payable module of a finance system?

Which of the following is the PRIMARY reason to involve IS auditors in the software acquisition process?

When planning a review of IT governance, an IS auditor is MOST likely to:

Which type of testing is BEST for evaluating how well an application functions with other IT systems?

Which of the following potential scenarios is MOST likely to result in audit risk?

In the case of a disaster where the data center is no longer available, which of the following tasks should be done FIRST?

Which of the following would be of GREATEST concern to an IS auditor reviewing an IT-related customer service project?

Which of the following is the GREATEST concern when applying emergency patches?

Which of the following application input controls would MOST likely detect data input errors in the customer account number field during the processing of an accounts receivable transaction?

Which of the following types of environmental equipment will MOST likely be deployed below the floor tiles of a data center?

Which of the following is the BEST justification for deferring remediation testing until the next audit?

Which of the following would BEST help to ensure the availability of data stored with a cloud provider?

Which of the following security assessment techniques attempts to exploit a system's open ports?