ISACA-CISA

Which of the following is the BEST way to sanitize a hard disk for reuse to ensure the organization's information cannot be accessed?

Which of the following is the BEST indication of effective IT investment management?

Which of the following is MOST important with regard to an application development acceptance test?

An organization is implementing a new system that supports a month-end business process. Which of the following implementation strategies would be MOST efficient to decrease business downtime?

Which of the following should be of GREATEST concern to an IS auditor reviewing a network printer disposal process?

External audits have identified recurring exceptions in the user termination process, despite similar internal audits having reported no exceptions in the past. Which of the following is the IS auditor’s BEST course of action to improve the internal audit process in the future?

Which of the following is the BEST metric to measure the quality of software developed in an organization?

An IS auditor is preparing for a review of controls associated with a manufacturing plant’s implementation of industrial internet of Things (IoT) infrastructure. Which of the following vulnerabilities would present the GREATEST security risk to the organization?

What is the BEST control to address SQL injection vulnerabilities?

When testing the accuracy of transaction data, which of the following situations BEST justifies the use of a smaller sample size?

Which of the following is MOST important to ensure when planning a black box penetration test?

Which of the following BEST determines if a batch update job was successfully executed?

Which audit approach is MOST helpful in optimizing the use of IS audit resources?

Which of the following is the MOST effective approach in assessing the quality of modifications made to financial software?

Which of the following should be an IS auditor's GREATEST concern when reviewing a business continuity plan (BCP)?

Which of the following is MOST likely to ensure that an organization's systems development meets its business objectives?

Which of the following security measures will reduce the risk of propagation when a cyberattack occurs?

Which of the following is MOST important to review when planning for an IS audit of an organization's cross-border data transfers?

Which of the following is MOST likely to be a project deliverable of an agile software development methodology?

Which of the following is the BEST way to mitigate the risk associated with malicious changes to binary code during the software development life cycle (SDLC)?

Which of the following is the BEST method to delete sensitive information from storage media that will be reused?

An IS auditor is reviewing how password resets are performed for users working remotely. Which type of documentation should be requested to understand the detailed steps required for this, activity?

Internal audit is evaluating an organization's IT portfolio management. Which of the following would be the BEST recommendation for prioritizing the funding of IT projects?

Which of the following is MOST important for an IS auditor to validate when auditing network device management?

A programmer has made unauthorized changes to key fields in a payroll system report. Which of the following control weaknesses would have contributed MOST to this problem?

In an organization's feasibility study to acquire hardware to support a new web server, omission of which of the following would be of MOST concern?

Which of the following is MOST helpful for understanding an organization’s key driver to modernize application platforms?

An IS auditor is reviewing results from the testing of an organization’s disaster recovery plan (DRP). Which of the following findings should be of GREATEST concern?

Demonstrated support from which of the following roles in an organization has the MOST influence over information security governance?

An employee performs computer operations and, when the situation demands, program modifications. Which of the following should the IS auditor recommend?