Question 1
Which type of audit is performed primarily as a result of suspicious activity or alleged violations?
|
[removed] |
IT audit |
|
|
[removed] |
Investigative audit |
|
|
[removed] |
Compliance audit |
|
|
[removed] |
Operational audit |
Question 2
Which of the following is the definition of Control Objectives for Information and related Technology (COBIT)?
|
[removed] |
Oversight agencies that deal with administrative law, codifying, and enforcing rules. |
|
|
[removed] |
The act of adhering to internal policies, as well as applicable laws, regulations, and industry requirements. |
|
|
[removed] |
A framework providing best practices for IT governance and control. |
|
|
[removed] |
An organization with the mission of promoting innovation and competitiveness through the advancement of science, standards, and technology to improve economic security and quality of life. |
Question 3
A large organization’s enterprise resource planning (ERP) system is being audited. Which of the following auditing scopes is most likely to apply?
|
[removed] |
Organizational |
|
|
[removed] |
Compliance |
|
|
[removed] |
Application |
|
|
[removed] |
Technical |
Question 4
___________ represents the controls that protect and defend information and information systems by ensuring confidentiality, integrity, and availability.
|
[removed] |
Information assurance |
|
|
[removed] |
Certification and accreditation |
|
|
[removed] |
Information resource management |
|
|
[removed] |
Integrity |
Question 5
The results of annual FISMA evaluations are sent to which U.S. federal agency?
|
[removed] |
Executive Office of the President |
|
|
[removed] |
Government Accountability Office (GAO) |
|
|
[removed] |
General Services Administration (GSA) |
|
|
[removed] |
Office of Management and Budget (OMB) |
Question 6
What is meant by compliance?
|
[removed] |
Assurance that information is not disclosed to unauthorized sources. |
|
|
[removed] |
The act of adhering to internal policies, as well as applicable laws, regulations, and industry requirements. |
|
|
[removed] |
An audit of federal systems prior to being placed into a production environment. |
|
|
[removed] |
Protection of the confidentiality, integrity, and availability of data, and providing for authentication and nonrepudiation of services. |
Question 7
By having sound policies in place and a framework for the application of controls, you will be able to map existing controls to each regulation, including future regulations. Thereafter, organizations perform a __________ to identify anything that is missing.
|
[removed] |
gap analysis |
|
|
[removed] |
risk analysis |
|
|
[removed] |
risk assessment |
|
|
[removed] |
policy analysis |
Question 8
Backup procedures for a server would be found in the _______ Domain.
|
[removed] |
User |
|
|
[removed] |
Workstation |
|
|
[removed] |
LAN |
|
|
[removed] |
Remote Access |
Question 9
The end users’ operating environment is called the _____________.
|
[removed] |
User Domain |
|
|
[removed] |
Workstation Domain |
|
|
[removed] |
LAN Domain |
|
|
[removed] |
All options are correct |
Question 10
Which of the following is not a characteristic of an IT security framework?
|
[removed] |
Is a conceptual set of rules and ideas that provides structure to a complex situation |
|
|
[removed] |
Is rigid in structure and content |
|
|
[removed] |
Provides a consistent system of controls to which IT departments can adhere |
|
|
[removed] |
Provides an auditor a consistent approach for conducting audits |
Question 11
What term is used to describe measures to be applied to a system that are high level and provide a lot of flexibility?
|
[removed] |
Descriptive control |
|
|
[removed] |
Prescriptive control |
|
|
[removed] |
NIST 800-53A |
|
|
[removed] |
Control objectives |
Question 12
What term is used to describe an audit that combines the assessment of financial reporting along with the assessment of related IT controls?
|
[removed] |
ISO/IEC 27001 |
|
|
[removed] |
Integrated audit |
|
|
[removed] |
Auditing Standard No. 5 |
|
|
[removed] |
NIST 800-53A |
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more