Last Updated on December 13, 2021 by Admin 3

CISA : Certified Information Systems Auditor : Part 42

  1. A critical server for a hospital has been encrypted by ransomware. The hospital is unable to function effectively without this server. Which of the following would MOST effectively allow the hospital to avoid paying the ransom?

    • A continual server replication process
    • A property tested offline backup system
    • A property configured firewall
    • Employee training on ransomware
  2. Which of the following security processes will BEST prevent the exploitation of system vulnerabilities?

    • Patch management
    • Log monitoring
    • Antivirus software
    • Intrusion detection
  3. Which of the following is MOST likely to be included in computer operating procedures in a large data center?

    • Instructions for job scheduling
    • Procedures for resequencing source code
    • Procedures for utility configuration
    • Guidance on setting security parameters
  4. What is the PRIMARY benefit to executive management when audit, risk, and security functions are aligned?

    • More efficient incident handling
    • Reduced number of assurance reports
    • More effective decision making
    • More timely risk reporting
  5. Reevaluation of risk is MOST critical when there is:

    • resistance to the implementation of mitigating controls
    • a change in security policy
    • a management request for updated security reports
    • a change in the threat landscape
  6. Which of the following is the MOST important role of the information security manager when the organization is in the process of adopting emerging technologies?

    • Understanding the impact on existing resources
    • Assessing how peer organizations using the same technologies have been impacted
    • Developing training for end users to familiarize them with the new technology
    • Reviewing vendor documentation and service levels agreements
  7. Which of the following BEST enables staff acceptance of information security policies?

    • Strong senior management support
    • Adequate security funding
    • Computer-based training
    • A robust incident response program
  8. Which of the following is the MOST important element when developing an information security strategy?

    • Identifying applicable laws and regulations
    • Identifying information assets
    • Determining the risk management methodology
    • Aligning security activities with organizational goals
  9. An organization has outsourced many application development activities to a third party that uses contract programmers extensively. Which of the following would provide the BEST assurance that the third party’s contract programmers comply with the organization’s security policies?

    • Perform periodic security assessments of the contractors’ activities.
    • Conduct periodic vulnerability scans of the application.
    • Include penalties for noncompliance in the contracting agreement.
    • Require annual signed agreements of adherence to security policies.
  10. When choosing the best controls to mitigate risk to acceptable levels, the information security manager’s decision should be MAINLY driven by:

    • cost-benefit analysis
    • regulatory requirements
    • best practices
    • control framework
  11. What is the FIRST line of defense against criminal insider activities?

    • Validating the integrity of personnel
    • Monitoring employee activities
    • Signing security agreements by critical personnel
    • Stringent and enforced access controls
  12. An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining:

    • security requirements for the process being outsourced
    • security metrics
    • service level agreements (SLAs)
    • risk-reporting methodologies
  13. The MOST useful technique for maintaining management support for the information security program is:

    • identifying the risks and consequences of failure to comply with standards
    • benchmarking the security programs of comparable organizations
    • implementing a comprehensive security awareness and training program
    • informing management about the security of business operations
  14. An organization developed a comprehensive three-year IT strategic plan. Halfway into the plan, a major legislative change impacting the organization is enacted. Which of the following should be management’s NEXT course of action?

    • Develop specific procedural documentation related to the changed legislation.
    • Assess the legislation to determine whether changes are required to the strategic IT plan.
    • Perform a risk assessment of the legislative changes.
    • Develop a new IT strategic plan that encompasses the new legislation.
  15. Which of the following is the MOST important factor when an organization is developing information security policies and procedures?

    • Cross-references between policies and procedures
    • Inclusion of mission and objectives
    • Compliance with relevant regulations
    • Consultation with management
  16. Which of the following is the MOST important advantage of participating in beta testing of software products?

    • It improves vendor support and training.
    • It enables an organization to gain familiarity with new products and their functionality.
    • It increases an organization’s ability to retain staff who prefer to work with new technology.
    • It enhances security and confidentiality.
  17. The maturity level of an organization’s problem management support function is optimized when the function:

    • proactively provides solutions
    • has formally documented the escalation process
    • analyzes critical incidents to identify root cause
    • resolves requests in a timely manner
  18. To preserve chain of custody following an internal server compromise, which of the following should be the FIRST step?

    • Take a system image including memory dump
    • Safely shut down the server
    • Replicate the attack using the remaining evidence
    • Trace the attacking route
  19. When planning for the implementation of a new system, an organization will opt for a parallel run PRIMARILY to:

    • ensure that the system meets required user response time.
    • validate system processing.
    • facilitate the training of new personnel.
    • verify that system interfaces were implemented.
  20. In a typical network architecture used for e-commerce, a load balancer is normally found between the:

    • routers and the web servers.
    • mail servers and the mail repositories.
    • users and the external gateways.
    • databases and the external gateways.