In auditing a database environment, an IS auditor will be MOST concerned if the database administrator (DBA) is performing which of the following functions?

Installing patches or upgrades to the operating system

Performing database changes according to change management procedures

Sizing table space and consulting on table join limitations

Performing backup and recovery procedures

An IS auditor reviewing local area network (LAN) performance in an organization should FIRST examine:

Data, voice and video throughput requirement

Connection and connection-less services

The capacity of the wide area network (WAN) connection

An IS auditor is evaluating the effectiveness of the organization’s change management process. What is the MOST important control that the IS auditor should look for to ensure system availability?

That test plans and procedures exist and are closely followed

That changes are authorized by IT managers at all times

That user acceptance testing (UAT) is performed and properly documented

That capacity planning is performed as part of each development project

Which of the following specifically addresses how to detect cyber attacks against an organization’s IT systems and how to recover from an attack?

An incident response plan (IRP)

A business continuity plan (BCP)

A continuity of operations plan (COOP)

The IS auditor is reviewing the implementation of storage area network (SAN). The SAN administrator indicates that logging and monitoring is active, hard zoning is used to isolate data from different business units and all unused SAN ports are disabled. The administrator implemented the system performed and documented security testing during implementation and determined that he/she is the only user with administrative rights to the system. What should the auditor’s initial determination be?

The SAN presents a potential risks because only one employee has access

The SAN is secure and no significant risks exist

The SAN presents a potential risks because soft zoning should be used

The SAN presents a potential risks because audit logs are not reviewed in a timely manner

An IS auditor is reviewing the expansion plans for an organization which is opening a new office about 80 meters away from their existing facility. The plan is to implement fiber-optic cabling within the new facility and it has been determined that a 100-meter, Category 5 (Cat 5), unshielded twisted-pair (UTP) cable can be installed to provide the connectivity between both buildings. What is the PRIMARY risk that the auditor should identify with this expansion plan?

The link between building may not meet the long-term business requirements

The fiber-optic cabling will be expensive to install and maintain

The implementation plan may not be achievable

The new building is too close to the existing facility (a single disaster could destroy both sites)

An organization is considering using a new IT service provider. From an audit perspective, which of the following would be the MOST important item to review?

The service level agreement (SLA) with the service provider

References from other clients for the service provider

The physical security of the service provider site

Background checks of the service provider’s employees

ASI 3

Authored by A.R. Wirawan

Computers

University

Used 66+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

14 questions

Show all answers

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

An IS auditor is to assess the suitability of a service level agreement (SLA) between the organization and the supplier of outsourced services. To which of the following observations should the IS auditor pay the MOST attention? The SLA does not contain a:

Transition clause from the old supplier to a new supplier in the case of expiration or termination.

Late payment clause between the customer and the supplier

Contractual commitment for service improvement

Dispute resolution procedure between the contracting parties

MULTIPLE CHOICE QUESTION

1 min • 1 pt

An IS auditor reviewing a new outsourcing contract with a service provider would be MOST concerned if which of the following was missing?

A clause providing a “right to audit” service provider

A clause defining penalty payments for poor performance

Predefined service level report templates

A clause regarding supplier limitation of liability

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

When reviewing the desktop software compliance of an organization, the IS auditor should be MOST concerned if the installed software:

Was installed, but not documented in the IT department records

Was installed and the license has expired

Is not listed in the approved software standards document

License will expire in next 15 days

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

Due to a recent economic downturn, an IT organization has terminated several administrators at remote sites and consolidated all IT administration to the organization’s central headquarters. During the annual IT audit, the auditor determines that the organization has implemented remote admin connectivity to each site using low-cost DSL connections and an automated SNMP-based monitoring system to detect any hardware or software issues that may occur.

In the auditor’s mind, what should be the biggest area of concern?

The authentication methods used for the remote admin may not be secure and default SNMP passwords may be in use

Physical security at remote sites may not be adequate

Terminated employees may retain access to systems at remote sites

The connection to remote sites is secure through the use of a virtual private network (VPN)

MULTIPLE CHOICE QUESTION

1 min • 1 pt

An IT executive of an insurance company asked an external auditor to evaluate the user IDs for emergency access (fire call ID). The IS auditor found that fire call accounts are granted without a predefined expiration date. What should the IS auditor recommend?

Review of the access control privilege authorization process

Implementation of an identity management system (IMS)

Enhancement of procedures to audit changes made to sensitive customer data

Granting of fire call accounts only to managers

MULTIPLE CHOICE QUESTION

1 min • 1 pt

During an application audit, an IS auditor is asked to provide assurance of the database referential integrity. Which of the following should be reviewed?

Field definition

Master table definition

Composite keys

Foreign key structure

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An IS auditor is reviewing database security for an organization. Which of the following is the MOST important consideration for database hardening?

The default configurations are changed

All tables in the database are normalized

Stored procedures and triggers are encrypted

The service port used by the database server is changed

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

10 questions

Machine Learning (Introduction)

Quiz

•

University

11 questions

Determining System Requirements

Quiz

•

University

15 questions

1.1.1 The structure and function of the processor

Quiz

•

11th Grade - University

10 questions

Planning and Implementation of Information Security

Quiz

•

University

18 questions

CIS2303 Week 4_5 Ch_3

Quiz

•

University

10 questions

INTO Artificial Intelligence

Quiz

•

University - Professi...

10 questions

2025 python class first quiz

Quiz

•

9th Grade - University

13 questions

Guess the Retro Computer 1

Quiz

•

KG - Professional Dev...

Popular Resources on Wayground

10 questions

5.P.1.3 Distance/Time Graphs

Quiz

•

5th Grade

10 questions

Fire Drill

Quiz

•

2nd - 5th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

15 questions

Hargrett House Quiz: Community & Service

Quiz

•

5th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

18 questions

Informative or Argumentative essay

Quiz

•

5th Grade - University

20 questions

Disney Trivia

Quiz

•

University

20 questions

8.II_Review_TEACHER

Quiz

•

University

39 questions

Unit 7 Key Terms

Quiz

•

11th Grade - University

20 questions

Subject verb agreement practice

Quiz

•

University

20 questions

Quadrilaterals

Quiz

•

KG - University

5 questions

Examining Theme

Interactive video

•

4th Grade - University

25 questions

WWI, Great Depression, WWII

Quiz

•

KG - University