Domain 2

An IS auditor has been assigned to review an organization’s information security policy. Which
of the following issues represents the HIGHEST potential risk?

A. The policy is approved by the security administrator

Value delivery from IT to the business is MOST effectively achieved by:

A. Providing a positive return on investment (ROI) (Dr)

B. Aligning the IT strategy with the enterprise strategy

Involvement of senior management is MOST important in the development of:

A. Strategic Plan

IT governance is PRIMARILY the responsibility of the:

A. Board of Directors

Before implementing an IT balanced scorecard (BSC), an organization must:

A. Define key performance indicators

The output of the risk management process is an input for making:

A. Security Policy Decisions

A key IT system developer has suddenly resigned from an enterprise. Which of the
following will be the MOST important action?

A. Terminate the developer’s logical access to IT resources

Which of the following should be of MOST concern to an IS auditor reviewing the BCP?
buss continuity plan

A. The responsibility of declaring a disaster is not identified. : ‫لم يتم تحديد مسؤولية إعالن الكارثة‬

Which of the following reasons BEST describes the purpose of a mandatory vacation policy?

A. To identify potential errors or inconsistencies in business processes.

The PRIMARY objective of testing a business continuity plan is to:

A. Identify limitations of the BCP.

When reviewing the IT strategic planning process, an IS auditor should ensure that the plan:

A. Articulates the IT mission and vision. ‫توضيح مهمة ورؤية تكنولوجيا المعلومات‬

An IS auditor reviewing the IT organization would be MOST concerned if the IT steering

committee:

A. Is responsible for determining business goals.

Which of the following task should be performed FIRST when preparing a DRP?

A. Perform Business Impact Analysis (BIA)

Which of the following would be MOST important for an IS auditor to verify while conducting a
BCP audit?

Data backups are performed on a timely basis. (Dr)

A. Human safety procedures are in place.

Responsibility for the governance of IT should rest with the:

A. Board of Directors

DOMAIN 3
Normally, it would be essential to involve which of the following stakeholders in the initiation
stage of a project?

A. System owners

When reviewing an active project, an IS auditor observed that the business case was no longer
valid because of a reduction in anticipated benefits and increased costs. The IS auditor should
recommend that the:

B. business case be updated and possible corrective actions be identified.

During which of the following phases in system development would user acceptance test plans
normally be prepared?

A. Requirement Definition

Which of the following should an IS auditor review to gain an understanding of effectiveness of

controls over the management of multiple projects?

A. Project Portfolio Database

Which of the following should an IS auditor review to understand project progress in term of time,
budget and deliverables for early detection of possible overruns ‫تجاوز‬and for projecting estimation at
completion?

Earned value analysis (EVA)

Which of the following is MOST relevant to an IS auditor evaluating how the project manager has
monitor the progress of the project?

A. Gantt Chart

Which of the following would BEST help to prioritize project activities and determine the time line
for a project?

A. Program evaluation techniques (PERT) (Dr)

B. Functional point analysis (FPA)

During which phase of software application testing should an organization perform the testing of
architectural design?

A.Integration testing

The most common reason for the failure of information systems to meet the need of users is that:
 A. User participation is defining the system’s requirements was inadequate.

Which of the following types of testing would determine whether a new or modified system can
operate in its target environment without adversely impacting other existing systems?

A. Sociability testing

The waterfall life cycle model of software development is MOST appropriately used when:

A. Requirements are well understood and are expected to remain stable, as is the business
environment in which the system will operate. (Dr)

B. Requirement are well understood and the project is subject to time pressure.

The purpose of a checksum on an amount field in an electronic data interchange (EDI)

communication of financial transactions is to ensure:

A. Integrity

When transmitting a payment instruction, which of the following will help verify that the
instruction was not duplicated?

A. Using a sequence number and time stamp

An IS auditor finds out-of-range data in some tables of a database. Which of the following controls
should the IS auditor recommend to avoid this situation?

A. Implement integrity constraints in the database

The editing/ validation of data entered at a remote site would be performed MOST effectively at
the:

A. Remote processing site prior transmission of the data to the central processing site

Which of the following would BEST help to detect errors in data processing?

A. Hash totals

Which of the following system and data conversion strategies provides the GREATEST
redundancy? ‫التكرار االكبر‬

A. Parallel run

At the completion of a system development project, a post-project review should include which of
the following:

A. Identifying lessons learned that may be applicable to future projects

The PRIMARY objectives of conducting a postimplementation review for a business for a business
process automation project is to:

A. Ensure that the project meets the intended business requirements

Which of the following BEST ensures that business requirements are met prior to implementation?

A. User acceptance test (UAT)

Domain 4:
A legacy payroll application is migrated to a new application. Which of the following
stakeholders should be PRIMARILY responsible for reviewing and signing-off on the accuracy
and completeness of the data before going live?

Data Owner

For recovering a non-critical system, which of the following is appropriate option ?

Cold Site

The MOST significant security concern when using flash memory (e.g., USB removable disk) is
that the:

Data can be copied

Which of the following types of transmission media provide the BEST security against
unauthorized access?

Fiber optic cables

Which of the following exposures associated with the spooling of sensitive reports for offline
printing should an IS auditor consider to be the MOST serious?

Unauthorized report copies can be printed

Which of the following propagation problems do wired and wireless transmissions have in
common

Attenuation

A network diagnostic tool that monitors and records network information is a(n):

Protocol analyzer

What is Recovery Point Objective (RPO)?

A. The data by which lost data can be recovered by Recovery system

B. The extent of acceptable data loss (Dr)

A hot site should be implemented as a recovery strategy when the:

Recovery time objective (RTO) is low

An alternate recovery site with space and basic infrastructure like electrical wiring, air-
conditioning and flooring, but no computer or communications equipment is a:

Cold site

The PRIMARY purpose of a business impact assessment (BIA) is to:

Define recovery strategies

Which of the following group is BEST source of information for determining the criticality of
application systems as part of a business impact analysis (BIA)?

A. IT management
B. Business processes owners (Dr)

A new business requirement required to changing data vendors. Which of the following areas
should be the IS auditor PRIMARY examine in relation to this implementation?

Integrity of data

An IS auditor is examining the security configuration of an operating system should review

the:

A. Authorization logs

B. Parameter settings (Dr)

To evaluate the referential integrity of a database, an IS auditor should review the:

Foreign Key

Which of the following BEST mitigates the risk of backup media containing irreplaceable
information being stolen or lost while in transit?

Maintain a duplicate copy

Which of the following would BEST maintain the integrity of a firewall log?

Sending log information to a dedicated third-party log server

Which of the following is the GREATEST concern when an organizations backup facility is at a
hot site?
Requirement of updated database

Which of the following procedures would MOST effectively detect the loading of illegal
software packages onto a network?

Periodic checking of hard drives

Which of the following is the GREATEST risk related to the monitoring of audit logs?

Unauthorized system actions are recorded but not investigated

DOMAIN 5
Which of the following message services provides the strongest evidence that a specific action
has occurred?

B. Non-repudiation 

Which of the following technique is more relevant to test wireless (Wi-Fi) security of an
organization?

War dialing (Dr)

C. War driving

A packet filtering firewall operates on which layer of following OSI model?

Network layer

The FIRST step in data classification is to:

establish ownership

Which of the following is the MOST effective technique for providing security during data
transmission?

C. Encryption

An information security policy stating that "the display of passwords must be masked or
suppressed" addresses which of the following attack methods?

C. Shoulder surfing

When planning an audit of a network setup, the IS auditor should give highest priority to
obtaining which of the following network documentation?

Wiring and schematic diagram

Electromagnetic emissions from a terminal represent an exposure because they:  

can be detected and displayed

A hacker could obtain passwords without the use of computer tools or programs through the
technique of:

social engineering.

A MAJOR risk of using single sign-on (SSO) is that it:

has a single authentication point.