Column1 QUESTION ANSWER OP A OP B OP C OP D

Q. Self Service assistance to users provided by help desk such as resetting passwords etc. is
1 considered which level of assistence? Ans. Level 0 level 4 level 0 level 2 level 1
Component based Object oriented Web based
Ans. Web based application application software application Sprial
2 Q. Which of the following model user need to know URL to access the app? deveopment. development development development Development
3 Q. Who is responsible for classification of data in a Dept? Ans. Data owner
Engineering Packaged Technical
4 Q. Expert system is an example of‐ Ans. Knowledge Software. Knowledge Software Software Software Software
Q. Which of the following interface testing approach, a tester may start at top or bottom level TOP DOWN BOTTOM UP SANDWICH MIDDLE LEVEL
5 and depending on Situation move downward or upward? Ans. Sandwich Approach APPROACH APPROACH APPROACH APPROACH
CYCLIC
Q.Which of the following tool is considered useful for comparing processing output with INTEGRATED TEST REDUNDANCY
6 independentlycalculated data? Ans. Integrated Test facility FACILITY CHECK DIGIT HASH TOTAL CHECK
Q. The practice of limiting permissions to the minimal level that will allow users to perform SINGILE SIGN
7 their jobs. It is known as Ans. Least privileges Least previligies NEED TO KNOW ON LIMITED ACCESS
design of data integrity
8 Q. Which of the following is an example of external schema in a database mgt system? Ans. User views. user views stores constraints tables
9 Q. Batch total is an example of_ Data entry control
10 Q. Which of the following is one of the imp operations performance metrics? Ans. Incident.
11 Q.Which of the following test is done by the programmer? Ans. Unit test. unit test negative test desk test stress test
12 Q. Which of the following test checks whether programs do what they are supposed to do? Ans. Functional test
Q. Which of the following test is concerned with examining the internal processing logic of a
13 software system? Ans. Structural test
Q. Users have more privileges than they need and may use them to perform actions outside of administrative
14 their job description. It is known as_ Ans. Privilege creep Least previligies override previlige creep super user
Q. Which of the following relates to the accuracy and completeness of info as well as to its
15 validity in accordance with business values and expectations? Ans. Integrity
Q.Which of the following relates to the provision of appropriate info for mgt to operate the
16 entity and exercise its fiduciary and governance responsibilities? Ans. Reliability. Compliance Reliability Authorization Effectiveness
indicate well reduce support
Represent the known headaches,
manufacturers settings which increases
Default settings are used by vendors to help users get the system up and running. What is the indicate well known settings published Save time and money recommended published by operational
17 auditor's primary area of interest regarding default settings? by vendor for the user settings vendor uptime

18 Which of the following software developing methodology primarily focuses on risk avoidance? Sprial SPIRAL RAD AGILE PROTOTYPE
19 Completeness and Accuracy of Data is assured by ? Processing Control Procedures
application
presentataion presentataion presentation
Application physical data link network session network data link
session transport transport session transport transport session
network data link physical network data physical
20 Which of the following is the list of OSI Model levels from the top down ? Application , Presentaion, Session presentation application link physical application
NONE OF THE
21 Performance, Security, user Interface are examples of which of the following testing ? Non Functional FUNCTIONAL NON FUNCTIONAL BOTH A AND B ABOVE
log files need system log files
System needs to be to be consume
configured and then log management configured, valuable disk
System needs to be configured and someone needs to is not required its captured, space and are
then someone needs to read the logs read the logs and considered waste read, and used only by the
22 What is likely to be the biggest issue regarding log management ? and respond respond of time backed up auditor
 number of
Which of the following parameters should not be considered for computing function points expected user source lines of Date elements to
23 under function point analysis? number of source lines of code number of inputs actions code be processsed

24 Who amongst the following has the highest stake in benefit realization from the project ? Project Sponsor
25 Which type of network device directs packets through the internet ? Routers
Which of the following testing is used to identify any errors and improvements in the software usability regression
26 by observing the users through their usage and operation ? Usability Testing performance testing load testing testing testing
A user account is terminated by the IT Department , only when the request is approved and
27 sent by the_____ Human Resource Department
28 Which type of Control is representative of Exception Reporting ? Processing Processing Output Database IntegrService Level

to assess
efficiency and
effectiveness
understand standards of each
adopted and followed function to
by the organisation satisfy the
through the process of to determine users goals
inquiry, observation significant phases and
and documentation for the various size organisations
29 Which of the following is the role of IS Auditor in SDLC ? All of the above review and type objectvies all of the above

30 Which of the following methods is designed to permanently destroy data on hard disk ? Disk Wiping / Risk Wiping
Multinational organisation has decided to implement ERP solution across all geographical
31 locations. The Organisation shall initiate a Program Project Program Portfolio Feasibility Study
Project Evaluation
Review Technique Critical Path Software Size
32 Tools not used by Project managers to control the projects Software Size Estimation (PERT) Method (CPM) Gantt Chart Estimation
Plan Risk
Analyze Risk, Plan Response, Plan Risk, Identify
Plan Risk, Plan Risk Risk Response, Plan Risk, Risk, Analysis
Plan Risk, Identify Risk, Analysis Risk, Response, Identify Identify Risk, Plan Analyze Risk, Risk, Plan Risk
33 Arrange the following in the order of activities ? Plan Risk Response Risk, Analyze Risk Risk Identify Risk Response

34 which of the following protocols is likely to be used for monitoring the health of network ? SNMP OSI SNMP SMTP RP
For historic To Collect to find
logging and trend Metrics for inconsistencies
35 why ongoing system monitoring is important ? For historic logging and trend Analysis For Preventive Control Analysis SLA Reports and errors
which of the following categories of maintenance, changes are made to the program(s), when Preventive Corrective Perfective Adaptive
36 a defect or errors arises in working of software? corrective maintenance Maintenance Maintenance Maintenance Maintenance
Difference
b/w space uncompressed
Unused space Disk tracks & allocated & space remaining
Unused space leftover after disk leftover after disk sectors marked as space actually on the disk
37 Which of the following is the best definition of slack space on a hard disk? formatting formatting unusable used partition
Detection of Security function
Filing system for system with event
38 Which of the following is not a function of the Operating System? Detection of system penetration storage & retrivel penetration User interface(slogging
 Responsible to
handle the Responsible
Responsibility to integrity and for creation of
Responsible to handle the integrity and understand existing security of user manual Develops test
security of information stored in data problem/system/data information stored and other plan and tests
39 Which among the following is the function of quality assurance personnel base flow in data base documents the code

Server used to
connect
Device for authorized Proxy server to
preventing users to increase the
Server used to connect authorized Special router that authorized users private trusted speed of access
users to private trusted network connects the internet from accessing the network to authorized
40 A critical function of a firewall is to act as a resources to a LAN LAN resources users
plan risk
analyse risk, plan response,plan plan risk, identify
plan risk, plan risk risk response, risk, analyse risk, analyse
plan risk, identify risk, analyse risk,plan response, identify risk, identify risk, plan risk, identifyrisk,plan risk
41 arrange the following in the order of activities risk response, analyse risk risk risk response,
only for auditor's
42 what is security issue regarding packet analysers viewing passwords viewing passwords special training purchase cost use
Find the mailing find the MAC find the domain
43 What is the purpose of address resolution protocol? find the MAC address find the IP address address address name
optimise the ensure the
improve customer number of skilled correct prove that the IT
44 what is the primary objective in problem escalation ensure the correct response satisfaction personnel response staff is competent
in case of an organisation like a bank, which of the following would be the most appropriate gradual parallel
45 software implementation strategy pilot changeover direct changeover changeover changeover pilot changeover
signatures on source management separation of
46 which of the following is not an input authorisation control management review document sequence numbers review duties

object oriented
software re software component based
47 is a process of updating and existing system by reusing design and program components software re engineering reverse engineering engineering development development
which of the following methods is used to make a backup copy of all the data files for a bitstream image logical image full disk nonvolatile
48 forensic investigation bitstream image backup backup backup backup backup
possibility of the developing
location being a appropriate
possibility of the location being a technology crime scheduling of help desk compliance with
49 which of the following is a major issue facing incident response technology crime scene scene internal personnel procudures current IT policies
when separation of duties is not possible, what would be the terminology for forcing compensating transaction
50 employees to take vacation, job rotation, reconciliation and supervision review compensating control preventative control corrective control control control
accepted, review
is not necessary
because it is a
third party and
supplied by an accepted at face reviewed by outside the
performance of a third party should be compared to agreed upon service level metrics and independant employee value by the the customers'
51 must be reviewed by the management of the service provider customer management control
the detaiks of
the employee
have been company property
company staff are all login accounts removed from provided to the
an IS auditor is auditing controls related to an employee termination. which of the following is all login accounts of the employee are notified about the of the employee active payroll employee has
52 the most important aspect to be reviewed terminated termination are terminated files been returned
Column1 QUESTION ANSWER
Q. Self Service assistance to users provided by help desk such as resetting passwords etc. is
1 considered which level of assistence? Ans. Level 0
Q.A MN org. has decided to implement an ERP soln across all geolocations. The org shall initiate
2 a‐ Ans. Program
Ans. Web based application
3 Q. Which of the following model user need to know URL to access the app? deveopment.
4 Q. Who is responsible for classification of data in a Dept? Ans. Data owner
5 Q. Expert system is an example of‐ Ans. Knowledge Software.
Q. Which of the following interface testing approach, a tester may start at top or bottom level
6 and depending on Situation move downward or upward? Ans. Sandwich Approach
Q.Which of the following tool is considered useful for comparing processing output with
7 independentlycalculated data? Ans. Integrated Test facility
Q. The practice of limiting permissions to the minimal level that will allow users to perform their
8 jobs. It is known as Ans. Least privileges

9 Q. Which of the following is an example of external schema in a database mgt system? Ans. User views.
Q. A user Account is terminated by the IT dept, only when the request is approved and sent by
10 the‐ Ans. HR dept
Q. Which of the following categories of maintanance, changes are made to the program(s), when
11 a defect or error arises in working of softwae? Ans. Correcrive maintance
12 Q. Batch total is an example of_ Ans. Processing total
13 Q. Which of the following is one of the imp operations performance metrics? Ans. Incident.
14 Q.Which of the following test is done by the programmer? Ans. Unit test.

15 Q. Which of the following test checks whether programs do what they are supposed to do? Ans. Functional test
Q. Which of the following test is concerned with examining the internal processing logic of a
16 software system? Ans. Structural test
Q. Users have more privileges than they need and may use them to perform actions outside of
17 their job description. It is known as_ Ans. Privilege creep
Q. Which of the following relates to the accuracy and completeness of info as well as to its
18 validity in accordance with business values and expectations? Ans. Integrity

19 Q.Completeness and accuracy of accumulated data is ensured by_ Ans. Processing control Procedures
Q.Which of the following relates to the provision of appropriate info for mgt to operate the
20 entity and exercise its fiduciary and governance responsibilities? Ans. Reliability.
Default settings are used by vendors to help users get the system up and running. What is the
21 auditor's primary area of interest regarding default settings? Save time and money for the user
The practice of limiting permissions to the minimal level that will alow users to perform their
22 jobs. It is known as ? Least Privileges
23 Who is responsible for classification of data in a department? Data owner

24 Which of the following software developing methodology primarily focuses on risk avoidance? Sprial
25 Completeness and Accuracy of Data is assured by ? Processing Control Procedures
26 Which of the following is the list of OSI Model levels from the top down ? Application , Presentaion, Session

27 Performance, Security, user Interface are examples of which of the following testing ? Non Functional
Unused space leftover after disk
28 Which of the following is the best definition of stack space on a hard disk ? formating

Which of the following relates to the provision of appropriate information for management to
29 operate the entity and exercise its fiduciary and governance responsibilities ? Reliability
System needs to be configured and then
someone needs to read the logs and
30 What is likely to be the biggest issue regarding log management ? respond
31 Batch total is an example of ? Processing Total
Which of the following parameters should not be considered for computing function points
32 under function point analysis? Date elements to be processsed

33 Who amongst the following has the highest stake in benefit realization from the project ? Project Sponsor
34 Which type of network device directs packets through the internet ? Routers
Which of the following testing is used to identify any errors and improvements in the software
35 by observing the users through their usage and operation ? Usability Testing
 Self Service Assisstance to users provided by help‐desk such as resetting passwords etc is
36 considered which level of assisstance ? level 0
A user account is terminated by the IT Department , only when the request is approved and sent
37 by the_____ Human Resource Department
38 Which type of Control is representative of Exception Reporting ? Processing
39 Which of the following is the role of IS Auditor in SDLC ? All of the above

40 Which of the following methods is designed to permanently destroy data on hard disk ? Risk Wiping
41 Criticial function is to be frewall is to act a Sevice used to connect
42 QIA Personnel Responsible to handle the I ntegrity
Colu PDF Page
mn1 QUESTION ANSWER OP A OP B OP C OP D Module No Column2
Q. Self Service assistance to users provided by help desk such as resetting passwords etc. is
1 considered which level of assistence? Ans. Level 0 level 4 level 0 level 2 level 1 Module 4 39
Component based Object oriented Web based
Ans. Web based application application software application Sprial
2 Q. Which of the following model user need to know URL to access the app? deveopment. development development development Development Module 3 67
3 Q. Who is responsible for classification of data in a Dept? Ans. Data owner Module 4 15
Engineering Packaged Technical
4 Q. Expert system is an example of‐ Ans. Knowledge Software. Knowledge Software Software Software Software Module 4 49
Q. Which of the following interface testing approach, a tester may start at top or bottom level TOP DOWN BOTTOM UP SANDWICH MIDDLE LEVEL
5 and depending on Situation move downward or upward? Ans. Sandwich Approach APPROACH APPROACH APPROACH APPROACH Module 4 50
CYCLIC
Q.Which of the following tool is considered useful for comparing processing output with INTEGRATED TEST REDUNDANCY
6 independentlycalculated data? Ans. Integrated Test facility FACILITY CHECK DIGIT HASH TOTAL CHECK Module 3 129 Question 5
Q. The practice of limiting permissions to the minimal level that will allow users to perform SINGILE SIGN
7 their jobs. It is known as Ans. Least privileges Least previligies NEED TO KNOW ON LIMITED ACCESS Module 4 41 Question 3
design of data integrity
8 Q. Which of the following is an example of external schema in a database mgt system? Ans. User views. user views stores constraints tables Module 4 54
9 Q. Batch total is an example of_ Data entry control Module 3 104 Completeness Check
1) Availability
2) Incident
3) Quality
4) Productivity
5) Return on Investment
10 Q. Which of the following is one of the imp operations performance metrics? Ans. Incident. Module 4 40 6) Value Creation
11 Q.Which of the following test is done by the programmer? Ans. Unit test. unit test negative test desk test stress test Module 4 50
12 Q. Which of the following test checks whether programs do what they are supposed to do? Ans. Functional test Module 3 92
Q. Which of the following test is concerned with examining the internal processing logic of a
13 software system? Ans. Structural test Module 3 93
Q. Users have more privileges than they need and may use them to perform actions outside of administrative
14 their job description. It is known as_ Ans. Privilege creep Least previligies override previlige creep super user Module 4 42 Question 4
Q. Which of the following relates to the accuracy and completeness of info as well as to its
15 validity in accordance with business values and expectations? Ans. Integrity Module 3 120
Q.Which of the following relates to the provision of appropriate info for mgt to operate the
16 entity and exercise its fiduciary and governance responsibilities? Ans. Reliability. Compliance Reliability Authorization Effectiveness Module 3 121
indicate well reduce support
Represent the known headaches, which
manufacturers settings increases
Default settings are used by vendors to help users get the system up and running. What is the indicate well known settings Save time and money recommended published by operational http://www.auditcorner.com/2016/02/cisa‐cia‐cpa‐
17 auditor's primary area of interest regarding default settings? published by vendor for the user settings vendor uptime exam‐information.html

18 Which of the following software developing methodology primarily focuses on risk avoidance? Sprial SPIRAL RAD AGILE PROTOTYPE Module 3 73
Processing Control
19 Completeness and Accuracy of Data is assured by ? Procedures Module 3 128 Question 4
application
presentataion data presentataion
presentation
Application physical link network session network data link
session transport transport session transport transport session
Application , Presentaion, network data link physical network dataphysical http://www.auditcorner.com/2016/02/cisa‐cia‐cpa‐
20 Which of the following is the list of OSI Model levels from the top down ? Session presentation application link physical
application exam‐information.html
NONE OF THE
21 Performance, Security, user Interface are examples of which of the following testing ? Non Functional FUNCTIONAL NON FUNCTIONAL BOTH A AND B ABOVE Module 3 91
log files need
System needs to be to be system log files
System needs to be configured and then log management is configured, consume valuable
configured and then someone needs to not required its captured, disk space and
someone needs to read the read the logs and considered waste read, and are used only by
22 What is likely to be the biggest issue regarding log management ? logs and respond respond of time backed up the auditor
number of
Which of the following parameters should not be considered for computing function points number of source lines of expected user source lines of Date elements to
23 under function point analysis? code number of inputs actions code be processsed Module 3 38
24 Who amongst the following has the highest stake in benefit realization from the project ? Project Sponsor Module 3 31
1) Switches
2) Routers
25 Which type of network device directs packets through the internet ? Routers Module 4 60 3) Servers
Which of the following testing is used to identify any errors and improvements in the software usability
26 by observing the users through their usage and operation ? Usability Testing performance testing load testing testing regression testing Module 3 94
 A user account is terminated by the IT Department , only when the request is approved and
27 sent by the_____ Human Resource Department Module 4 37
28 Which type of Control is representative of Exception Reporting ? Processing Processing Output Database Integ Service Level Module 3 118
to assess
efficiency and
understand effectiveness
standards adopted of each
and followed by the function to
organisation through satisfy the
the process of to determine users goals
inquiry, observation significant phases and
and documentation for the various size organisations
29 Which of the following is the role of IS Auditor in SDLC ? All of the above review and type objectvies all of the above Module 3 35
Data erasure (sometimes referred to as data
clearing, data wiping, or data destruction) is a
software‐based method of overwriting the data that
aims to completely destroy all electronic data
residing on a hard disk drive or other digital media by
using zeros and ones to overwrite data onto all
30 Which of the following methods is designed to permanently destroy data on hard disk ? Disk Wiping / Risk Wiping sectors of the device.
Multinational organisation has decided to implement ERP solution across all geographical
31 locations. The Organisation shall initiate a Program Project Program Portfolio Feasibility Study Module 3 43 Question 2
Project Evaluation
Review Technique Critical Path Software Size
32 Tools not used by Project managers to control the projects Software Size Estimation (PERT) Method (CPM) Gantt Chart Estimation Module 3 39
Plan Risk
Analyze Risk, Plan Response, Plan Risk, Identify
Plan Risk, Identify Risk, Plan Risk, Plan Risk Risk Response, Plan Risk, Risk, Analysis
Analysis Risk, Plan Risk Response, Identify Identify Risk, Plan Analyze Risk, Risk, Plan Risk
33 Arrange the following in the order of activities ? Response Risk, Analyze Risk Risk Identify Risk Response Module 3 28
https://www.whatsupgold.com/what‐is‐network‐
monitoring#:~:text=The%20two%20most%20widely
34 which of the following protocols is likely to be used for monitoring the health of network ? SNMP OSI SNMP SMTP RP %20used,and%20the%20devices%20on%20them.
https://books.google.com.bh/books?id=NbTIAgAAQB
AJ&pg=PA409&lpg=PA409&dq=why+ongoing+syste
m+monitoring+is+important+?+For+historic+logging
+and+trend+Analysis&source=bl&ots=hpKrwxF2Ug&
sig=ACfU3U2RFqcNaegXujF‐
Q_6kyJ6GmgsVqg&hl=en&sa=X&ved=2ahUKEwj3ya
mFn8bwAhW4ahUIHc3lA0QQ6AEwEHoECBwQAw#v=
To Collect to find onepage&q=why%20ongoing%20system%20monitori
For historic logging and trend For Preventive For historic logging
Metrics for inconsistencies ng%20is%20important%20%3F%20For%20historic%2
35 why ongoing system monitoring is important ? Analysis Control and trend AnalysisSLA Reports and errors 0logging%20and%20trend%20Analysis&f=false
which of the following categories of maintenance, changes are made to the program(s), when a Preventive Corrective Perfective Adaptive
36 defect or errors arises in working of software? corrective maintenance Maintenance Maintenance Maintenance Maintenance Module 4 51
Difference
b/w space uncompressed
Unused space Disk tracks & allocated & space remaining
Unused space leftover after leftover after disk sectors marked as space actually on the disk 'slack space', is the leftover space on a drive where a
37 Which of the following is the best definition of slack space on a hard disk? disk formatting formatting unusable used partition file is stored (as per Google)
Detection of Security function
Detection of system Filing system for system with event https://www.toppr.com/ask/question/which‐is‐not‐
38 Which of the following is not a function of the Operating System? penetration storage & retrivel penetration User interface(slogging Module 4 46 the‐function‐of‐the‐operating‐system/

Responsible to
handle the Responsible
Responsible to handle the Responsibility to integrity and for creation of
integrity and security of understand existing security of user manual Develops test
information stored in data problem/system/dat information storedand other plan and tests the
39 Which among the following is the function of quality assurance personnel base a flow in data base documents code Module 3 34 Develops test plan and tests the code
Server used to
connect
authorized
Device for users to Proxy server to
preventing private increase the
Server used to connect Special router that authorized users trusted speed of access
authorized users to private connects the internet from accessing the network to authorized Wrong Answer. Asper google, device for preventing
40 A critical function of a firewall is to act as a trusted network resources to a LAN LAN resources users authorized users from accessing the LAN
 plan risk
analyse risk, plan response,plan plan risk, identify
plan risk, plan risk risk response, risk, analyse risk, analyse
plan risk, identify risk, analyse response, identify identify risk, plan risk, identify risk,plan risk
41 arrange the following in the order of activities risk,plan risk response, risk, analyse risk risk risk response, Module 3 28 Same as Qn 33
https://www.ukessays.com/essays/information‐
only for auditor's technology/the‐threat‐of‐packet‐sniffers‐
42 what is security issue regarding packet analysers viewing passwords viewing passwords special training purchase cost use information‐technology‐essay.php
https://www.cisco.com/c/en/us/td/docs/ios‐
xml/ios/ipaddr_arp/configuration/15‐s/arp‐15‐s‐
book/Configuring‐Address‐Resolution‐
Protocol.html#:~:text=The%20Address%20Resolution
Find the mailing find the MAC find the domain %20Protocol%20(ARP,are%20mapped%20to%20IP%2
43 What is the purpose of address resolution protocol? find the MAC address find the IP address address address name 0addresses.
optimise the ensure the
improve customer number of skilled correct prove that the IT https://www.mcqadda.com/2017/09/information‐
44 what is the primary objective in problem escalation ensure the correct response satisfaction personnel response staff is competent technology‐audit.html
in case of an organisation like a bank, which of the following would be the most appropriate gradual parallel
45 software implementation strategy pilot changeover direct changeover changeover changeover pilot changeover Module 3 101
signatures on source management separation of
46 which of the following is not an input authorisation control management review document sequence numbers review duties Module 3 117

object oriented
software re software component based
47 is a process of updating and existing system by reusing design and program components software re engineering reverse engineering engineering development development Module 3 62
which of the following methods is used to make a backup copy of all the data files for a forensic bitstream image logical image full disk nonvolatile https://quizlet.com/459659806/practice‐questions‐
48 investigation bitstream image backup backup backup backup backup mis‐415‐final‐exam‐flash‐cards/
possibility of the developing
possibility of the location location being a appropriate
being a technology crime technology crime scheduling of help desk compliance with
49 which of the following is a major issue facing incident response scene scene internal personnel procudures current IT policies
when separation of duties is not possible, what would be the terminology for forcing compensating transaction
50 employees to take vacation, job rotation, reconciliation and supervision review compensating control preventative control corrective control control control Module 3 109

accepted, review
is not necessary
supplied by an because it is a
independant accepted at face reviewed by third party and
performance of a third party should be compared to agreed upon service level metrics and employee of the value by the the outside the
51 must be reviewed by the management service provider customer management customers' control https://blog.masterofproject.com/3‐types‐sla/
https://www.coursehero.com/file/p5mdbkg/An‐IS‐
auditor‐is‐auditing‐the‐controls‐relating‐to‐
the detaiks of employee‐termination‐
the employee
have been company property
Which/#:~:text=19.,important%20aspect%20to%20b
company staff are all login accounts removed from provided to the e%20reviewed%3F&text=Company%20property%20
an IS auditor is auditing controls related to an employee termination. which of the following is all login accounts of the notified about the of the employee active payroll employee has provided%20to%20the,information%20by%20a%20t
52 the most important aspect to be reviewed employee are terminated termination are terminated files been returned erminated%20employee.
Module‐4 :

Information Systems Operations and Management

Chapter 1. Information Systems Management

1. Which of the following is a common feature for all the policies?

A. Encryption
B. Standards
C. Acceptable use policy
D. Process
The correct answer is C
An Acceptable use policy is a set of rules applied by the owner, creator or administrator of a network,
website, or service, that restrict the ways in which the network, website or system may be used and
sets guidelines as to how it should be used. It must be abided by all employees of the organization.
Choices A, B, and D are not common to all policies.

2. Which of the following is not an HRM function?

A. Recruitment
B. Cyber security training
C. Security Policy approval
D. Appraisal
The correct answer is C
Approval of the Policy is responsibility of the Governing Board of the organization. All other options are
the functions of the HRM.

3. Which of the following training an employee can acquire while working on his/her desk in the
office?
A. E-learning
B. Simulator based training
C. Instructor led training
D. Hands on training
The correct answer is A
E-learning is a learning environment which uses information and communication technologies (ICT's)
as a platform for teaching and learning activities. Rest of the trainings require in person attendance and
cannot be done from the office desk.

4. For an unexpected and sudden changes in technology, organizations need to be

A. Innovative
B. Agile
C. Expert
D. Doer
The correct answer is B
Agility is the organization's ability to quickly or proactively react to technological changes.. Choices A,
C, and D are based on the need of the organization and not necessarily due to change in technology or
the environment in which the organization operates.
5. Who owns the data in a department?
A. System owner
B. Process owner
C. Data custodian
D. Data owner
The correct answer is D
The data owner has the ability to create, edit, modify, share and restrict access to the data. Data
ownership also defines the data owner’s ability to assign, share or surrender all of these privileges to a
third party. The IT Department acts as the Data Custodian, responsible for the safe custody, transport,
storage of the data and implementation of business rules. System Owner is a person or department
having responsibility for the development, procurement, integration, modification, operation and
maintenance, and/or final disposition of an information system. Process Owner is a person, who is
accountable for the performance of the process and manages the process on a daily basis.

6. The GREATEST challenge in outsourcing data processing is

A. Data confidentiality
B. Distance
C. Data integrity
D. Cost
The correct answer is A
The main challenge while choosing outsourcing data processing is data confidentiality. Companies feel
comfortable in sharing data, only with employees whom they trust or who are bounded by the
contractual commitments to keep the data undisclosed. Majority of the outsourcing firms sign a strict
non disclosure agreement with the companies which assures that the data would be kept confidential
and any breach on the agreement would be punishable under the law.. Choices B and D are
advantages of outsourcing. Data integrity is the overall completeness, accuracy and consistency of
data. Data integrity although very important but does not pose a greater challenge than data
confidentiality.

7. Which one of the following combinations of roles should be of GREATEST concern for the IS
auditor?
A. Network administrators are responsible for quality assurance
B. Security administrators are system programmers
C. End users are security administrators for critical applications
D. Systems analysts are database administrators

The correct answer is B

When individuals serve multiple roles this represents a separation of duties problem and is associated
with risk. Security administrators should not be system programmers, due to the associated rights of
both functions. A person with both security and programming rights could do almost anything on a
system. The other combinations of roles are valid from a separation of duties perspective. Ideally,
network administrators should not be responsible for quality assurance because they could approve
their own work. However, that is not as serious as the combination of security and programming, which
would allow nearly unlimited abuse of privilege. In some distributed environments, especially with small
staffing levels, users may also manage security. While a database administrator is a very privileged
position and it would not be in conflict with the role of a systems analyst.
8. Accountability for the maintenance of appropriate security measures over information assets
resides with:
A. Security administrator
B. Systems administrator
C. Data and systems owners
D. Systems operations group
The correct answer is C
Management should ensure that all information assets (data and systems) have an appointed owner
who makes decisions about classification and access rights. System owners typically delegate day-to-
day custodianship to the systems delivery / operations group and security responsibilities to a security
administrator. Owners, however, remain accountable for the maintenance of appropriate security
measures.

9. The decision-making environment of an operational level manager can be characterized as :

A. Structured
B. Semi-structured
C. Unstructured
D. None of these
The correct answer is A
Operational level manager is the lowest level of manager and engaged in day-to-day activities, which
require detailed information. Hence the decision-making environment is required to be structured. For
administrative and top management the decision making environment is semi structured and
unstructured respectively.

10. Which department is MOST LIKELY to store Personally identifiable information (PII) data ?
A. Management
B. Information System Department
C. Marketing Department
D. Human Resource Department
The correct answer is D
Personally identifiable information (PII) is any information about an individual that can be used to
distinguish or trace an individual's identity, such as name, PAN, Aadhaar Number, date and place of
birth, mother's maiden name, or biometric records. The HRM System stores PII of all employee data.
Choices A, B, C do not store or process employee personal information, they have operations or
transaction data.

Chapter 2
Information Systems Operations

1. Why should organizations want to manage logs?

A. To be informed when something unusual happens involving a system or application
B. To be able to do take action in response to a security event
C. To keep a record of all the responses to security events
 D. All of the above
The correct answer is D
Log management systems provide insight into a variety of incidents / issues with systems and devices,
as well as being a compliance requirement under many regulations. For all of the above reasons, log
management is a necessity for enterprise security.

2. When implementing a log management program, it's BEST to start with:

A. Technology from a trusted vendor
B. The same program and process that organizations with similar business are using
C. List of top-three vendors from a published report
D. A careful review of the organization's log management and reporting needs
The correct answer is D
Without understanding what logging capabilities the organization has (or doesn't have) and what
information is needed from those logs, it's impossible to implement an effective log management
program. Choice A, B and C may help in selection of the vendor but are not the starting points.

3. The security principle of least privilege is:

A. The practice of limiting permissions to the minimal level that will allow users to perform their
jobs.
B. The practice of increasing permissions to a level that will allow users to perform their jobs and
those of their supervisor.
C. The practice of limiting permissions to a level that will allow users to perform their jobs and
those of their immediate colleagues.
D. The practice of increasing permissions to a level that will allow users to use the cloud services
of their choice in order to get their jobs done more quickly.

The correct answer is A

The principle of least privilege is the practice of limiting access rights for users to the bare minimum
permissions they need to perform their work. The users are granted permission to read, write or
execute only the files or resources they need to do their jobs, or restricting access rights for
applications, systems, processes and devices to only those permissions required to perform authorized
activities. Enforcing least privilege plays a key role in limiting (containing) the damage that malicious
users may cause. Choice B, C and D do not indicate the principle of least privilege.

4. Why does privilege creep pose a security risk?

A. Users privileges don't match their job or role and responsibilities.
B. Because with more privileges there are more responsibilities.
C. Users have more privileges than they need and may use them to perform actions outside of
their job description.
D. Auditors may question about a mismatch between an individual's responsibilities and their
privileges and access rights
The correct answer is C
Auditors certainly will question if they find that users have greater privileges than they need to perform
their jobs, but the real risk is that a disgruntled user could abuse their elevated privileges, so C is the
right answer and not A, B and D.
5. Software Configuration management is the discipline for systematically controlling
A. Changes due to the evolution of work products as the project progresses
B. The changes required due to defects being found which are to be fixed
C. Changes necessary due to change in requirements
D. All of the above
The correct answer is D
Software Configuration Management is defined as a process to systematically manage, organize, and
control the changes in the software programs, documents, codes, and other entities during the
Software Development Life Cycle. Any change in the software configuration Items will affect the final
product. Therefore, changes to configuration items need to be controlled and managed. Hence all the
options are important.

6. Which of the following is the top priority that, companies planning to implement an asset
management system should examine?
A. The visual appeal of websites, internal search pages and marketing collateral
B. Number of videos, audio files and other multimedia assets available
C. Specific data needs and the business problems to be solved
D. All of the above
The correct answer is C
Asset Management is a process used to keep track of the equipment and inventory vital to day-to-day
operation of the business. Asset management requirements should be aligned with the business
objectives. Choice A and B may assist in selection of an appropriate system based on the needs of the
organization but are not top priority requirements.

7. Self-service assistance to users provided by help-desk such as resetting passwords etc. is

considered which level of assistance?
A. Level 4
B. Level 0
C. Level 2
D. Level 1
The correct answer is B
Level 0, because it is self-service. Choice A, C and D are those, where help desk operator would help
the user.

8. During development of a software system, which of the following will be used to maintain
software integrity?
A. Configuration Management
B. Version Control
C. Change Management
D. None of the above
The correct answer is B
Version Control. Choice A and C are steps before version control

9. Who of the following would approve or reject major changes in configuration?

A. Management
B. Change control board
C. User
D. System Administrator
The correct answer is B
Projects receive multiple change requests and these must be evaluated by the change control board. A
change control board is a group of individuals responsible for reviewing and analyzing change requests
and recommending or making decisions on requested changes to the baselined work. Poor change
control can significantly impact the project in terms of scope, cost, time, risk, and benefits. Choice A, C
and D do not have authority to approve or reject major changes.

10. A transaction in a database management system should be atomic in nature. An Atomic

Transaction is:
A. Transaction should be submitted by a user
B. Transaction should be either completed or not completed at all
C. Transaction should fail
D. Transaction can be in-between fail and complete
The correct answer is B
Atomicity is either a complete transaction or a failed transaction. It does not permit transient stage or
partially complete transactions. Choice A, C and D are not correct.

Chapter 3
Software Operations & Management

1. The main focus of acceptance testing is

A. Ensuring that the system is acceptable to management
B. Accepting errors & bugs in the system
C. Ensuring that the system is acceptable to users
D. Ensuring that the system is acceptable to auditors
The correct answer is C
Acceptance testing is a testing technique performed to determine whether or not the software system
has met the requirement specifications. The main purpose of this test is to evaluate the system's
compliance with the business requirements and verify if it is has met the required criteria for delivery to
end users. Choices A, B and D are not the focus of acceptance testing.

2. Which of the following test would be carried out when, individual software modules are
combined together as a group?
A. Integration testing
B. Unit testing
C. System testing
D. White box testing
The correct answer is A
Integration testing is a level of software testing where individual units are combined and tested as a
group. The purpose of this level of testing is to expose faults in the interaction between integrated units.
Option B is module testing, while C is complete system testing and Option D is testing of internal logic
as well.

3. Which of the following should be reviewed to provide assurance of the database referential
integrity
A. Field definition
B. Master table definition
C. Composite keys
D. Foreign key structure
The correct answer is D
Referential integrity in a relational database refers to consistency between linked tables. Referential
integrity is usually enforced by the combination of a primary key and a foreign key. For referential
integrity to hold, any field in a table that is declared a foreign key should contain only values from a
parent table’s primary key. Option A Field definitions describe the layout of the table, but are not directly
related to referential integrity. Option B Master table definition describes the structure of the database,
but is not directly related to referential integrity. Option C Composite keys describe how the keys are
created, but are not directly related to referential integrity.

4. When evaluating the effectiveness and adequacy of a preventive computer maintenance

program, which of the following would be considered to be MOST helpful to an IS Auditor?
A. A system downtime log
B. Vendors' reliability figures
C. Regularly scheduled maintenance log
D. A written preventive maintenance schedule
The correct answer is A

A system downtime log provides information regarding the effectiveness and adequacy of computer
preventive maintenance programs. The log is a detective control, but because it is validating the
effectiveness of the maintenance program, it is validating a preventive control. Option B Vendor’s
reliability figures are not an effective measure of a preventive maintenance program. Option C
Reviewing the log is a good detective control to ensure that maintenance is being done; however, only
the system downtime will indicate whether the preventive maintenance is actually working well. Option
D A schedule is a good control to ensure that maintenance is scheduled and that no items are missed
in the maintenance schedule; however, it is not a guarantee that the work is actually being done..

5. In a relational DBMS a record refers to which of the following

A. Tuple
B. Rows
C. Column
D. Transaction
The correct answer is A
Tuple. Record is called tuple. Choice B , C and D does not represent a record. Choice B is many rows
and not a single row.

6. Which of the following will ensure that a column in one table will have a valid value or shall be
“null” in another table’s column?
A. Primary key
B. Secondary key
C. SQL
D. Foreign key
The correct answer is D
Foreign key. Primary key does not represent relation, it is the same key in another table and represents
relation with table where it is the primary key.
7. Database normalization is
A. Data redundancy optimization
B. Data logging and accountability
C. Streamlining data process
D. Deleting temporary files
The correct answer is A
Normalization is a database design technique that organizes tables in a manner that reduces
redundancy and dependency of data. Normalization divides larger tables into smaller tables and links
them using relationships. The purpose of Normalization is to eliminate redundant (useless) data and
ensure data is stored logically. The main idea with this is that a table should be about a specific topic
and only supporting topics included. By limiting a table to one purpose you reduce the number of
duplicate data contained within your database. This eliminates some issues stemming from database
modifications.

8. Which of the following is NOT a property of database transactions?

A. Consistency
B. Atomicity
C. Insulation
D. Durability
The correct answer is C
It is isolation not insulation. A transaction in a database should be designed in such a way that, it
satisfies ACID property. A is Atomicity, C is Consistency, I is Isolation and D is Durability. This means
that, when a programmer or DA defines a transaction (such as Insert or Update), it should be defined in
such a way that it will satisfy the ACID test i.e. the transaction will be atomic (not divisible further), when
completed it will keep the database in consistent state, it will be isolated while it is executing and it will
be written on a persistent (permanent) storage such as secondary storage.

9. After discovering a security vulnerability in a third-party application that interfaces with

several external systems, a patch is applied to a significant number of modules. Which of the
following tests should an IS auditor recommend?
A. Stress
B. Black box
C. Interface
D. System

The correct answer is D

Given the extensiveness of the patch and its interfaces to external systems, system testing is most
appropriate. System testing will test all the functionality and interfaces between modules. Option A
Stress testing relates to capacity and availability and does not apply in these circumstances. Option B
Black box testing would be performed on the individual modules, but the entire system should be tested
because more than one module was changed. Option C Interface testing would test the interaction with
external systems, but would not validate the performance of the changed system.

10. An organization has recently installed a security patch, which crashed the production
server. To minimize the probability of this occurring again, an IS auditor should:
A. Apply the patch according to the patch's release notes.
B. Ensure that a good change management process is in place.
C. Thoroughly test the patch before sending it to production.
D. Approve the patch after doing a risk assessment.
The correct answer is B.
An IS auditor must review the change management process, including patch management procedures,
and verify that the process has adequate controls and make suggestions accordingly. The other
choices are part of a good change management process but are not an IS auditor's responsibility.

Chapter 4
Incident Response and Management

1. Basic operation of the SIEM tools, on the logs collected from the devices is
A. Correlating the log
B. Collecting the log
C. Analyzing the log
D. Live Correlating the log
The correct answer is D
Log correlation is about constructing rules that look for sequences and patterns in log events that are
not visible in the individual log sources. The basic function of an SIEM is to correlate logs online and
perform analysis that would otherwise be done by repetitive human analysis.

2. Which of the following is not a part of SIEM tools?

A. Sensor
B. Collector
C. Agent
D. Log
The correct answer is C
SIEM is defined as a complex set of technologies to provide real-time event collection, monitoring,
correlating, and analyzing events across disparate sources, making it easier to monitor and
troubleshoot IT infrastructure in real time. An Agent is third party tool for supporting devices. Options A,
B and D are part of SIEM tools.

3. Which one is not the part of SIEM application?

A. Risk assessment
B. Vulnerability Scanning
C. Real time monitoring
D. Normalization
The correct answer is D
Normalization is a database design technique that organizes tables in a manner that reduces
redundancy and dependency of data. Normalization divides larger tables into smaller tables and links
them using relationships. Option D is not part of SIEM applications.

4. How does a SIEM tool handle the issue of Completeness of log?

A. Encryption
B. Hashing
C. Digital Signing
D. Time stamping
The correct answer is B
A privileged user with some knowledge on the internal structure of the SIEM data can easily delete
logs, backdate logs, or modify existing logs. Hashing log files or log entries and storing the hash on disk
for future verification ensuring integrity and completeness of the logs. For encryption, signing and time
stamping you need a well-managed public key infrastructure (PKI) with secure hardware storage for
keys.

5. The computer security incident response team (CSIRT) of an organization publishes detailed
descriptions of recent threats. An IS auditor's GREATEST concern should be that the users
may:
A. Use this information to launch attacks
B. Forward the security alert
C. Implement individual solutions
D. Fail to understand the threat

The correct answer is A

An organization's computer security incident response team (CSIRT) should disseminate recent
threats, security guidelines and security updates to the users to assist them in understanding the
security risk of errors and omissions. However, this introduces the risk that the users may use this
information to launch attacks, directly or indirectly. An IS auditor should ensure that the CSIRT is
actively involved with users to assist them in mitigation of risk arising from security failures and to
prevent additional security incidents resulting from the same threat. Option B Forwarding the security
alert is not harmful to the organization. Option C Implementing individual solutions is unlikely and
inefficient, but not a serious risk. Option D Users failing to understand the threat would not be a serious
concern.

6. The main goal of Security Operation Centre (SOC) is

A. Detect, analyze and report
B. Detect, analyze and respond
C. Collect, analyze and report
D. Collect, analyze and respond
The correct answer is B
A Security Operation Centre (SOC) is a centralized function within an organization employing people,
processes, and technology to continuously monitor and improve an organization's security posture
while preventing, detecting, analyzing, and responding to security incidents. Reporting is not the part of
SOC.

7. What is the primary purpose of an incident management program?

A. Identify and assess incidents
B. Conduct lessons learned sessions
C. Alert key individuals
D. Assign responsibility
The correct answer is A
Incident Response Management Program aims to manage the lifecycle of all Incidents (unplanned
interruptions or reductions in quality of IT services). The primary objective of this program is to identify,
assess, analyze, and correct the incidents to prevent a future re-occurrence and to make available the
IT service to users as quickly as possible.
8. SOC shall be ineffective without the support of –
A. Risk
B. Budget
C. Top management
D. Quality
The correct answer is C
Without clear executive support, a SOC may be ineffective, and its value will not be realized. Creating
an effective SOC requires support to establish a clear mandate for the SOC and a long-term strategy,
and also a strong SOC leader to drive organizational change and develop a culture of security. The
SOC leader shall take care of Risks and Quality.

9. Phases of an incident management program

A. Prepare, Respond, and follow up
B. Plan, prepare, and respond
C. Plan, prepare and follow up
D. Prepare, plan and respond
The correct answer is A
Incident response program can be broken down into four broad phases: (1) Preparation; (2) Detection
and Analysis; (3) Containment, Eradication, and Recovery; and (4) Post- Event Activity. Hence Option
A Prepare, Respond, and follow up, are in correct order. Options B, C and D are incomplete.

10. Within an Incident Response Management program, the Containment phase aims to
A. Block the event
B. Reduce the impact
C. Remove the event
D. Rise the event
The correct answer is B
When a breach is first discovered, in the containment phase, the Incident Response team after having
gathered the information and gained an understanding of the incident, will begin to combat the threat by
taking actions to prevent further damage, such as closing ports or blocking IPs. Hence Option B is the
correct answer.
Q. Self Service assistance to users provided by help desk such as resetting passwords etc. is considered which level of assistence?
Ans. Level 0
Q.A MN org. has decided to implement an ERP soln across all geolocations. The org shall initiate a-
Ans. Program
Q. Which of the following model user need to know URL to access the app?
Ans. Web based application deveopment.
Q. Who is responsible for classification of data in a Dept?
Ans. Data owner
Q. Expert system is an example of-
Ans. Knowledge Software.
Q. Which of the following interface testing approach, a tester may start at top or bottom level and depending on Situation move downward or upward?
Ans. Sandwich Approach
Q.Which of the following tool is considered useful for comparing processing output with independentlycalculated data?
Ans. Integrated Test facility
Q. The practice of limiting permissions to the minimal level that will allow users to perform their jobs. It is known as
Ans. Least privileges
Q. Which of the following is an example of external schema in a database mgt system?
Ans. User views.
Q. A user Account is terminated by the IT dept, only when the request is approved and sent by the-
Ans. HR dept
Q. Which of the following categories of maintanance, changes are made to the program(s), when a defect or error arises in working of softwae?
Ans. Correcrive maintance
Q. Batch total is an example of_
Ans. Processing total
Q. Which of the following is one of the imp operations performance metrics?
Ans. Incident.
Q.Which of the following test is done by the programmer?
Ans. Unit test.
Q. Which of the following test checks whether programs do what they are supposed to do?
Ans. Functional test
Q. Which of the following test is concerned with examining the internal processing logic of a software system?
Ans. Structural test
Q. Users have more privileges than they need and may use them to perform actions outside of their job description. It is known as_
Ans. Privilege creep
Q. Which of the following relates to the accuracy and completeness of info as well as to its validity in accordance with business values and expectations?
Ans. Integrity
Q.Completeness and accuracy of accumulated data is ensured by_
Ans. Processing control Procedures
Q.Which of the following relates to the provision of appropriate info for mgt to operate the entity and exercise its fiduciary and governance responsibilities?
Ans. Reliability.
1. Which of following may help to establish accuracy and completeness of data?
- Hash value
2. Which of following types of attacks may be prevented by input validation?
- SQL injection
3. Which of following is central storage for all kinds of structured, semi structured or unstructured raw data collected from multiple sources?
- Data lake
4. After major earthquake a business decides to shift to location of data center from earthquake zone 5 to earthquake zone 2 which type of risk respond option it has exercise?
- Avoid
5. Which of following is not example of ai platform?
- Microsoft power bi
6. Which of following is a cloud deployment model is highly scalable?
- Public
7. Use of license software, patch updates, disabling default users and using anti-malware software are the control against?
- Back door
8. Which of the following types of attacks may be prevented by using anti-malware and application from trusted source?
- Logic bomb
9. At that strives for natural, human like interaction with machine is known as?
- Cognitive computing
10. Which of the following provides secure connection between two end points?
- Transport mode
11. Which of the block chain principals state that each node stores and forwards information to all other nodes?
- Peer to peer
12. Which of the following types of smart card enables card reader to send the card in possession of user in the general area and allow access?
- Wireless proximity reader
13. Which of the following is a type of malware that takes control of administrative rights for execution of malicious codes?
- Trojan
14. Which of the following is example of robotic process automation?
- Cross application macros
15. Which of the following is a sense of minor attacks those together results in larger attack?
- salami theft
16. Which of the following enable hackers to exploit system vulnerabilities including human element?
- Attack vector
17. Which of the following cloud deployment model, customer hold the control of operating system?
- Iaas
18. Which of the following analytics assist in identifying the best option to choose to achieve the desire out come through optimization techniques and machine learning?
- prescriptive analytics
19. which of the following is primary requirement of granting users access to information asset?
- Identification
20. Primary purpose of access control dead man door, turnstile, mantrap is to?
-prevent unauthorized entry