When auditing an application change control process, which of the following procedures should be included in the scope of the audit?
1) Ensure system change requests are formally initiated, documented, and approved.
2) Ensure processes are in place to prevent emergency changes from taking place.
3) Ensure changes are adequately tested before being placed into the production environment.
4) Evaluate whether the procedures for program change management are adequate.

• A.1 only
• B.1 and 3 only
• C.2 and 4 only
• D.1, 3, and 4 only

Comment: *

Name: *

Email: *

Verification: *

Which of the following bring-your-own-device (BYOD) practices is likely to increase the risk of infringement on local regulations such as copyright or privacy laws?

• A.Not installing anti-malware software
• B.Applying a weak password for access to a mobile device
• C.Updating operating software in a haphazard manner
• D.Jailbreaking a locked smart device.

Comment: *

Name: *

Email: *

Verification: *

Which of the following IT disaster recovery plans includes a remote site designated for recovery with available space for basic services, such as internet and telecommunications, but does not have servers or infrastructure equipment?

• A.Warm site.
• B.Cold site.
• C.Hot site.
• D.Frozen site.

Comment: *

Name: *

Email: *

Verification: *

Which of the following cybersecurity-related activities is most likely to be performed by the second line of defense?

• A.implement vulnerability management with internal and external scans.
• B.Administer security procedures, training, and testing.
• C.Monitor incidents, key risk indicators, and remediation
• D.Deploy intrusion detection systems and conduct penetration testing

Comment: *

Name: *

Email: *

Verification: *

Which of the following statements regarding program change management is not correct?

• A.All changes should be tested in a non-production environment before migrating to the production environment.
• B.The degree of risk associated with a proposed change determines if the change request requires authorization.
• C.In order to protect the production environment, changes must be managed in a repeatable, defined, and predictable manner.
• D.The goal of the change management process is to sustain and improve organizational operations.

Comment: *

Name: *

Email: *

Verification: *