Which of the following is the PRIMARY reason for an IS auditor to select a statistical sampling method?

• A.Statistical sampling methods are the most effective way to avoid sampling risk.
• B.Statistical sampling methods must be used to mitigate audit risk.
• C.Statistical sampling methods help the auditor to determine the tolerable error rate.
• D.Statistical sampling methods enable the auditor to objectively quantify the probability of error.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST way to determine il IT is delivering value to the business?

• A.Interview key IT managers and service providers.
• B.Analyze downtime frequency and duration.
• C.Review IT service level agreement (SLA) results.
• D.Perform control self-assessments (CSAs).

Comment: *

Name: *

Email: *

Verification: *

During an audit of a disaster recovery plan (DRP) for a critical business area, an IS auditor finds that not all critical systems are covered. What should the auditor do NEXT?

• A.Verify whether the systems are part of the business impact analysis (BIA).
• B.Evaluate the impact of not covering the systems.
• C.Evaluate the prior year's audit results regarding critical system coverage.
• D.Escalate the finding to senior management.

Comment: *

Name: *

Email: *

Verification: *

Which of the following provides the MOST protection against emerging threats?

• A.Demilitarized zone (DMZ)
• B.Signature-based intrusion detection system (IDS)
• C.Real-time updating of antivirus software
• D.Heuristic intrusion detection system (IDS)

Comment: *

Name: *

Email: *

Verification: *

What is the PRIMARY objective of implementing data classification?

• A.Employ data leakage prevention tools.
• B.Establish appropriate data protection methods.
• C.Create awareness among users.
• D.Establish appropriate encryption methods.

Comment: *

Name: *

Email: *

Verification: *