IIA-CIA-Part3 Practice Questions

A.  

A wireless local area network (WLAN ).

B.  

A personal area network (PAN).

C.  

A wide area network (WAN).

D.  

A virtual private network (VPN)

A.  

Escalate the issue to the chief risk officer

B.  

Raise the issue with senior management

C.  

Continue with the assurance engagement as planned

D.  

Place the assurance engagement on hold due to inappropriate timing

A.  

Providing fire detection and suppression equipment

B.  

Establishing a physical security policy and promoting it throughout the organization

C.  

Performing business continuity and disaster recovery planning

D.  

Keeping an offsite backup of the organization's critical data

A.  

Inventory of information assets

B.  

Limited sharing of data files with external parties.

C.  

Vulnerability assessment

D.  

Clearly defined policies

A.  

Verify completeness and accuracy.

B.  

Verify existence and accuracy.

C.  

Verify completeness and integrity.

D.  

Verify existence and completeness.

A.  

Numerous and consistent attacks on the company's website caused the server to crash and service was disrupted.

B.  

A person posing as a representative of the company’s IT help desk called several employees and played a generic prerecorded message requesting password data.

C.  

A person received a personalized email regarding a golf membership renewal, and he click a hyperlink to enter his credit card data into a fake website

D.  

Many users of a social network service received fake notifications of e unique opportunity to invest in a new product.

A.  

Decrease the transfer price.

B.  

Increase the transfer price.

C.  

Charge at the arm’s length price.

D.  

Charge at the optimal transfer price.

A.  

Earned Value Management (EVM).

B.  

Organizational procedures.

C.  

Performance measurement.

D.  

Project Management Information System (PMIS).

A.  

The engagement is wholly performed by the independent consultant and the CAE forms the opinion

B.  

The independent consultant accomplishes the entire engagement and forms the opinion

C.  

Internal auditors work with the independent consultant and the CAE forms the opinion

D.  

Internal auditors carry out the entire engagement and the independent consultant forms the opinion

A.  

Higher cash flow and treasury balances.

B.  

Higher inventory balances.

C.  

Higher accounts receivable.

D.  

Higher accounts payable.

A.  

External assessments

B.  

Communication of QAIP results to the board

C.  

Disclosure of nonconformance

D.  

Internal assessments

A.  

Boundary defense

B.  

Malware defense.

C.  

Penetration tests

D.  

Wireless access controls

A.  

Less use of policies and procedures.

B.  

Less organizational commitment by employees.

C.  

Less emphasis on extrinsic rewards.

D.  

Less employee’s turnover.

A.  

Allowing access to the organization's network only through a virtual private network.

B.  

Logging devices that access the network, including the date. time, and identity of the user.

C.  

Tracking all mobile device physical locations and banning access from non-designated areas.

D.  

Permitting only authorized IT personnel to have administrative control of mobile devices.

A.  

Management by objectives is most helpful in organizations that have rapid changes.

B.  

Management by objectives is most helpful in mechanistic organizations with rigidly defined tasks.

C.  

Management by objectives helps organizations to keep employees motivated.

D.  

Management by objectives helps organizations to distinguish clearly strategic goals from operational goals.