The IS auditor should:
An IS auditor finds that, in accordance with IS policy, IDs of terminated users are deactivated within 90 days of
termination. The IS auditor should:
which of the following steps should be executed FIRST?
When developing a security architecture, which of the following steps should be executed FIRST?
Which of the following is the PRIMARY concern associate…
A retail outlet has introduced radio frequency identification (RFID) tags to create unique serial numbers for all
products. Which of the following is the PRIMARY concern associated with this initiative?
Which of the following would MOST likely indicate that …
Which of the following would MOST likely indicate that a customer data warehouse should remain in-house
rather than be outsourced to an offshore operation?
A top-down approach to the development of operational p…
A top-down approach to the development of operational policies will help ensure:
To ensure an organization is complying with privacy req…
To ensure an organization is complying with privacy requirements, an IS auditor should FIRST review:
In an organization where an IT security baseline has be…
In an organization where an IT security baseline has been defined, an IS auditor should FIRST ensure:
A comprehensive and effective e-mail policy should addr…
A comprehensive and effective e-mail policy should address the issues of e-mail structure, policy enforcement,
monitoring and:
Which of the following is MOST critical for the success…
Which of the following is MOST critical for the successful implementation and maintenance of a security policy?
Which of the following would MOST likely be a part of t…
The management of an organization has decided to establish a security awareness program. Which of the
following would MOST likely be a part of the program?