When selecting audit procedures, an IS auditor should use professional judgment to ensure that:

An IS auditor evaluating logical access controls should FIRST:

The PRIMARY purpose of an IT forensic audit is:

An IS auditor is performing an audit of a remotely managed server backup. The IS auditor reviews
the logs for one day and finds one case where logging on a server has failed with the result that
backup restarts cannot be confirmed. What should the auditor do?

In an IS audit of several critical servers, the IS auditor wants to analyze audit trails to discover
potential anomalies in user or system behavior. Which of the following tools are MOST suitable for
performing that task?

An IS auditor is evaluating a corporate network for a possible penetration by employees. Which of
the following findings should give the IS auditor the GREATEST concern?

Which of the following is the PRIMARY advantage of using computer forensic software for
investigations?

An IS auditor has imported data from the client’s database. The next step-confirming whether the
imported data are complete-is performed by:

CORRECT TEXT
The vice president of human resources has requested an audit to identify payroll overpayments for
the previous year. Which would be the BEST audit technique to use in this situation?
A) Test data

During a security audit of IT processes, an IS auditor found that there were no documented
security procedures. The IS auditor should: