CISA Questions And Answer 2005试题资料

大量题目试题资料，DOC文档289页。

试题统计表：

SectionTotal
Section 1
65
Section 2
69
Section 3
92
Section 4
160
Section 5
63
Section 6
106
Section 7
95
Summary650

63. In a critical server, an IS auditor discovers a Trojan horse that was produced by a known virus that exploits a vulnerability of an operating system. Which of the following should an IS auditor do FIRST?
A. Investigate the virus author.
B. Analyze the operating system log.
C. Ensure that the malicious code is removed.
D. Install the patch that eliminates the vulnerability.

The correct answer is:
C. Ensure that the malicious code is removed.
Explanation:
The priority is safeguarding the system; therefore, the IS auditor should suggest corrective controls, i.e., remove the code. The IS auditor is not responsible for investigating the virus. The IS auditor may analyze the virus information and determine if it has affected the operating system, but this is an investigative task that would take place after ensuring that the malicious code has been removed. Installing the patch that eliminates the vulnerability should be done by technical support.

64. Senior management has requested that an IS auditor assist the departmental management in the implementation of necessary controls. The IS auditor should:
A. refuse the assignment since it is not the role of the IS auditor.
B. inform management of his/her inability to conduct future audits.
C. perform the assignment and future audits with due professional care.
D. obtain the approval of user management to perform the implementation and follow-up.

The correct answer is:
B. inform management of his/her inability to conduct future audits.
Explanation:
In this situation the IS auditor should inform management of the impairment of independence in conducting further audits in the auditee area. An IS auditor can perform non-audit assignments where the IS auditor’s expertise can be of use to the management; however, by performing the non-audit assignment, the IS auditor cannot conduct the future audits of the auditee as his/her independence may be compromised. However, the independence of the IS auditor will not be impaired when suggesting/recommending controls to the auditee after the audit.

65. Which of the following is the PRIMARY advantage of using computer forensic software for investigations?
A. The preservation of the chain of custody for electronic evidence
B. Time and cost savings
C. Efficiency and effectiveness
D. Ability to search for violations of intellectual property rights