CISA Certified Information Systems Auditor – Question3095

An IS auditor suspects an organization's computer may have been used to commit a crime. Which of the following is the auditor's BEST course of action?

A.
Examine the computer to search for evidence supporting the suspicions.
B. Notify local law enforcement of the potential crime before further investigation.
C. Contact the incident response team to conduct an investigation.
D. Advise management of the crime after the investigation.

Correct Answer: C

CISA Certified Information Systems Auditor – Question3093

An IS auditor finds an organization has a significant number of systems developed by end-users. Which of the following is the BEST recommendation to help mitigate the associated risks?

A.
Storing systems on a shared drive managed by IT
B. Storing developed source code in a centralized repository
C. Centralizing information technology procurement
D. Using a formal development methodology

Correct Answer: D

CISA Certified Information Systems Auditor – Question3091

Which of the following controls BEST mitigates the impact of a distributed denial of service (DDoS) attack against the controller in a software-defined network (SDN)?

A.
Implementing multiple physical SDN controllers
B. Relocating virtualized network functions to physical infrastructure
C. Hardening the operating system that hosts the SDN controller
D. Implementing configuration management for SDN controllers

Correct Answer: A

CISA Certified Information Systems Auditor – Question3090

Which of the following is MOST important when creating a forensic image of a hard drive?

A.
Generating a content hash of the hard drive
B. Requiring an independent third-party be present while imaging
C. Securing a backup copy of the hard drive
D. Choosing an industry-leading forensics software tool

Correct Answer: A