IIA-CIA-Part3 Free Practice Test

- (Exam Topic 2)
According to IIA guidance, which of the following statements is true with regard to workstation computers that access company information stored on the network?

1. A. individual workstation computer controls are not as important as companywide server controls.
2. B. Particular attention should be paid to housing workstations away from environmental hazards.
3. C. Cybersecurity issues can be controlled at an enterprise level making workstation level controls redundant
4. D. With security risks near an all-time high workstations should not be connected to the company network

Correct Answer: B

- (Exam Topic 2)
Which of the following most accurately describes the purpose of application authentication controls?

1. A. To ensure that data input into business applications is valid, complete, and accurate.
2. B. To prevent or detect errors in data processed using business applications.
3. C. To ensure that business applications are protected from unauthorized logical access.
4. D. To ensure the validity, accuracy, and completeness of outputs from business applications.

Correct Answer: C

- (Exam Topic 1)
For an engineering department with a total quality management program, important elements of quality management include all of the following except:

1. A. Basing performance evaluations on the number of projects completed.
2. B. Comparing results with those of other engineering departments.
3. C. Creating a quality council within the engineering department.
4. D. Conducting post-project surveys on performance.

Correct Answer: A

- (Exam Topic 2)
Which of the following statements is true regarding the risks associated with the increased use of smart devices at work?

1. A. Due to their small size and portability smart devices and their associated data are typically less susceptible to physical loss
2. B. The Bluetooth and WI-FI features of smart devices enhance the security of data while in transit
3. C. The global positioning system (GPS) capability of smart devices could be exploited to plan cyberattacks
4. D. When the user fads to perform jailbreaking or rooting, data security and privacy risks we increased

Correct Answer: C

- (Exam Topic 1)
Which of the following statements accurately describes the responsibility of the internal audit activity (IAA) regarding IT governance?
* 1. The IAA does not have any responsibility because IT governance is the responsibility of the board and senior management of the organization.
* 2. The IAA must assess whether the IT governance of the organization supports the organization’s strategies and objectives.
* 3. The IAA may assess whether the IT governance of the organization supports the organization’s strategies and objectives.
* 4. The IAA may accept requests from management to perform advisory services regarding how the IT governance of the organization supports the organization’s strategies and objectives.

1. A. 1 only
2. B. 4 only
3. C. 2 and 4
4. D. 3 and 4

Correct Answer: C