Exam Dumps IIA-CIA-Part3-3P Practice Free Latest IIA Practice Tests [Q288-Q313]

Share

Exam Dumps IIA-CIA-Part3-3P Practice Free Latest IIA Practice Tests

IIA-CIA-Part3-3P Exam Questions | Real IIA-CIA-Part3-3P Practice Dumps


IIA-CIA-Part3-3P exam is a computer-based exam that consists of 100 multiple-choice questions. You will have 2.5 hours to complete the exam. IIA-CIA-Part3-3P exam is administered by Pearson VUE, a computer-based testing company. IIA-CIA-Part3-3P exam is available in English and several other languages. IIA-CIA-Part3-3P exam is a rigorous test of your knowledge and skills, and passing it requires a deep understanding of the concepts and principles covered in the exam.

 

NEW QUESTION # 288
An internal auditor reviewed Finance Department records to obtain a list of current vendor addresses The auditor then compared the vendor addresses to a record of employee addresses maintained by the Payroll Department Which of the following types of data analysis did the auditor perform?

  • A. Joining data sources
  • B. Duplicate testing.
  • C. Classification
  • D. Gap analysis

Answer: A


NEW QUESTION # 289
Which of the following statements is true regarding user-developed applications (UDAs) and traditional IT applications?

  • A. Unlike traditional IT applications, UDAs typically are developed with little consideration of controls.
  • B. A UDA usually includes system documentation to illustrate its functions, and IT-developed applications typically do not require such documentation.
  • C. UDAs and traditional IT applications typically follow a similar development life cycle.
  • D. IT testing personnel usually review both types of applications thoroughly to ensure they were developed properly.

Answer: D


NEW QUESTION # 290
An internal auditor for a pharmaceutical company is planning a cybersecurity audit and conducting a risk assessment.
Which of the following would be considered the most significant cyber threat to the organization?

  • A. Hackers breaching the organization's network to access research and development reports.
  • B. Cybercriminals hacking into the organization's time and expense system to collect employee personal data.
  • C. A denial-of-service attack that prevents access to the organization's website.
  • D. A hacker accessing the financial information of the company.

Answer: D


NEW QUESTION # 291
Which of the following controls would be the most effective in preventing the disclosure of an organization's confidential electronic information?

  • A. Limited access to information based on employee duties
  • B. Logs of user activity within the information system
  • C. Non-disclosure agreements between the firm and its employees
  • D. Two-factor authentication for access into the information system

Answer: C


NEW QUESTION # 292
Which of me following is applicable to both a job order cost system and a process cost system?

  • A. Three manufacturing cost elements are tracked direct materials direct labor and manufacturing overhead.
  • B. Total manufacturing costs are determined at the end of each period.
  • C. Costs are summarized in a production cost repot for each department
  • D. The unit cost can be calculated by dividing the total manufacturing costs for the period by the units produced during the period

Answer: A


NEW QUESTION # 293
An organization with global headquarters in the United States has subsidiaries in eight other nations. If the organization operates with an ethnocentric attitude, which of the following statements is true?

  • A. Standards used for evaluation and control are determined at local subsidiaries, not set by headquarters.
  • B. There is a significant amount of collaboration between headquarters and subsidiaries.
  • C. People of local nationality are developed for the best positions within their own country
  • D. Orders, commands and advice are sent to the subsidiaries from headquarters.

Answer: D


NEW QUESTION # 294
Which of the following is an example of a phishing attack?

  • A. An employee receives an email that appears to be from the organization's bank, though it is not. The employee replies to the email and sends the requested confidential information.
  • B. An organization's systems have been compromised by malicious software. The software locks the organization's operating system until d ransom is paid.
  • C. An organization's communication systems have been intercepted. A communication session is controlled by an unauthorized third party.
  • D. An organization's website has been hacked. The hacker added political content that is not consistent with the organization's views.

Answer: A


NEW QUESTION # 295
Which of the following is an example of internal auditors applying data mining techniques for exploratory purposes?

  • A. Internal auditors perform reconciliation procedures to support an external audit of financial reporting.
  • B. Internal auditors test IT general controls with regard to operating effectiveness versus design.
  • C. Internal auditors perform a risk assessment to identify potential audit subjects as input for the annual internal audit plan.
  • D. Internal auditors perform a systems-focused analysis to review relevant controls.

Answer: D


NEW QUESTION # 296
Which of the following is a security feature that involves the use of hardware and software to fitter or prevent specific information from moving between the outside network and the outside network?

  • A. Authorization
  • B. Architecture model
  • C. Firewall
  • D. Virtual private network

Answer: C


NEW QUESTION # 297
According to the International Professional Practices Framework, internal auditors who are assessing the adequacy of organizational risk management processes should not:

  • A. Recognize that organizations use different techniques for managing risk.
  • B. Determine and accept the level of risk for the organization.
  • C. Treat the evaluation of risk management processes differently from the risk analysis used to plan audit engagements.
  • D. Seek assurance that the key objectives of the risk management processes are being met.

Answer: B


NEW QUESTION # 298
Senior management is trying to decide whether to use the direct write-off or allowance method for recording bad debt on accounts receivables.
Which of the following would be the best argument for using the direct write-off method?

  • A. It is the preferred method according to The IIA.
  • B. It provides a better alignment with revenue.
  • C. It is useful when losses are considered insignificant.
  • D. It states receivables at net realizable value on the balance sheet.

Answer: B


NEW QUESTION # 299
Which of the following distinguishes the added-value negotiation method from traditional negotiating methods?

  • A. Each party adopts one initial position from which to start.
  • B. Each party's negotiator presents a menu of options to the other party.
  • C. Each negotiator starts with an offer, which is optimal from the negotiator's perspective.
  • D. Each negotiator minimizes the information provided to the other party.

Answer: B


NEW QUESTION # 300
When is an organic organizational structure likely to be more successful than a mechanistic organizational structure?

  • A. When a manufacturer has reliable resources and suppliers
  • B. When an organization is subjected to strong political and social pressures
  • C. When a manufacturing organization has stable demand for its products.
  • D. When an organization is infrequently affected by technological advances

Answer: D


NEW QUESTION # 301
Which of the following is an example of an application control?

  • A. User testing of system changes
  • B. System data backup process
  • C. Formatted data fields
  • D. Automated password change requirements

Answer: C


NEW QUESTION # 302
Which of the following is a typical example of structured data?

  • A. Sales reports documented in word processing software.
  • B. Production information maintained in relational tables.
  • C. Tweets and posts of users on social media.
  • D. Photos and videos stored in hard drive catalogs.

Answer: B


NEW QUESTION # 303
A remote location contains a data center with hardware available to support critical production systems as required in the recovery plan IT personnel periodically test and update systems at the data center. This is an example of which of the following recovery solutions?

  • A. Tested recovery plan
  • B. Critical recovery plan
  • C. Cold recovery plan
  • D. Warm recovery plan

Answer: D


NEW QUESTION # 304
Which of the following statements about mentoring is true?
1) Mentoring can be used effectively for increasing employee retention
2) Mentoring can be used effectively in reducing employees frustration.
3) Mentoring can be used effectively for increasing organization communication.
4) Mentoring can be used effectively as a short term activity consisting of instruction and training

  • A. 1. 2 and 4 only
  • B. 1,2. 3, and 4
  • C. 1 2. and 3 only.
  • D. 1, 3. and 4 only.

Answer: C


NEW QUESTION # 305
Which of the following statements is true regarding an organization's servers?

  • A. Servers manage the interconnectivity of system hardware devices in the information system.
  • B. Servers manage the data stored in databases residing on the information system.
  • C. Servers enforce access controls between networks transmitting data on the information system
  • D. Servers optimize data processing by sharing it with other computers on the information system

Answer: A


NEW QUESTION # 306
An organization has instituted a bring-your-own-device (BYOD) work environment Which of the following policies best addresses the increased risk to the organization's network incurred by this environment?

  • A. Ensure that relevant access to key applications is strictly controlled through an approval and review process
  • B. Institute detection and authentication controls for all devices used for network connectivity and data storage
  • C. Limit the use of the employee devices for personal use to mitigate the risk of exposure to organizational data.
  • D. Use management software to scan and then prompt patch reminders when devices connect to the network

Answer: B


NEW QUESTION # 307
An organization produces two products, X and Y.
The materials used for the production of both products are limited to 500 kilograms (kg) per month.
All other resources are unlimited and their costs are fixed. Individual product details are as follows:
Product X
Product Y
Selling price per unit
$10
$13
Materials per unit (at $1/kg)
2 kg
6 kg
Monthly demand
100 units
120 units
In order to maximize profit, how much of product Y should the organization produce each month?

  • A. 60 units.
  • B. 50 units.
  • C. 100 units.
  • D. 120 units.

Answer: B


NEW QUESTION # 308
A manager at a publishing company received an email that appeared to be from one of her vendors with an attachment that contained malware embedded in an Excel spreadsheet. When the spreadsheet was opened, the cybercriminal was able to attack the company's network and gain access to an unpublished and highly anticipated book.
Which of the following controls would be most effective to prevent such an attack?

  • A. Monitoring network traffic.
  • B. Educating employees throughout the company to recognize phishing attacks.
  • C. Restricting access and blocking unauthorized access to the network.
  • D. Using whitelists and blacklists to manage network traffic.

Answer: B


NEW QUESTION # 309
According to IIA guidance, which of the following statements is true with regard to workstation computers that access company information stored on the network?

  • A. Particular attention should be paid to housing workstations away from environmental hazards.
  • B. With security risks near an all-time high workstations should not be connected to the company network
  • C. individual workstation computer controls are not as important as companywide server controls.
  • D. Cybersecurity issues can be controlled at an enterprise level making workstation level controls redundant

Answer: A


NEW QUESTION # 310
An employee's mobile device used for work was stolen in a home burglary.
Which control, if already implemented by the organization, would best prevent unauthorized access to organizational data stored on the employee's device?

  • A. Access control via swipe pattern authentication.
  • B. Access control via passcode authentication.
  • C. Access control via security question authentication.
  • D. Access control via biometric authentication.

Answer: D


NEW QUESTION # 311
The cost to enter a foreign market would be highest in which of the following methods of global expansion?

  • A. Joint ventures.
  • B. Licensing.
  • C. Exporting.
  • D. Overseas production.

Answer: D


NEW QUESTION # 312
An internal auditor computed that one of the organization's accounting divisions is processing 30 travel reports per hour while another accounting division is processing 22 travel reports per hour.
Which of the following efficiency measures did the internal auditor most likely employ?

  • A. Asset efficiency rate.
  • B. Resource utilization rate.
  • C. Operating rate.
  • D. Productivity rate.

Answer: D


NEW QUESTION # 313
......


IIA-CIA-Part3-3P exam is a computer-based test and consists of 100 multiple-choice questions. Candidates have 2.5 hours to complete the exam, and the passing score is 600 out of 800. IIA-CIA-Part3-3P exam is available in several languages, including English, Spanish, French, Russian, and Chinese, among others.

 

Verified IIA-CIA-Part3-3P Exam Dumps Q&As - Provide IIA-CIA-Part3-3P with Correct Answers: https://www.topexamcollection.com/IIA-CIA-Part3-3P-vce-collection.html

Pass Your IIA-CIA-Part3-3P Dumps Free Latest IIA Practice Tests: https://drive.google.com/open?id=1o4lEJtdE_x4B_pbJpZcwuyS-TGpkLoBW