IIA IIA-CIA-Part3 Übungsprüfungen
Zuletzt aktualisiert am 24.04.2025- Prüfungscode: IIA-CIA-Part3
- Prüfungsname: CIA Exam Part Three: Business Knowledge for Internal Auditing
- Zertifizierungsanbieter: IIA
- Zuletzt aktualisiert am: 24.04.2025
Which of the following is a cybersecurity monitoring activity intended to deter disruptive codes from being installed on an organizations systems?
- A . Boundary defense
- B . Malware defense.
- C . Penetration tests
- D . Wireless access controls
Which of the following is an effective preventive control for data center security?
- A . Motion detectors.
- B . Key card access to the facility.
- C . Security cameras.
- D . Monitoring access to data center workstations
Which of the following statements distinguishes a router from a typical switch?
- A . A router operates at layer two. while a switch operates at layer three of the open systems interconnection model.
- B . A router transmits data through frames, while a switch sends data through packets.
- C . A router connects networks, while a switch connects devices within a network.
- D . A router uses a media access control address during the transmission of data, whie a switch uses an internet protocol address.
An organization is considering integration of governance, risk., and compliance (GRC) activities into a centralized technology-based resource.
In implementing this GRC resource, which of the following is a key enterprise governance concern that should be fulfilled by the final product?
- A . The board should be fully satisfied that there is an effective system of governance in place through accurate, quality information provided.
- B . Compliance, audit, and risk management can find and seek efficiencies between their functions through integrated information reporting.
- C . Key compliance and risk metrics can be tracked and compared throughout the enterprise, aiding in identifying problem departments.
- D . Data analytics can be utilized for trending of the data to ensure that patterns and ongoing monitoring occurs throughout the organization.
When evaluating the help desk services provided by a third-party service provider which of the following is likely to be the internal auditor’s greatest concern?
- A . Whether every call that the service provider received was logged by the help desk.
- B . Whether a unique identification number was assigned to each issue identified by the service provider
- C . Whether the service provider used its own facilities to provide help desk services
- D . Whether the provider’s responses and resolutions were well defined according to the service-level agreement.
What kind of strategy would be most effective for an organization to adopt in order to Implement a unique advertising campaign for selling identical product lines across all of its markets?
- A . Export strategy.
- B . Transnational strategy
- C . Multi-domestic strategy
- D . Globalization strategy
According to The IIA’s Three Lines Model, which of the following IT security activities is commonly shared by all three lines?
- A . Assessments of third parties and suppliers.
- B . Recruitment and retention of certified IT talent.
- C . Classification of data and design of access privileges.
- D . Creation and maintenance of secure network and device configuration.
According to 11A guidance on IT, which of the following spreadsheets is most likely to be considered a high-risk user-developed application?
- A . A revenue calculation spreadsheet supported with price and volume reports from the production department.
- B . An asset retirement calculation spreadsheet comprised of multiple formulas and assumptions.
- C . An ad-hoc inventory listing spreadsheet comprising details of written-off inventory quantities.
- D . An accounts receivable reconciliation spreadsheet used by the accounting manager to verify balances
A large retail customer made an offer to buy 10.000 units at a special price of $7 per unit. The manufacturer usually sells each unit for §10, Variable Manufacturing costs are 55 per unit and fixed manufacturing costs are $3 per unit.
For the manufacturer to accept the offer, which of the following assumptions needs to be true?
- A . Fixed and Variable manufacturing costs are less than the special offer selling price.
- B . The manufacturer can fulfill the order without expanding the capacities of the production facilities.
- C . Costs related to accepting this offer can be absorbed through the sale of other products.
- D . The manufacturer’s production facilities are currently operating at full capacity.
Which of the following situations best applies to an organisation that uses a project, rather than a process, to accomplish its business activities?
- A . Clothing company designs, makes, and sells a new item.
- B . A commercial construction company is hired to build a warehouse.
- C . A city department sets up a new firefighter training program.
- D . A manufacturing organization acquires component parts from a contracted vendor