Free IIA IIA-CIA-Part3 Practice Questions 2026 - Page 10

What is the primary purpose of data and systems backup?

A. To restore all data and systems immediately after the occurrence of an incident.

B. To set the maximum allowable downtime to restore systems and data after the occurrence of an incident.

C. To set the point in time to which systems and data must be recovered after the occurrence of an incident.

D. To restore data and systems to a previous point in time after the occurrence of an incident

In accounting, which of the following statements is true regarding the terms debit and credit?

A. Debit indicates the right side of an account and credit the left side

B. Debit means an increase in an account and credit means a decrease.

C. Credit indicates the right side of an account and debit the left side.

D. Credit means an increase in an account and debit means a decrease

Which of the following describes a third-party network that connects an organization specifically with its trading partners?

A. Value-added network (VAN).

B. Local area network (LAN).

C. Metropolitan area network (MAN).

D. Wide area network (WAN).

Which of the following physical access control is most likely to be based on ’’something you have" concept?

A. A retina characteristics reader

B. A P3M code reader

C. A card-key scanner

D. A fingerprint scanner

What is the primary purpose of an Integrity control?

A. To ensure data processing is complete, accurate, and authorized.

B. To ensure data being processed remains consistent and intact.

C. To ensure data being processed remains consistent and intact.

D. To ensure the output aligns with the intended result.

Which of the following situations best illustrates a "false positive" in the performance of a spam filter?

A. The spam filter removed Incoming communication that included certain keywords and domains.

B. The spam filter deleted commercial ads automatically, as they were recognized as unwanted.

C. The spam filter routed to the "junk|r folder a newsletter that appeared to include links to fake websites.

D. The spam filter blocked a fitness club gift card that coworkers sent to an employee for her birthday.

Which of the following risks would Involve individuals attacking an oil company's IT system as a sign of solidarity against drilling in a local area?

A. Tampering

B. Hacking

C. Phishing

D. Piracy

How do data analysis technologies affect internal audit testing?

A. They improve the effectiveness of spot check testing techniques.

B. They allow greater insight into high risk areas.

C. They reduce the overall scope of the audit engagement,

D. They increase the internal auditor's objectivity.

Which of the following is a likely result of outsourcing?

A. Increased dependence on suppliers.

B. Increased importance of market strategy.

C. Decreased sensitivity to government regulation

D. Decreased focus on costs

During disaster recovery planning, the organization established a recovery point objective. Which of the following best describes this concept?

A. The maximum tolerable downtime after the occurrence of an incident.

B. The maximum tolerable data loss after the occurrence of an incident.

C. The maximum tolerable risk related to the occurrence of an incident

D. The minimum recovery resources needed after the occurrence of an incident