試験準備には欠かさない!IIA-CIA-Part3-3P問題解答でIIA-CIA-Part3-3P試験問題集
リアルIIA IIA-CIA-Part3-3P試験問題 [更新されたのは2023年]
質問 # 292
According to IIA guidance, which of the following statements is true regarding analytical procedures?
- A. Analytical procedures are intended primarily to ensure the accuracy of the information being examined.
- B. Analytical procedures can be used to identify unexpected differences but cannot be used to identify the absence of differences
- C. Data relationships cannot include comparisons between operational and statistical data
- D. Data relationships are assumed to exist and to continue where no known conflicting conditions exist.
正解:D
質問 # 293
The economic order quantity can be calculated using the following formula:
Which of the following describes how the optimal order size will change if the annual demand increases by 36 percent?
- A. Increase by about 7 percent.
- B. Decrease by about 17 percent.
- C. Decrease by about 7 percent.
- D. Increase by about 17 percent.
正解:D
質問 # 294
Which of the following statements is true regarding change management?
- A. To protect the production environment, changes must be managed in a repeatable, defined, and predictable manner.
- B. Program changes generally are developed and tested in the production environment.
- C. The degree of risk associated with a proposed change determines whether the change request requires authorization.
- D. Changes are only required by software programs.
正解:A
解説:
Reference:
%20Success_2nd%20ed.pdf
質問 # 295
When developing an effective risk-based plan to determine audit priorities, an internal audit activity should start by:
- A. Prioritizing known risks.
- B. Identifying risks to the organization's operations.
- C. Observing and analyzing controls.
- D. Reviewing organizational objectives.
正解:D
質問 # 296
Which of the following statements is true regarding user-developed applications (UDAs)?
- A. UDAs typically are subjected to application development and change management controls.
- B. Updating UDAs may lead to various errors resulting from changes or corrections.
- C. UDAs are less flexible and more difficult to configure than traditional IT applications.
- D. Using UDAs typically enhances the organization's ability to comply with regulatory factors.
正解:B
質問 # 297
According to the waterfall cycle approach to systems development, which of the following sequence of events is correct?
- A. System requirements, software design, analysis, program design, coding, testing, operations.
- B. System requirements, analysis, coding, software design, program design, testing, operations.
- C. Program design, system requirements, software design, analysis, coding, testing, operations.
- D. System requirements, software design, analysis, program design, testing, coding, operations.
正解:A
質問 # 298
Which of me following statements is most accurate concerning me management and audit of a web server?
- A. Secure protocols for confidential pages should be used instead of clear-text protocol such as HTTP or FTP
- B. The file transfer protocol (FTP) should always be enabled
- C. The number of ports and protocols allowed to access the web server should be maximized
- D. The simple mail transfer protocol (SMTP) should be operating under me most privileged accounts
正解:A
質問 # 299
Division A produces a product with a variable cost of $5 per unit and an allocated fixed cost of $3 per unit The market price of the product is $15 plus 20% selling cost. Division B currently purchases this product from an external supplier but is going to purchase it from division A for $18 Which of the following methods of transfer pricing is being used?
- A. Full absorption cost
- B. Market price.
- C. Negotiation-based.
- D. Variable cost
正解:B
質問 # 300
Which of the following is an example of a phishing attack?
- A. An employee receives an email that appears to be from the organization's bank, though it is not. The employee replies to the email and sends the requested confidential information.
- B. An organization's systems have been compromised by malicious software. The software locks the organization's operating system until d ransom is paid.
- C. An organization's website has been hacked. The hacker added political content that is not consistent with the organization's views.
- D. An organization's communication systems have been intercepted. A communication session is controlled by an unauthorized third party.
正解:A
質問 # 301
Which of me following storage options would give the organization the best chance of recovering data?
- A. Encrypted copies of the data are stored in a separate secure location a few hours away while the encryption keys are stored at the organization and are readily available
- B. Encrypted physical copies of the data and their encryption keys are stored together at the organization and are readily available upon request
- C. Encrypted reports on usage and database structure changes are stored on a cloud-based. secured database that is readily accessible
- D. Encrypted physical copies of the data are stored separately from their encryption keys and both are held in secure locations a few hours away from me organization
正解:A
質問 # 302
According to the Standards, the internal audit activity must evaluate risk exposures relating to which of the following when examining an organization's risk management process?
1) Organizational governance.
2) Organizational operations.
3) Organizational information systems.
4) Organizational structure.
- A. 1, 2, and 4 only
- B. 2 and 4 only
- C. 1 and 3 only
- D. 1, 2, and 3 only
正解:D
質問 # 303
Which of the following is a strategy that organizations can use to stimulate innovation?
1) Source from the most advanced suppliers.
2) Establish employee programs that reward initiative.
3) Identify best practice competitors as motivators.
4) Ensure that performance targets are always achieved.
- A. 1, 2, 3, and 4
- B. 2 and 4 only
- C. 1 and 3 only
- D. 1, 2, and 3 only
正解:D
質問 # 304
Which of the following statements is true concerning the basic accounting treatment of a partnership?
- A. The ownership ratio identifies the basis for dividing net income and net loss.
- B. The basis for sharing net incomes or net losses must be fixed.
- C. A partner's capital only changes due to net income or net loss.
- D. The initial investment of each partner should be recorded at book value.
正解:A
質問 # 305
According to IIA guidance, which of the following is a primary component of a network security strategy?
- A. Application input controls
- B. Transmission encryption controls
- C. Change management controls
- D. Firewall controls.
正解:D
質問 # 306
Which of the following is the best reason for considering the acquisition of a nondomestic organization?
- A. Opportunity to influence local government policy.
- B. Increased diversity of corporate culture.
- C. Relatively fast market entry.
- D. Improved cash flow of the acquiring organization.
正解:C
質問 # 307
Which of the following options correctly defines a transmission control protocol/Internet protocol (TCP/IP)?
- A. A standardized set of guidelines that facilitates communication between computers on different networks.
- B. System software that acts as an interface between a user and a computer.
- C. A network of servers used to control a variety of mission-critical operations.
- D. System software that translates hypertext markup language to allow users to view a remote webpage.
正解:A
質問 # 308
The head of the research and development department at a manufacturing organization believes that his team lacks expertise in some areas, and he decides to hire more experienced researchers to assist in the development of a new product. Which of the following variances are likely to occur as the result of this decision?
1) Favorable labor efficiency variance.
2) Adverse labor rate variance.
3) Adverse labor efficiency variance.
4) Favorable labor rate variance.
- A. 2 and 3.
- B. 1 and 2.
- C. 3 and 4.
- D. 1 and 4.
正解:B
質問 # 309
According to Porter's model of competitive strategy, which of the following is a generic strategy?
1 Differentiation.
2) Competitive advantage.
3) Focused differentiation.
4) Cost focus.
- A. 1, 3, and 4 only
- B. 1, 2, 3, and 4
- C. 2 only
- D. 3 and 4 only
正解:A
質問 # 310
Which of the following professional organizations sets standards for quality and environmental audits?
- A. The International Standards Organization.
- B. The International Organization of Supreme Audit Institutions.
- C. The Board of Environmental, Health, and Safety Auditor Certifications.
- D. The Committee of Sponsoring Organizations of the Treadway Commission.
正解:A
質問 # 311
An employee's mobile device used for work was stolen in a home burglary.
Which control, if already implemented by the organization, would best prevent unauthorized access to organizational data stored on the employee's device?
- A. Access control via passcode authentication.
- B. Access control via biometric authentication.
- C. Access control via swipe pattern authentication.
- D. Access control via security question authentication.
正解:B
質問 # 312
Which of the following purchasing scenarios would gain the greatest benefit from implementing electronic data interchange?
- A. A time-sensitive just-in-time purchase environment.
- B. A variable volume sensitive to material cost.
- C. A large volume of custom purchases.
- D. A currently inefficient purchasing process.
正解:A
質問 # 313
Which of the following is an element of effective negotiating?
- A. Focusing on interests rather than on obtaining a winning position.
- B. Basing the agreement on negotiating power and positioning leverage.
- C. Considering a few select choices during the settlement phase.
- D. Ensuring that the other party has a personal stake in the agreement.
正解:A
質問 # 314
Which of the following is an example of a physical control designed to prevent security breaches?
- A. Preventing database administrators from initiating program changes.
- B. Restricting system programmers' access to database facilities.
- C. Using encryption for data transmitted over the public internet.
- D. Blocking technicians from getting into the network room.
正解:B
質問 # 315
......
IIA-CIA-Part3-3P合格させる試験問題集には更新されたのは2023年:https://www.jpntest.com/shiken/IIA-CIA-Part3-3P-mondaishu