2026年国际注册信息系统审计师(CISA)资格考试(英文版)精选模拟试题及答案五(1月5日)
2026/1/5
来源:易考吧
导语
2026年国际注册信息系统审计师(CISA)资格考试(英文版)精选模拟试题及答案五,更多模拟试题,请访问易考吧国际内审师考试网
2026年国际注册信息系统审计师(CISA)资格考试(英文版)精选模拟试题及答案五
1). An IS auditor discovers that a developer has used the same key to grant access to multiple applications making calls to an application programming interface (API).Which of the following is the BEST recommendation to address this situation? ( )
A.Implement a process to expire the API key after a previously a greed-upon period of time
B.Replace the API key with time- limited tokens that grant least privilege access
C.Coordinate an API key rotation exercise with all impacted application owners
D.Authorize the API key to allow read-only access by all applications
正确答案:B
2). Which of the following techniques cannot be used in all phases of a system development life cycle?( )
A.Prototyping
B.Reviews
C.Simulation
D.Walkthroughs
正确答案:A
1). An IS auditor discovers that a developer has used the same key to grant access to multiple applications making calls to an application programming interface (API).Which of the following is the BEST recommendation to address this situation? ( )
A.Implement a process to expire the API key after a previously a greed-upon period of time
B.Replace the API key with time- limited tokens that grant least privilege access
C.Coordinate an API key rotation exercise with all impacted application owners
D.Authorize the API key to allow read-only access by all applications
正确答案:B
2). Which of the following techniques cannot be used in all phases of a system development life cycle?( )
A.Prototyping
B.Reviews
C.Simulation
D.Walkthroughs
正确答案:A
