IS auditors, in performing detailed network assessments and
access control reviews should FIRST:
A. determine the points of entry.
B. evaluate users access authorization.
C. assess users identification and authorization.
D. evaluate the domain-controlling server configuration.
Which of the following is MOST directly affected by network
performance monitoring tools?
A. Integrity
B. Availability
C. Completeness
D. Confidentiality
Which of the following is the MOST important function to be
performed by IS management when a service has been outsource?
A. Ensuring that invoices are paid to the provider
B. Participating in systems design with the provider
C. Renegotiating the provider's fees
D. Monitoring the outsourcing provider's performance
A database administrator is responsible for:
A. maintaining the access security of data residing on the
computers.
B. implementing database definition controls.
C. granting access rights to users.
D. defining system's data structure.
Which of the following controls would BEST detect intrusion?
A. User ids and user privileges are granted through
authorized procedures.
B. Automatic logoff is used when a workstation is inactive
for a particular period of time.
C. Automatic logoff of the system after a specified number
of unsuccessful attempts.
D. Unsuccessful logon attempts are monitored by the security
administrator.
An IS auditor is assigned to help design the data security
aspects of an application under development. Which of the
following provides the MOST reasonable assurance that
corporate assets are protected when the application is
certified for production?
A. A review conducted by the internal auditor
B. A review conducted by the assigned IS auditor
C. Specifications by the user on the depth and content of
the review
D. An independent review conducted by another equally
experienced IS auditor
Which of the following would an IS auditor consider a
weakness when performing an audit of an organization that
uses a public key infrastructure with digital certificates
for its business-to-consumer transactions via the Internet?
A. Customers are widely dispersed geographically, but not
the certificate authorities.
B. Customers can make their transactions from any computer
or mobile device.
C. The certificate authority has several data processing
subcenters to administrate certificates.
D. The organization is the owner of the certificate authority.
Which of the following represents the GREATEST risk created
by a reciprocal agreement for disaster recovery made between
two companies?
A. Developments may result in hardware and software
incompatibility.
B. Resources may not be available when needed.
C. The recovery plan cannot be tested.
D. The security infrastructures in each company may be
different.
If a database is restored using before-image dumps, where
should the process be restarted following an interruption?
A. Before the last transaction
B. After the last transaction
C. The first transaction after the latest checkpoint
D. The last transaction before the latest checkpoint
Birth date and marriage date items were switched while
entering data. Which of the following data validation checks
could detect this?
A. Logical relationship
B. Sequence
C. Reasonableness
D. Validity
When developing a risk management program, the FIRST
activity to be performed is a/an:
A. threats assessment.
B. classification of data.
C. inventory of assets.
D. criticality analysis.
Which of the following is the initial step in creating a
firewall policy?
A. A cost-benefits analysis of methods for securing the
applications
B. Identification of network applications to be externally
accessed
C. Identification of vulnerabilities associated with network
applications to be externally accessed
D. Creation of an applications traffic matrix showing
protection methods
Which of the following is a role of an IS steering committee?
A. Initiate computer applications.
B. Ensure efficient use of data processing resources.
C. Prepare and monitor system implementation plans.
D. Review the performance of the systems department.
An advantage of the use of hot sites as a backup alternative
is that:
A. the costs associated with hot sites are low.
B. hot sites can be used for an extended amount of time.
C. hot sites can be made ready for operation within a short
period of time.
D. they do not require that equipment and systems software
be compatible with the primary site.
i would like to learn free fluent english by online is
this possible? could you gime some usefull websites to my
mail id nagesh.iloveu64@yahoo.com
27
Anyone tried these SAP CERTIFICATION AND INTERVIEW QUESTIONS?
http://sapqanda.blogspot.com
36
hi! can anyone tel me is it worth doing IBM CEIS
certification course?? will it help me for a bright
career?? I'm looking forward to join tat but want some
advice?? so guys pls reply back ..
30
i want jetking model papers
plz send me or tell where to get them.
bharat.rathii@gmail.com
47
How to get ADS backup in windows 2003 server
25
Hi i m a pst graduate in commerce and having wotking exp
more than 3 yrs in bpo sector (web based) my company moved
my self to software testing, i m not sure whether i should
continue there or not also i knoe this is better career opp
for me in software testing, can u people pls guide me for a
gud sotware testing institute which can provide gud
training, located in delhi (pref west delhi or in south
delhi)
42
hi i done IBM AS/400 course .....i want to certification any
one can information about that and material of soft copy for
that....please its urgent
Hi, I am going to appear for ITIL V3 exam..........Can
anyone share the dumps for this exam with me.......Its very
urgrnt...Please help
31
Hi there,
I am planning to take up CSTE exams next quarter. Could
some one guide me on how long do I need to prepare before I
take up the exams. Also do fwd me the study material that
would assist me prepare for the exams. It is also fine if
you could let me know where do i get the best study
material for the exams.
My emial is novfeb.jwm@gmail.com
Thanks much!
5
Is any Certification courses available for COBOL?
7
What is the diffrent between.
1Normal backup
2Dally backup
3Copy backup
4Differential backup
5Incremental Backup
22
do RECRUITERS HAVE ANY CERTIFICATIONS, IF SO WHAT ARE THERE?
Murali Raju
I would also be intrested in persuing qtp certification
could you send me the tutorial . My email is
nikhilaram@gmailcom. Can you also let me know where i can
get the certification details like fees and the center
information.
Thanks
Nikhila.
I am currently into Telecom Testing doing some Protocol-
level testing(SIP,SS7,CAP protocols) and some Black-Box
testing.Is there any certifications which I can do related
to this?
Did you received any Funny E-Mails from your Friends and like to share with rest of our friends? Yeah!! you can post that stuff 
Site Map