The implementation of cost-effective controls in an automated system is ultimately the responsibility of the: A. system administrator. B. quality assurance function. C. business unit management. D. chief of internal audit.

Which of the following alternative business recovery strategies would be LEAST appropriate for an organization with a large database and online communications network environment? A. Hot site B. Cold site C. Reciprocal agreement D. Dual information processing facilities

When a new system is to be implemented within a short time frame, it is MOST important to: A. finish writing user manuals. B. perform user acceptance testing. C. add last-minute enhancements to functionalities. D. ensure that code has been documented and reviewed.

The corporate office of a company having branches worldwide, developed a control self-assessment program (CSA) for all its offices. Which of the following is the MOST important requirement for a successful CSA? A. Skills of the workshop facilitator B. Simplicity of the questionnaire C. Support from the audit department D. Involvement of line managers

To make an electronic funds transfer (EFT), one employee enters the amount field and another employee reenters the same data again, before the money is transferred. The control adopted by the organization in this case is: A. sequence check. B. key verification. C. check digit. D. completeness check.

Which of the following data entry controls provides the GREATEST assurance that the data is entered correctly? A. Using key verification B. Segregating the data entry function from data entry verification C. Maintaining a log/record detailing the time, date, employee's initials/user id and progress of various data preparation and verification tasks D. Adding check digits

The most common reason for the failure of information systems to meet the needs of users is that: A. user needs are constantly changing. B. the growth of user requirements was forecast inaccurately. C. the hardware system limits the number of concurrent users. D. user participation in defining the system's requirements was inadequate.

LANs: A. protect against virus infection. B. protect against improper disclosure of data. C. provide program integrity from unauthorized changes. D. provide central storage for a group of users.

A PING command is used to measure: A. attenuation. B. throughput. C. delay distortion. D. latency.

Which of the following exposures could be caused by a line-grabbing technique? A. Unauthorized data access B. Excessive CPU cycle usage C. Lockout of terminal polling D. Multiplexor control dysfunction

Samsung,

A debugging tool, which reports on the sequence of steps executed by a program, is called a/an: A. output analyzer. B. memory dump. C. compiler. D. logic path monitor.

The BEST overall quantitative measure of the performance of biometric control devices is: A. false rejection rate. B. false acceptance rate. C. equal error rate. D. estimated error rate.

Which of the following would be the LEAST important aspect of a business continuity plan? A. Redundant facilities B. Relocation procedures C. Adequate insurance coverage D. Current and available business continuity manual

Which of the following tasks is normally performed by a clerk in the control group? A. Maintenance of an error log B. Authorization of transactions C. Control of noninformation systems assets D. Origination of changes to master files

Which of the following is the MOST important objective of data protection? A. Identifying persons who need access to information B. Ensuring the integrity of information C. Denying or authorizing access to the IS system D. Monitoring logical accesses