The key difference between a microwave radio system and a satellite radiolink system is that: A. microwave uses line-of-sight and satellite uses transponders during transmission. B. microwave operates through transponders placed on the earth's orbit. C. satellite uses line-of-sight during transmission. D. microwave uses fiber optic cables.

Which of the following provisions in a contract for external information systems services would an IS auditor consider to be LEAST significant? A. Ownership of program and files B. Statement of due care and confidentiality C. Continued service of outsourcer in the event of a disaster D. Detailed description of computer hardware used by the vendor

Of the following, the MAIN purpose for periodically testing offsite backup facilities is to: A. ensure the integrity of the data in the database. B. eliminate the need to develop detailed contingency plans. C. ensure the continued compatibility of the contingency facilities. D. ensure that program and system documentation remains current.

An IS auditor performing an application maintenance audit would review the log of program changes for the: A. authorization for program changes. B. creation date of a current object module. C. number of program changes actually made. D. creation date of a current source program.

A digital signature contains a message digest to: A. show if the message has been altered after transmission. B. define the encryption algorithm. C. confirm the identity of the originator. D. enable message transmission in a digital format.

Facilitating telecommunications continuity by providing redundant combinations of local carrier T-1 lines, microwaves and/or coaxial cables to access the local communication loop is: A. last mile circuit protection. B. long haul network diversity. C. diverse routing. D. alternative routing.

Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.

To prevent unauthorized entry to the data maintained in a dial-up fast response system, an IS auditor should recommend: A. online terminals be placed in restricted areas. B. online terminals be equipped with key locks. C. ID cards be required to gain access to online terminals. D. online access be terminated after three unsuccessful attempts.

Which of the following controls would be the MOST comprehensive in a remote access network with multiple and diverse subsystems? A. Proxy server B. Firewall installation C. Network administrator D. Password implementation and administration

In planning a software development project, which of the following is the MOST difficult to determine? A. Project slack times B. The project's critical path C. Time and resource requirements for individual tasks D. Relationships that preclude the start of an activity before others are complete

Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with an organization's change control procedures? A. Review software migration records and verify approvals. B. Identify changes that have occurred and verify approvals. C. Review change control documentation and verify approvals. D. Ensure that only appropriate staff can migrate changes into production.

When reviewing a system development project an IS auditor would be PRIMARILY concerned with whether: A. business objectives are achieved. B. security and control procedures are adequate. C. the system utilizes the strategic technical infrastructure. D. development will comply with the approved quality management processes

Which of the following audit procedures would MOST likely be used in an audit of a systems development project? A. Develop test transactions B. Use code comparison utilities C. Develop audit software programs D. Review functional requirements documentation

Which of the following is the MOST secure and economical method for connecting a private network over the Internet in a small- to medium-sized organization? A. Virtual private network B. Dedicated line C. Leased line D. Integrated services digital network

Which of the ISO/OSI model layers provides for routing packets between nodes? A. Data link B. Network C. Transport D. Session

Network,