Which of the following is a benefit of using callback devices?
A. Provide an audit trail
B. Can be used in a switchboard environment
C. Permit unlimited user mobility
D. Allow call forwarding
- 2 Answers
- 17878 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
A callback feature hooks into the access control software
and logs all authorized and unauthorized access attempts,
permitting the follow-up and further review of potential
breaches. Call forwarding (choice D) is a means of
potentially bypassing callback control. By dialing through
an authorized phone number from an unauthorized phone
number, a perpetrator can gain computer access. This
vulnerability can be controlled through callback systems
that are available.
| Is This Answer Correct ? | 24 Yes | 0 No |
Answer / raj shekhar singh
B. Can be used in a switchboard environment
| Is This Answer Correct ? | 0 Yes | 4 No |
Receiving an EDI transaction and passing it through the communications interface stage usually requires: A. translating and unbundling transactions. B. routing verification procedures. C. passing data to the appropriate application system. D. creating a point of receipt audit log.
Many organizations require an employee to take a mandatory vacation (holiday) of a week or more to: A. ensure the employee maintains a quality of life, which will lead to greater productivity. B. reduce the opportunity for an employee to commit an improper or illegal act. C. provide proper cross training for another employee. D. eliminate the potential disruption caused when an employee takes vacation one day at a time.
A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it: A. can identify high-risk areas that might need a detailed review later. B. allows IS auditors to independently assess risk. C. can be used as a replacement for traditional audits. D. allows management to relinquish responsibility for control.
At the end of the testing phase of software development, an IS auditor observes that an intermittent software error has not been corrected. No action has been taken to resolve the error. The IS auditor should: A. report the error as a finding and leave further exploration to the auditee's discretion. B. attempt to resolve the error. C. recommend that problem resolution be escalated. D. ignore the error, as it is not possible to get objective evidence for the software error.
Which of the following is the MOST critical for the successful implementation and maintenance of a security policy? A. Assimilation of the framework and intent of a written security policy by all appropriate parties B. Management support and approval for the implementation and maintenance of a security policy C. Enforcement of security rules by providing punitive actions for any violation of security rules D. Stringent implementation, monitoring and enforcing of rules by the security officer through access control software
Which of the following sampling methods is MOST useful when testing for compliance? A. Attribute sampling B. Variable sampling C. Stratified mean per unit D. Difference estimation
Testing the connection of two or more system components that pass information from one area to another is: A. pilot testing. B. parallel testing C. interface testing. D. regression testing.
There are several methods of providing telecommunications continuity. The method of routing traffic through split cable or duplicate cable facilities is: A. alternative routing. B. diverse routing. C. long-haul network diversity. D. last mile circuit protection.
Which of the following is the FIRST step in a business process reengineering (BPR) project? A. Defining the areas to be reviewed B. Developing a project plan C. Understanding the process under review D. Reengineering and streamlining the process under review
Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure (PKI) with digital certificates for its business-to-consumer transactions via the Internet? A. Customers are widely dispersed geographically, but the certificate authorities (CAs) are not. B. Customers can make their transactions from any computer or mobile device. C. The CA has several data processing subcenters to administer certificates. D. The organization is the owner of the CA.
A company performs full backup of data and programs on a regular basis. The primary purpose of this practice is to: A. maintain data integrity in the applications. B. restore application processing after a disruption. C. prevent unauthorized changes to programs and data. D. ensure recovery of data processing in case of a disaster.
A vendor/contractor?s performance against service level agreements must be evaluated by the: A. customer. B. contractor. C. third-party. D. contractor?s management.
Cisco Certifications 
