Interested to Buy Any Domain ? << Click Here >> for more details...
The potential for unauthorized system access by way of
terminals or workstations within an organization's facility
is increased when:
A. connecting points are available in the facility to
connect laptops to the network.
B. users take precautions to keep their passwords confidential.
C. terminals with password protection are located in
unsecured locations.
D. terminals are located within the facility in small
clusters under the supervision of an administrator.
- 1 Answers
- 5297 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Any person with wrongful intentions can connect a laptop to
the network. The unsecured connecting points make
unauthorized access possible if the individual has knowledge
of a valid user id and password. The other choices are
controls for preventing unauthorized network access. If
system passwords are not readily available for intruders to
use, they must guess, which introduces an additional factor
and requires time. System passwords provide protection
against unauthorized use of terminals located in unsecured
locations. Supervision is a very effective control when used
to monitor access to a small operating unit or production
resources.
| Is This Answer Correct ? | 9 Yes | 0 No |
While copying files from a floppy disk a user introduced a virus into the network. Which of the following would MOST effectively detect the existence of the virus? A: A. scan of all floppy disks before use B. virus monitor on the network file server C. scheduled daily scan of all network drives D. virus monitor on the user's personal computer
When implementing and application software package, which of the following presents the GREATEST risk? A. Uncontrolled multiple software versions B. Source programs that are not synchronized with object code C. Incorrectly set parameters D. Programming errors
Information requirement definitions, feasibility studies and user requirements are significant considerations when: A. defining and managing service levels. B. identifying IT solutions. C. managing changes. D. assessing internal IT control.
Which of the following is an objective of a control self-assessment (CSA) program? A. Audit responsibility enhancement B. Problem identification C. Solution brainstorming D. Substitution for an audit
An installed Ethernet cable run in an unshielded twisted pair (UTP) network is more than 100 meters long. Which of the following could be caused by the length of the cable? A. Electromagnetic interference (EMI) B. Cross talk C. Dispersion D.Attenuation
When planning an audit of a network set up, the IS auditor should give highest priority to obtaining which of the following network documentation? A. Wiring and schematic diagram B. Users list and responsibilities C. Applications list and their details D. Backup and recovery procedures
Which of the following BEST describes the early stages of an IS audit? A. Observing key organizational facilities. B. Assessing the IS environment. C. Understanding business process and environment applicable to the review. D. Reviewing prior IS audit reports.
A disaster recovery plan (DRP) for an organization should: A. reduce the length of the recovery time and the cost of recovery. B. increase the length of the recovery time and the cost of recovery. C. reduce the duration of the recovery time and increase the cost of recovery. D. not affect the recovery time nor the cost of recovery.
The MAJOR concern for an IS auditor when reviewing an organization's business process reengineering (BRP) efforts is: A. cost overrun of the project. B. employees resistance to change. C. key controls may be removed from a business process. D. lack of documentation of new processes.
The PRIMARY purpose of undertaking a parallel run of a new system is to: A. verify that the system provides required business functionality. B. validate the operation of the new system against its predecessor. C. resolve any errors in the program and file interfaces. D. verify that the system can process the production load.
An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The IS auditor's report should recommend that: A. the deputy CEO be censured for his failure to approve the plan. B. a board of senior managers be set up to review the existing plan. C. the existing plan be approved and circulated to all key management and staff. D. a manager coordinate the creation of a new or revised plan within a defined time limit.
Which of the following are data file controls? A. Internal and external labeling B. Limit check and logical relationship checks C. Total items and hash totals D. Report distribution procedures
Cisco Certifications 
