Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

Which of the following would an IS auditor consider a
weakness when performing an audit of an organization that
uses a public key infrastructure with digital certificates
for its business-to-consumer transactions via the Internet?

A. Customers are widely dispersed geographically, but not
the certificate authorities.

B. Customers can make their transactions from any computer
or mobile device.

C. The certificate authority has several data processing
subcenters to administrate certificates.

D. The organization is the owner of the certificate authority.

Question Posted / guest


Which of the following would an IS auditor consider a weakness when performing an audit of an organ..

Answer / guest

Answer: D

If the certificate authority belongs to the same
organization, this would generate a conflict of interest. If
a customer wanted to repudiate a transaction, he/she could
allege that there exists an unlawful agreement between the
parties generating the certificates, because of the shared
interests. If a customer wanted to repudiate a transaction,
he/she could believe that there exists a bribery between the
parties to generate the certificates, as there exist shared
interests. The other options are not weaknesses.

Is This Answer Correct ?    5 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Confidential data residing on a PC is BEST protected by: A. a password. B. file encryption. C. removable diskettes. D. a key operated power source.

1 Answers  

Disaster recovery planning for a company's computer system usually focuses on: A. operations turnover procedures. B. strategic long-range planning. C. the probability that a disaster will occur. D. alternative procedures to process transactions.

1 Answers  

A network diagnostic tool that monitors and records network information is a/an: A. online monitor. B. downtime report. C. help desk report. D. protocol analyzer.

1 Answers  

The implementation of cost-effective controls in an automated system is ultimately the responsibility of the: A. system administrator. B. quality assurance function. C. business unit management. D. chief of internal audit.

1 Answers  

Which of the following would be included in an IS strategic plan?

7 Answers   Deloitte,

Utilizing audit software to compare the object code of two programs is an audit technique used to test program: A. logic. B. changes. C. efficiency. D. computations.

2 Answers  

An organization acquiring other businesses continues using its legacy EDI systems, and uses three separate value added network (VAN) providers. No written VAN agreements exist. The IS auditor should recommend that management: A. obtain independent assurance of the third party service providers. B. set up a process for monitoring the service delivery of the third party. C. ensure that formal contracts are in place. D. consider agreements with third party service providers in the development of continuity plans.

1 Answers  

Which of the following manages the digital certificate life cycle to ensure adequate security and controls exist in digital signature applications related to e-commerce? A. Registration authority B. Certification authority C. Certification relocation list D. Certification practice statement

1 Answers  

Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.

1 Answers  

An organization is experiencing a growing backlog of undeveloped applications. As part of a plan to eliminate this backlog, end-user computing with prototyping, supported by the acquisition of an interactive application generator system is being introduced. Which of the following areas is MOST critical to the ultimate success of this venture? A. Data control B. Systems analysis C. Systems programming D. Application programming

1 Answers  

Which of the following is the MOST important reason for an IS auditor to be involved in a system development project? A. Evaluate the efficiency of resource utilization. B. Develop audit programs for subsequent audits of the system. C. Evaluate the selection of hardware to be used by the system. D. Ensure that adequate controls are built into the system during development.

1 Answers  

Compensating controls are intended to: A. reduce the risk of an existing or potential control weakness. B. predict potential problems before they occur. C. remedy problems discovered by detective controls. D. report errors or omissions.

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)