Interested to Buy Any Domain ? << Click Here >> for more details...
The IS department of an organization wants to ensure that
the computer files, used in the information processing
facility, are backed up adequately to allow for proper
recovery. This is a/an:
A. control procedure.
B. control objective.
C. corrective control.
D. operational control.
- 2 Answers
- 10155 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: B
IS control objectives specify the minimum set of controls to
ensure efficiency and effectiveness in the operations and
functions within an organization. Control procedures are
developed to provide reasonable assurance that specific
objectives will be achieved. A corrective control is a
category of controls, which aims to minimizing the threat
and/or remedy problems that were not prevented or were not
initially detected. Operational controls address the
day-to-day operational functions and activities, and aid in
ensuring that the operations are meeting the desired
business objectives.
| Is This Answer Correct ? | 10 Yes | 0 No |
Detection risk refers to: A. concluding that material errors do not exist, when in fact they do. B. controls that fail to detect an error. C. controls that detect high-risk errors. D. detecting an error but failing to report it.
A control that detects transmission errors by appending calculated bits onto the end of each segment of data is known as a: A. reasonableness check. B. parity check. C. redundancy check. D. check digits.
Which of the following types of firewalls would BEST protect a network from an Internet attack? A. Screened subnet firewall B. Application filtering gateway C. Packet filtering router D. Circuit-level gateway
When reviewing an organization's logical access security, which of the following would be of the MOST concern to an IS auditor? A. Passwords are not shared. B. Password files are encrypted. C. Redundant logon IDs are deleted. D. The allocation of logon IDs is controlled.
Which of the following would not prevent the loss of an asset but would assist in recovery by transferring part of the risk to a third party? A. Full system backups B. Insurance C. Testing D. Business impact analysis
The purpose of debugging programs is to: A. generate random data that can be used to test programs before implementing them. B. protect valid changes from being overwritten by other changes during programming. C. define the program development and maintenance costs to be include in the feasibility study. D. ensure that abnormal terminations and coding flaws are detected and corrected.
Which of the following provides nonrepudiation services for e-commerce transactions? A. Public key infrastructure (PKI) B. Data encryption standard (DES) C. Message authentication code (MAC) D. Personal identification number (PIN)
Which of the following BEST describes the objectives of following a standard system development methodology? A. To ensure that appropriate staffing is assigned and to provide a method of controlling costs and schedules B. To provide a method of controlling costs and schedules and to ensure communication among users, IS auditors, management and IS personnel C. To provide a method of controlling costs and schedules and an effective means of auditing project development D. To ensure communication among users, IS auditors, management and personnel and to ensure that appropriate staffing is assigned
E-cash is a form of electronic money that: A. can be used over any computer network. B. utilizes reusable e-cash coins to make payments. C. does not require the use of an Internet digital bank. D. contains unique serial numbering to track the identity of the buyer.
When auditing the proposed acquisition of a new computer system, the IS auditor should FIRST establish that: A. a clear business case has been approved by management. B. corporate security standards will be met. C. users will be involved in the implementation plan. D. the new system will meet all required user functionality.
Which of the following is the MOST critical for the successful implementation and maintenance of a security policy? A. Assimilation of the framework and intent of a written security policy by all appropriate parties B. Management support and approval for the implementation and maintenance of a security policy C. Enforcement of security rules by providing punitive actions for any violation of security rules D. Stringent implementation, monitoring and enforcing of rules by the security officer through access control software
Structured programming is BEST described as a technique that: A. provides knowledge of program functions to other programmers via peer reviews. B. reduces the maintenance time of programs by the use of small-scale program modules. C. makes the readable coding reflect as closely as possible the dynamic execution of the program. D. controls the coding and testing of the high-level functions of the program in the development process.
Cisco Certifications 
