Answer / guest

Answer: D

It is essential for the maintenance and control of software
that change control procedures be in place. Regression
testing is done after changes are made to the software, and
since the software already is being used, the job schedule
must be in place and may be reviewed later. This change does
not affect user manuals and any associated risks.

Answer / guest

D. Change control procedures

Which of the following IS functions may be performed by the same individual, without compromising on control or violating segregation of duties? A. Job control analyst and applications programmer B. Mainframe operator and system programmer C. Change/problem and quality control administrator D. Applications and system programmer

4 Answers  

---

Prices are charged on the basis of a standard master file rate that changes as volume increases. Any exceptions must be manually approved. What is the MOST effective automated control to help ensure that all price exceptions are approved? A. All amounts are displayed back to the data entry clerk, who must verify them visually. B. Prices outside the normal range should be entered twice to verify data entry accuracy. C. The system beeps when price exceptions are entered and prints such occurrences on a report. D. A second-level password must be entered before a price exception can be processed.

1 Answers  

---

Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.

2 Answers  

---

Congestion control is BEST handled by which OSI layer? A. Data link B. Session layer C. Transport layer D. Network layer

3 Answers  

---

Which of the following processes describes risk assessment? Risk assessment is: A. subjective. B. objective. C. mathematical. D. statistical.

1 Answers  

---

---

Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.

1 Answers  

---

A LAN administrator normally would be restricted from: A. having end-user responsibilities. B. reporting to the end-user manager. C. having programming responsibilities. D. being responsible for LAN security administration.

2 Answers  

---

The planning and monitoring of computer resources to ensure that they are being used efficiently and effectively is: A. hardware monitoring. B. capacity management. C. network management. D. job scheduling.

1 Answers  

---

Which of the following is a feature of an intrusion detection system (IDS)? A. Gathering evidence on attack attempts B. Identifying weakness in the policy definition C. Blocking access to particular sites on the Internet D. Preventing certain users from accessing specific servers

1 Answers  

---

An IS auditor has recently discovered that because of a shortage of skilled operations personnel, the security administrator has agreed to work one late-night shift a month as the senior computer operator. The MOST appropriate course of action for the IS auditor is to: A. advise senior management of the risk involved. B. agree to work with the security officer on these shifts as a form of preventative control. C. develop a computer-assisted audit technique to detect instances of abuses of this arrangement. D. review the system log for each of the late-night shifts to determine whether any irregular actions occurred.

1 Answers  

---

Antivirus software should be used as a: A. detective control. B. preventive control. C. corrective control. D. compensating control.

1 Answers  

---

Which of the following would BEST provide assurance of the integrity of new staff? A) Background screening B)References C) Bonding D)Qualifications listed on resume

4 Answers  

---