Interested to Buy Any Domain ? << Click Here >> for more details...
Accountability for the maintenance of appropriate security
measures over information assets resides with the:
A. security administrator.
B. systems administrator.
C. data and systems owners.
D. systems operations group.
- 2 Answers
- 9259 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: C
Management should ensure that all information assets (data
and systems) have an appointed owner who makes decisions
about classification and access rights. System owners
typically delegate day-to-day custodianship to the systems
delivery/operations group and security responsibilities to a
security administrator. Owners, however, remain accountable
for the maintenance of appropriate security measures.
| Is This Answer Correct ? | 8 Yes | 0 No |
Answer / guest
Security administrator should take enough care to ensure
that the information is in a safe zone.
| Is This Answer Correct ? | 1 Yes | 3 No |
Which of the following is the FIRST thing an IS auditor should do after the discovery of a trojan horse program in a computer system? A. Investigate the author. B. Remove any underlying threats. C. Establish compensating controls. D. Have the offending code removed.
The document used by the top management of organizations to delegate authority to the IS audit function is the: A. long-term audit plan. B. audit charter. C. audit planning methodology. D. steering committee minutes.
WHICH OF THE FOLLOWING IS OFTEN AN ADVANTAGE OF USING PROTOTYPING GOR DYDTEM DVELOPMENT
An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions should the IS auditor take? A. Personally delete all copies of the unauthorized software. B. Inform auditee of the unauthorized software, and follow up to confirm deletion. C. Report the use of the unauthorized software to auditee management and the need to prevent recurrence. D. Take no action, as it is a commonly accepted practice and operations management is responsible for monitoring such use.
Passwords should be: A. assigned by the security administrator. B. changed every 30 days at the discretion of the user. C. reused often to ensure the user does not forget the password. D. displayed on the screen so that the user can ensure that it has been entered properly.
The role of IT auditor in complying with the Management Assessment of Internal Controls (Section 404 of the Sarbanes-Oxley Act) is: A. planning internal controls B. documenting internal controls C. designing internal controls D. implementing internal controls
A referential integrity constraint consists of: A. ensuring the integrity of transaction processing. B. ensuring that data are updated through triggers. C. ensuring controlled user updates to database. D. rules for designing tables and queries.
Information for detecting unauthorized input from a terminal would be BEST provided by the: A. console log printout. B. transaction journal. C. automated suspense file listing. D. user error report.
Which of the following programs would a sound information security policy MOST likely include to handle suspected intrusions? A. Response B. Correction C. Detection D. Monitoring
Peer reviews to detect software errors during a program development activity are called: A. emulation techniques. B. structured walk-throughs. C. modular program techniques. D. top-down program construction.
When reviewing the implementation of a LAN the IS auditor should FIRST review the: A. node list. B. acceptance test report. C. network diagram. D. user's list.
Which of the following would an IS auditor place LEAST reliance on when determining management's effectiveness in communicating information systems policies to appropriate personnel? A. Interviews with user and IS personnel B. Minutes of IS steering committee meetings C. User department systems and procedures manuals D.Information processing facilities operations and procedures manuals
Cisco Certifications 
