Interested to Buy Any Domain ? << Click Here >> for more details...
If an application program is modified and proper system
maintenance procedures are in place, which of the following
should be tested? The:
A. integrity of the database
B. access controls for the applications programmer
C. complete program, including any interface systems
D. segment of the program containing the revised code
- 1 Answers
- 6304 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The complete program with all interfaces needs to be tested
to determine the full impact of a change to program code.
Usually the more complex the program, the more testing required.
| Is This Answer Correct ? | 8 Yes | 0 No |
In a risk-based audit approach, an IS auditor, in addition to risk, would be influenced by: A. the availability of CAATs. B. management's representation. C. organizational structure and job responsibilities. D. the existence of internal and operational controls
An IS auditor has just completed a review of an organization that has a mainframe and a client-server environment where all production data reside. Which of the following weaknesses would be considered the MOST serious? A. The security officer also serves as the database administrator (DBA.) B. Password controls are not administered over the client/server environment. C. There is no business continuity plan for the mainframe system?s non-critical applications. D. Most LANs do not back up file server fixed disks regularly.
Without compensating controls, which of the following functions would represent a risk if combined with that of a system analyst? A. Application programming B. Data entry C. Quality assurance D. Database administrator
At the end of the testing phase of software development, an IS auditor observes that an intermittent software error has not been corrected. No action has been taken to resolve the error. The IS auditor should: A. report the error as a finding and leave further exploration to the auditee's discretion. B. attempt to resolve the error. C. recommend that problem resolution be escalated. D. ignore the error, as it is not possible to get objective evidence for the software error.
The window of time recovery of information processing capabilities is based on the: A. criticality of the processes affected. B. quality of the data to be processed. C. nature of the disaster. D. applications that are mainframe based.
When developing a risk management program, the FIRST activity to be performed is a/an: A. threats assessment. B. classification of data. C. inventory of assets. D. criticality analysis.
In a risk-based audit approach, an IS auditor should FIRST complete :
Which of the following is a check (control) for completeness? A. Check digits B. Parity bits C. One-for-one checking D. Prerecorded input
Which of the following is an example of a passive attack, initiated through the Internet? A. Traffic analysis B. Masquerading C. Denial of service D. E-mail spoofing
Compensating controls are intended to: A. reduce the risk of an existing or potential control weakness. B. predict potential problems before they occur. C. remedy problems discovered by detective controls. D. report errors or omissions.
To develop a successful business continuity plan, end user involvement is critical during which of the following phases? A. Business recovery strategy B. Detailed plan development C. Business impact analysis D. Testing and maintenance
Which of these has the potential to improve security incident response processes? A. Review the incident response procedures. B. Post-mortem or post-event reviews by the security team. C. Getting the hot-site ready. D. Reviw the BCP plan every six months
Cisco Certifications 
