Answer / guest

Answer: A

The concept of piggybacking compromises all physical control
established. Choice B would be of minimal concern in a
disaster recovery environment. Items in choice C are not
easily duplicated. Regarding choice D, technology is
constantly changing but card keys have existed for some time
and appear to be a viable option for the foreseeable future.

An IS auditor should be able to identify and evaluate various types of risks and their potential effects. Which of the following risks is associated with authorized program exits (trap doors)? A. Inherent B. Detection C. Audit D. Error

2 Answers  

---

Which of the following controls would be the MOST comprehensive in a remote access network with multiple and diverse subsystems? A. Proxy server B. Firewall installation C. Network administrator D. Password implementation and administration

1 Answers  

---

There are several methods of providing telecommunications continuity. The method of routing traffic through split cable or duplicate cable facilities is: A. alternative routing. B. diverse routing. C. long-haul network diversity. D. last mile circuit protection.

1 Answers  

---

Which of the following types of transmission media provide the BEST security against unauthorized access? A. Copper wire B. Twisted pair C. Fiber-optic cables D. Coaxial cables

1 Answers  

---

52. Which of the following tests confirm that the new system can operate in its target environment?

1 Answers  

---

---

IS auditors reviewing access control should review data classification to ensure that encryption parameters are classified as: A. sensitive. B. confidential. C. critical. D. private.

1 Answers  

---

The purpose for requiring source code escrow in a contractual agreement is to: A. ensure the source code is available if the vendor ceases to exist. B. permit customization of the software to meet specified business requirements. C. review the source code for adequacy of controls. D. ensure the vendor has complied with legal requirements.

1 Answers  

---

In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems? A. Maintaining system software parameters B. Ensuring periodic dumps of transaction logs C. Ensuring grandfather-father-son file backups D. Maintaining important data at an off-site location

1 Answers  

---

A web-based bookstore has included the customer relationship management (CRM) system in its operations. An IS auditor has been assigned to perform a call center review. Which of the following is the MOST appropriate first step for the IS auditor to take? A. Review the company's performance since the CRM was implemented. B. Review the IT strategy. C. Understand the business focus of the bookstore. D. Interview salespeople and supervisors.

1 Answers  

---

An IS auditor, in evaluating proposed biometric control devices reviews the false rejection rates (FRRs), false acceptance rates (FARs) and equal error rates (ERRs) of three different devices. The IS auditor should recommend acquiring the device having the: A. least ERR. B. most ERR. C. least FRR but most FAR. D. least FAR but most FRR.

1 Answers  

---

During an audit of a telecommunications system the IS auditor finds that the risk of intercepting data transmitted to and from remote sites is very high. The MOST effective control for reducing this exposure is: A. encryption. B. callback modems. C. message authentication. D. dedicated leased lines.

2 Answers  

---

Which of the following is a management technique that enables organizations to develop strategically important systems faster while reducing development costs and maintaining quality? A. Function point analysis B. Critical path methodology C. Rapid application development D. Program evaluation review technique

1 Answers  

---