Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor recommends that an initial validation control
be programmed into a credit card transaction capture
application. The initial validation process would MOST likely:
A. check to ensure the type of transaction is valid for that
card type.
B. verify the format of the number entered then locate it on
the database.
C. ensure that the transaction entered is within the
cardholder's credit limit.
D. confirm that the card is not shown as lost or stolen on
the master file.
- 1 Answers
- 9699 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
The initial validation should confirm whether the card is
valid. This validity is established through the card number
and PIN entered by the user. Based on this initial
validation, all other validations will proceed. A validation
control in data capture will ensure that the data entered is
valid (i.e., it can be processed by the system). If the data
captured in the initial validation is not valid (if the card
number or PIN do not match with the database), then the card
will be rejected or captured per the controls in place. Once
initial validation is completed, then other validations
specific to the card and cardholder would be performed.
| Is This Answer Correct ? | 8 Yes | 0 No |
Which of the following is a network architecture configuration that links each station directly to a main hub? A. Bus B. Ring C. Star D. Completed connected
Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure with digital certificates for its business-to-consumer transactions via the Internet? A. Customers are widely dispersed geographically, but not the certificate authorities. B. Customers can make their transactions from any computer or mobile device. C. The certificate authority has several data processing subcenters to administrate certificates. D. The organization is the owner of the certificate authority.
A digital signature contains a message digest to: A. show if the message has been altered after transmission. B. define the encryption algorithm. C. confirm the identity of the originator. D. enable message transmission in a digital format.
A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not adequately performing which of the following types of testing? A. Unit testing B. Integration testing C. Design walk-throughs D. Configuration management
Linux is an __________ operating system
The PRIMARY advantage of a continuous audit approach is that it: A. does not require an IS auditor to collect evidence on system reliability while processing is taking place. B. requires the IS auditor to review and follow up immediately on all information collected. C. can improve system security when used in time-sharing environments that process a large number of transactions. D. does not depend on the complexity of an organization's computer systems.
The BEST defense against network eavesdropping is: A. encryption. B. moving the defense perimeter outward. C. reducing the amplitude of the communication signal. D. masking the signal with noise.
An advantage of using sanitized live transactions in test data is that: A. all transaction types will be included. B. every error condition is likely to be tested. C. no special routines are required to assess the results. D. test transactions are representative of live processing.
A long-term IS employee with a strong technical background and broad managerial experience has applied for a vacant position in the IS audit department. Determining whether to hire this individual for this position should be based on the individual's experience and: A. the length of service since this will help ensure technical competence. B. age as training in audit techniques may be impractical. C. IS knowledge since this will bring enhanced credibility to the audit function. D. ability, as an IS auditor, to be independent of existing IS relationships.
An IS auditor attempting to determine whether access to program documentation is restricted to authorized persons would MOST likely: A. evaluate the record retention plans for off-premises storage. B. interview programmers about the procedures currently being followed. C. compare utilization records to operations schedules. D. review data file access records to test the librarian function.
Which of the following should be in place to protect the purchaser of an application package in the event that the vendor ceases to trade? A. Source code held in escrow. B. Object code held by a trusted third party. C. Contractual obligation for software maintenance. D. Adequate training for internal programming staff.
A dry-pipe fire extinguisher system is a system that uses: A. water, but in which water does not enter the pipes until a fire has been detected. B. water, but in which the pipes are coated with special watertight sealants. C. carbon dioxide instead of water. D. halon instead of water.
Cisco Certifications 
