Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor is reviewing the database administration
function to ascertain whether adequate provision has been
made for controlling data. The IS auditor should determine
that the:
A. function reports to data processing operations.
B. responsibilities of the function are well defined.
C. database administrator is a competent systems programmer.
D. audit software has the capability of efficiently
accessing the database.
- 1 Answers
- 7287 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
The IS auditor should determine that the responsibilities of
the database administration function are not only well
defined but also assure that the database administrator
(DBA) reports directly to the IS manager or executive to
provide independence, authority and responsibility. The DBA
should not report to either data processing operations or
systems development management. The DBA need not be a
competent systems programmer. Choice D is not as important
as choice A.
| Is This Answer Correct ? | 1 Yes | 0 No |
Which of the following should be of MOST concern to an IS auditor? A. Lack of reporting of a successful attack on the network B. Failure to notify police of an attempted intrusion C. Lack of periodic examination of access rights D. Lack of notification to the public of an intrusion
52. Which of the following tests confirm that the new system can operate in its target environment?
Where adequate segregation of duties between operations and programming are not achievable, the IS auditor should look for: A. compensating controls. B. administrative controls. C. corrective controls. D. access controls.
An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls? A. Allow changes to be made only with the DBA user account. B. Make changes to the database after granting access to a normal user account C. Use the DBA user account to make changes, log the changes and review the change log the following day. D. Use the normal user account to make changes, log the changes and review the change log the following day.
As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard-copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following are necessary to restore these files? A. The previous day's backup file and the current transaction tape B. The previous day's transaction file and the current transaction tape C. The current transaction tape and the current hard-copy transaction log D. The current hard-copy transaction log and the previous day's transaction file
Electromagnetic emissions from a terminal represent an exposure because they: A. affect noise pollution. B. disrupt processor functions. C. produce dangerous levels of electric current. D. can be detected and displayed.
Which of the following concerns associated with the World Wide Web would be addressed by a firewall? A. Unauthorized access from outside the organization B. Unauthorized access from within the organization C. A delay in Internet connectivity D. A delay in downloading using file transfer protocol (FTP)
An IS auditor has recently discovered that because of a shortage of skilled operations personnel, the security administrator has agreed to work one late-night shift a month as the senior computer operator. The MOST appropriate course of action for the IS auditor is to: A. advise senior management of the risk involved. B. agree to work with the security officer on these shifts as a form of preventative control. C. develop a computer-assisted audit technique to detect instances of abuses of this arrangement. D. review the system log for each of the late-night shifts to determine whether any irregular actions occurred.
Which of the following environmental controls is appropriate to protect computer equipment against short-term reductions in electrical power? A. Power line conditioners B. A surge protective device C. An alternative power supply D. An interruptible power supply
Which of these has the potential to improve security incident response processes? A. Review the incident response procedures. B. Post-mortem or post-event reviews by the security team. C. Getting the hot-site ready. D. Reviw the BCP plan every six months
A strength of an implemented quality system based on ISO 9001 is that it: A. guarantees quality solutions to business problems. B. results in improved software life cycle activities. C. provides clear answers to questions concerning cost-effectiveness. D. does not depend on the maturity of the implemented quality system.
Which of the following BEST describes an IT department?s strategic planning process? A. The IT department will have either short-range or long-range plans depending on the organization?s broader plans and objectives. B. The IT department?s strategic plan must be time and project oriented, but not so detailed as to address and help determine priorities to meet business needs. C. Long-range planning for the IT department should recognize organizational goals, technological advances and regulatory requirements. D. Short-range planning for the IT department does not need to be integrated into the short-range plans of the organization since technological advances will drive the IT department plans much quicker than organizational plans.
Cisco Certifications 
