Interested to Buy Any Domain ? << Click Here >> for more details...
The PRIMARY objective of a logical access controls review is to:
A. review access controls provided through software.
B. ensure access is granted per the organization's authorities.
C. walkthrough and assess access provided in the IT environment.
D. provide assurance that computer hardware is protected
adequately against abuse.
- 1 Answers
- 14585 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
The scope of a logical access controls review is primarily
to determine whether or not access is granted as per the
organization's authorizations. Choices A and C relate to
procedures of a logical access controls review, rather than
objectives. Choice D is relevant to a physical access
control review.
| Is This Answer Correct ? | 12 Yes | 1 No |
A database administrator is responsible for: A. maintaining the access security of data residing on the computers. B. implementing database definition controls. C. granting access rights to users. D. defining system's data structure.
Which of the following ensures completeness and accuracy of accumulated data? A. Processing control procedures B. Data file control procedures C. Output controls D. Application controls
An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity
Which of the following types of risks assumes an absence of compensating controls in the area being reviewed? A. Control risk B. Detection risk C. Inherent risk D. Sampling risk
For an online transaction processing system, transactions per second is a measure of: A. throughput. B. response time. C. turnaround time. D. uptime.
When using public key encryption to secure data being transmitted across a network: A. both the key used to encrypt and decrypt the data are public. B. the key used to encrypt is private, but the key used to decrypt the data is public. C. the key used to encrypt is public, but the key used to decrypt the data is private. D. both the key used to encrypt and decrypt the data are private.
A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it: A. can identify high-risk areas that might need a detailed review later. B. allows IS auditors to independently assess risk. C. can be used as a replacement for traditional audits. D. allows management to relinquish responsibility for control.
Which of the following hardware devices relieves the central computer from performing network control, format conversion and message handling tasks? A. Spool B. Cluster controller C. Protocol converter D. Front end processor
Which of the following functions, if combined, would be the GREATEST risk to an organization? A. Systems analyst and database administrator B. Quality assurance and computer operator C. Tape librarian and data entry clerk D. Application programmer and tape librarian
Which of the following sampling methods is MOST useful when testing for compliance? A. Attribute sampling B. Variable sampling C. Stratified mean per unit D. Difference estimation
Which of the following data validation edits is effective in detecting transposition and transcription errors? A. Range check B. Check digit C. Validity check D. Duplicate check
An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions should the IS auditor take? A. Personally delete all copies of the unauthorized software. B. Inform auditee of the unauthorized software, and follow up to confirm deletion. C. Report the use of the unauthorized software to auditee management and the need to prevent recurrence. D. Take no action, as it is a commonly accepted practice and operations management is responsible for monitoring such use.
Cisco Certifications 
