Which of the following is a threat?
A. Lack of security
B. Loss of goodwill
C. Power outage
D. Information services
Answer / guest
Answer: C
Threats, such as a power outage, are possible sources of
danger to the assets of an organization. Lack of security is
a vulnerability. Vulnerabilities are a set of circumstances
susceptible to attack. Loss of goodwill is an impact.
Information services are assets, vulnerable to threats and
the resulting impacts.
Is This Answer Correct ? | 2 Yes | 0 No |
Access rules normally are included in which of the following documentation categories? A. Technical reference documentation B. User manuals C. Functional design specifications D. System development methodology documents
Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly? A. Field checks B. Control totals C. Reasonableness checks D. A before-and-after maintenance report
The initial step in establishing an information security program is the: A. development and implementation of an information security standards manual. B. performance of a comprehensive security control review by the IS auditor. C. adoption of a corporate information security policy statement. D. purchase of security access control software.
An organization is moving its application maintenance in-house from an outside source. Which of the following should be the main concern of an IS auditor? A. Regression testing B. Job scheduling C. User manuals D. Change control procedures
Which of the following is the MOST effective technique for providing security during data transmission? A. Communication log B. Systems software log C. Encryption D. Standard protocol
During which of the following steps in the business process reengineering should the benchmarking team visit the benchmarking partner? A. Observation B. Planning C. Analysis D. Adaptation
Which of the following Internet security threats could compromise integrity? A. Theft of data from the client B. Exposure of network configuration information C. A trojan horse browser D. Eavesdropping on the net
A primary reason for an IS auditor's involvement in the development of a new application system is to ensure that: A. adequate controls are built into the system. B. user requirements are satisfied by the system. C. sufficient hardware is available to process the system. D. data are being developed for pre-implementation testing of the system.
What type of transmission requires modems? A. Encrypted B. Digital C. Analog D. Modulated
Accountability for the maintenance of appropriate security measures over information assets resides with the: A. security administrator. B. systems administrator. C. data and systems owners. D. systems operations group.
An independent software program that connects two otherwise separate applications sharing computing resources across heterogeneous technologies is known as: A. middleware. B. firmware. C. application software. D. embedded systems.
Neural networks are effective in detecting fraud because they can: A. discover new trends since they are inherently linear. B. solve problems where large and general sets of training data are not obtainable. C. attack problems that require consideration of a large number of input variables. D. make assumptions about the shape of any curve relating variables to the output.