Which of the following is the PRIMARY safeguard for securing
software and data within an information processing facility?
A. Security awareness
B. Reading the security policy
C. Security committee
D. Logical access controls
- 1 Answers
- 7217 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
To retain a competitive advantage and to meet basic business
requirements, organizations must ensure the integrity of the
information stored on their computer systems, preserve the
confidentiality of sensitive data and ensure the continued
availability of their information systems. To meet these
goals logical access controls must be in place. Awareness
(choice A) itself does not protect against unauthorized
access or disclosure of information. Knowledge of an
information systems security policy (choice B), which should
be known by the organization's employees, would help to
protect information, but would not prevent the unauthorized
access of information. A security committee (choice C) is
key to the protection of information assets, but would
address security issues within a broader perspective.
| Is This Answer Correct ? | 6 Yes | 0 No |
When auditing the requirements phase of a software acquisition, the IS auditor should: A. assess the feasibility of the project timetable. B. assess the vendor?s proposed quality processes. C. ensure that the best software package is acquired. D. review the completeness of the specifications.
Which of the following logical access exposures involves changing data before, or as it is entered into the computer? A. Data diddling B. Trojan horse C. Worm D. Salami technique
The use of object-oriented design and development techniques would MOST likely: A. facilitate the ability to reuse modules. B. improve system performance. C. enhance control effectiveness. D. speed up the system development life cycle.
During which of the following steps in the business process reengineering should the benchmarking team visit the benchmarking partner? A. Observation B. Planning C. Analysis D. Adaptation
Which of the following is a threat? A. Lack of security B. Loss of goodwill C. Power outage D. Information services
The planning and monitoring of computer resources to ensure that they are being used efficiently and effectively is: A. hardware monitoring. B. capacity management. C. network management. D. job scheduling.
Which of the following business recovery strategies would require the least expenditure of funds? A. Warm site facility B. Empty shell facility C. Hot site subscription D. Reciprocal agreement
Which of the following environmental controls is appropriate to protect computer equipment against short-term reductions in electrical power? A. Power line conditioners B. A surge protective device C. An alternative power supply D. An interruptible power supply
Involvement of senior management is MOST important in the development of: A. strategic plans. B. IS policies. C. IS procedures. D. standards and guidelines.
Which of the following satisfies a two-factor user authentication? A. Iris scanning plus finger print scanning B. Terminal ID plus global positioning system (GPS) C. A smart card requiring the user's PIN D. User ID along with password
An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the: A. maintenance of access logs of usage of various system resources. B. authorization and authentication of the user prior to granting access to system resources. C. adequate protection of stored data on servers by encryption or other means. D. accountability system and the ability to identify any terminal accessing system resources.
Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same? A. A substantive test of program library controls B. A compliance test of program library controls C. A compliance test of the program compiler controls D. A substantive test of the program compiler controls
Cisco Certifications 
