Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor when reviewing a network used for Internet
communications, will FIRST examine the:
A. validity of passwords change occurrences.
B. architecture of the client-server application.
C. network architecture and design.
D. firewall protection and proxy servers.
- 1 Answers
- 8088 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The first step in auditing a network is to understand the
network architecture and design. This would provide an
overall picture of the network of the enterprises and its
connectivity. This will be starting point for identifying
the various layers of information and the access
architecture across the various layers, such as proxy
servers, firewalls and client/server application. Reviewing
validity of password changes would be performed as part of
substantive testing.
| Is This Answer Correct ? | 8 Yes | 1 No |
Which of the following is a control over database administration activities? A. A database checkpoint to restart processing after a system failure B. Database compression to reduce unused space C. Supervisory review of access logs D. Backup and recovery procedures to ensure database availability
Many IT projects experience problems because the development time and/or resource requirements are underestimated. Which of the following techniques would provide the GREATEST assistance in developing an estimate of project duration? A. Function point analysis B. PERT chart C. Rapid application development D. Object-oriented system development
Which of the following imaging technologies captures handwriting from a preprinted form and converts it into an electronic format? A. Magnetic ink character recognition (MICR) B. Intelligent voice recognition (IVR) C. Bar code recognition (BCR) D. Optical character recognition (OCR)
While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/back up at an offsite location would be: A. shadow file processing. B. electronic vaulting. C. hard-disk mirroring. D. hot-site provisioning.
The device that connects two networks at the highest level of the ISO-OSI framework ( i.e., application layer) is a A. Gateway B. Router C. Bridge D. Brouter
The IS auditor learns that when equipment was brought into the data center by a vendor, the emergency power shutoff switch was accidentally pressed and the UPS was engaged. Which of the following audit recommendations should the IS auditor suggest? A. Relocate the shut off switch. B. Install protective covers. C. Escort visitors. D. Log environmental failures.
An IS auditor needs to link his/her microcomputer to a mainframe system that uses binary synchronous data communications with block data transmission. However, the IS auditor's microcomputer, as presently configured, is capable of only asynchronous ASCII character data communications. Which of the following must be added to the IS auditor's computer to enable it to communicate with the mainframe system? A. Buffer capacity and parallel port B. Network controller and buffer capacity C. Parallel port and protocol conversion D. Protocol conversion and buffer capability
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
Various standards have emerged to assist IS organizations in achieving an operational environment that is predictable, measurable and repeatable. The standard that provides the definition of the characteristics and the associated quality evaluation process to be used when specifying the requirements for and evaluating the quality of software products throughout their life cycle is: A. ISO 9001. B. ISO 9002. C. ISO 9126. D. ISO 9003.
A decision support system (DSS): A. is aimed at solving highly structured problems. B. combines the use of models with nontraditional data access and retrieval functions. C. emphasizes flexibility in the decision making approach of users. D. supports only structured decision-making tasks.
The process of using interpersonal communication skills to get unauthorized access to company assets is called: A. wire tapping. B. trap doors. C. war dialing. D. social engineering.
Responsibility and reporting lines cannot always be established when auditing automated systems since: A. diversified control makes ownership irrelevant. B. staff traditionally change jobs with greater frequency. C. ownership is difficult to establish where resources are shared. D. duties change frequently in the rapid development of technology.
Cisco Certifications 
