Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following BEST provides access control to
payroll data being processed on a local server?
A. Logging of access to personal information
B. Separate password for sensitive transactions
C. Software restricts access rules to authorized staff
D. System access restricted to business hours
- 1 Answers
- 12886 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The server and system security should be defined to allow
only authorized staff access to information about the staff
whose records they handle on a day to day basis. Choice A is
a good control in that it will allow access to be analyzed
if there is concern that there is unauthorized access.
However, it will not prevent access. Choice B, restricting
access to sensitive transactions, will only restrict access
to part of the data. It will not prevent access to other
data. Choice D, system access restricted to business hours,
only restricts when unauthorized access can occur, and would
not prevent such access at other times.
| Is This Answer Correct ? | 7 Yes | 0 No |
Which of the following would an IS auditor place LEAST reliance on when determining management's effectiveness in communicating information systems policies to appropriate personnel? A. Interviews with user and IS personnel B. Minutes of IS steering committee meetings C. User department systems and procedures manuals D.Information processing facilities operations and procedures manuals
Which of the following BEST describes the early stages of an IS audit? A. Observing key organizational facilities. B. Assessing the IS environment. C. Understanding business process and environment applicable to the review. D. Reviewing prior IS audit reports.
An IS auditor's MAJOR concern as a result of reviewing a business process reengineering (BPR) project should be whether the: A. newly designed business process has key controls in place. B. changed process will affect organization structure, finances and personnel. C. roles for suppliers have been redefined. D. process has been documented before and after reengineering.
A programmer included a routine into a payroll application to search for his/her own payroll number. As a result, if this payroll number does not appear during the payroll run, a routine will generate and place random numbers onto every paycheck. This routine is known as: A. scavenging. B. data leakage. C. piggybacking. D. a trojan horse.
Which of the following offsite information processing facility conditions would cause an IS auditor the GREATEST concern? The facility A. is identified clearly on the outside with the company name. B. is located more than an hour driving distance from the originating site. C. does not have any windows to let in natural sunlight. D. entrance is located in the back of the building rather than the front.
There are several methods of providing telecommunications continuity. The method of routing traffic through split cable or duplicate cable facilities is: A. alternative routing. B. diverse routing. C. long-haul network diversity. D. last mile circuit protection.
LANs: A. protect against virus infection. B. protect against improper disclosure of data. C. provide program integrity from unauthorized changes. D. provide central storage for a group of users.
IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.
Receiving an EDI transaction and passing it through the communications interface stage usually requires: A. translating and unbundling transactions. B. routing verification procedures. C. passing data to the appropriate application system. D. creating a point of receipt audit log.
The IS auditor learns that when equipment was brought into the data center by a vendor, the emergency power shutoff switch was accidentally pressed and the UPS was engaged. Which of the following audit recommendations should the IS auditor suggest? A. Relocate the shut off switch. B. Install protective covers. C. Escort visitors. D. Log environmental failures.
Which of the following network configuration options contains a direct link between any two host machines? A. Bus B. Ring C. Star D. Completely connected (mesh)
What is a risk associated with attempting to control physical access to sensitive areas, such as computer rooms, through card keys, locks, etc.? A. Unauthorized individuals wait for controlled doors to open and walk in behind those authorized. B. The contingency plan for the organization cannot effectively test controlled access practices. C. Access cards, keys, and pads can be easily duplicated allowing easy compromise of the control. D. Removing access for people no longer authorized is complex.
Cisco Certifications 
