Interested to Buy Any Domain ? << Click Here >> for more details...
The MAIN reason for requiring that all computer clocks across an organization be synchronized is to:
A. prevent omission or duplication of transactions.
B. ensure smooth data transition from client machines to servers.
C. ensure that email messages have accurate time stamps.
D. support the incident investigation process.
- 2 Answers
- 3238 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
The correct answer is D
A. The possibility of omission or duplication of transactions will not happen due to lack of clock synchronization.
B. Data transfer has nothing to do with the time stamp.
C. While the time stamp on an email may not be accurate, this is not a significant issue.
D. During an investigation of incidents, audit logs are used as evidence, and the time stamp information in them is useful. If the clocks are not synchronized, investigations will be more difficult because a time line of events occurring on different systems might not be easily established.
| Is This Answer Correct ? | 6 Yes | 0 No |
Which of the following is a control over component communication failure/errors? A. Restricting operator access and maintaining audit trails B. Monitoring and reviewing system engineering activity C. Providing network redundancy D. Establishing physical barriers to the data transmitted over the network
Which of the following BEST describes an integrated test facility? A. A technique that enables the IS auditor to test a computer application for the purpose of verifying correct processing B. The utilization of hardware and/or software to review and test the functioning of a computer system C. A method of using special programming options to permit printout of the path through a computer program taken to process a specific transaction D. A procedure for tagging and extending transactions and master records that are used by an IS auditor for tests
Which of the following would an IS auditor consider to be the MOST important when evaluating an organization's IS strategy? That it: A. has been approved by line management. B. does not vary from the IS department's preliminary budget. C. complies with procurement procedures. D. supports the business objectives of the organization.
A data warehouse is: A. object orientated. B. subject orientated. C. departmental specific. D. a volatile databases.
Applying a digital signature to data traveling in a network provides: A. confidentiality and integrity. B. security and nonrepudiation. C. integrity and nonrepudiation. D. confidentiality and nonrepudiation.
When evaluating the collective effect of preventive, detective or corrective controls within a process an IS auditor should be aware: A. of the point at which controls are exercised as data flows through the system. B. that only preventive and detective controls are relevant. C. that corrective controls can only be regarded as compensating. D. that classification allows an IS auditor to determine which controls are missing.
In the course of performing a risk analysis, an IS auditor has identified threats and potential impacts. Next, an IS auditor should: A. identify and assess the risk assessment process used by management. B. identify information assets and the underlying systems. C. disclose the threats and impacts to management. D. identify and evaluate the existing controls.
Which of the following would normally be found in application run manuals? A. Details of source documents B. Error codes and their recovery actions C. Program flowcharts and file definitions D. Change records for the application source code
The risk of an IS auditor using an inadequate test procedure and concluding that material errors do not exist when, in fact, they exist is:
IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.
While planning an audit, an assessment of risk should be made to provide: A. reasonable assurance that the audit will cover material items. B. definite assurance that material items will be covered during the audit work. C. reasonable assurance that all items will be covered by the audit. D. sufficient assurance that all items will be covered during the audit work.
Confidential data residing on a PC is BEST protected by: A. a password. B. file encryption. C. removable diskettes. D. a key operated power source.
Cisco Certifications 
