Involvement of senior management is MOST important in the development of: A. strategic plans. B. IS policies. C. IS procedures. D. standards and guidelines.1 6829
Which of the following would an IS auditor expect to find in a console log? A. Names of system users B. Shift supervisor identification C. System errors D. Data edit errors1 5023
Which of the following is the MOST effective means of determining which controls are functioning properly in an operating system? A. Consulting with the vendor B. Reviewing the vendor installation guide C. Consulting with the system programmer D. Reviewing the system generation parameters1 5050
Analysis of which of the following would MOST likely enable the IS auditor to determine if a non-approved program attempted to access sensitive data? A. Abnormal job termination reports B. Operator problem reports C. System logs D. Operator work schedules1 2622
A tax calculation program maintains several hundred tax rates. The BEST control to ensure that tax rates entered into the program are accurate is: A. an independent review of the transaction listing. B. a programmed edit check to prevent entry of invalid data. C. programmed reasonableness checks with 20 percent data entry range. D. a visual verification of data entered by the processing department.1 3012
An advantage of using sanitized live transactions in test data is that: A. all transaction types will be included. B. every error condition is likely to be tested. C. no special routines are required to assess the results. D. test transactions are representative of live processing.1 11231
Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.2 2835
Which of the following user profiles should be of MOST concern to the IS auditor, when performing an audit of an EFT system? A. Three users with the ability to capture and verifiy their own messages B. Five users with the ability to capturr and send their own messages C. Five users with the ability to verificy other users and to send of their own messages D. Three users with the ability to capture and verifiy the messages of other users and to send their own messages1 4005
Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster? A. The alternate facility will be available until the original information processing facility is restored. B. User management was involved in the identification of critical systems and their associated critical recovery times. C. Copies of the plan are kept at the homes of key decision making personnel. D. Feedback to management assuring them that the business continuity plans are indeed workable and that the procedures are current.1 3874
Which of the following types of firewalls provide the GREATEST degree and granularity of control? A. Screening router B. Packet filter C. Application gateway D. Circuit gateway1 9758
Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users? A. System analysis B. Authorization of access to data C. Application programming D. Data administration1 3218
Which of the following is the PRIMARY reason for involving an IS auditor in the definition of a system's requirements? A. Post-application reviews do not need to be performed. B. Total budgeted system development costs can be reduced. C. It is costly to institute controls after a system becomes operational. D. The extent of user involvement in design activities is reduced.1 2230
The primary purpose of an audit charter is to: A. document the audit process used by the enterprise. B. formally document the audit department's plan of action. C. document a code of professional conduct for the auditor. D. describe the authority and responsibilities of the audit department.1 8422
An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the: A. maintenance of access logs of usage of various system resources. B. authorization and authentication of the user prior to granting access to system resources. C. adequate protection of stored data on servers by encryption or other means. D. accountability system and the ability to identify any terminal accessing system resources.
In regard to moving an application program from the test environment to the production environment, the BEST control would be provided by having the: A. application programmer copy the source program and compiled object module to the production libraries. B. as paul says, C. production control group compile the object module to the production libraries using the source program in the test environment. D. production control group copy the source program to the production libraries and then compile the program.1 2820
What is Transport and Tunnel mode?
How do you go to privileged mode? How do you switch back to user mode?
Can you explain PPP protocol?
What is the function of the Application Layer in networking?
hi! can anyone tel me is it worth doing IBM web sphere certification from reliance global services Hyderabad?
i would like to learn free fluent english by online is this possible? could you gime some usefull websites to my mail id firstname.lastname@example.org
Hi Friends, plz tell me wht is the fee for IBM Cog-612 exam i.e for Report Authors
Hi Everybody, I am planning to write the ISTQB certification in Toronto. Can any one send the ISTQB foundation level book for 2013 exam?
In Linux . for example some is entered in ur server or system they made some changes in ur server or system . how can u check that user activity . he already applied #history -c . how can u check that user activity
What do you mean by Port Mirroring?
I am selected in divisional accountant. however i m already working as Assitant Programmer which is a Gazetted Post in group 'B'. Can You tell me whether I should join that one or should be in current. however grade pay of both is 4200. but promotion in AP job is very slow. can anybody advise me which one be better for me in both cases, in promotion and in society image
How does L2TP process?
What are some standards supported by the Presentation layer?
Hello friends please send me teradata materials dumps for teradata14 certification, else TD12. my email id is email@example.com Thanks
what is the thing that is created adjacent to the transparent table created on the database? a)fields b)data element c)structure 4)table type ques2)what operation you cannot perform on internal table? a)append b)sort c)insert d)modify e)delete