Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor reviewing operating system access discovers
that the system is not secured properly. In this situation,
the IS auditor is LEAST likely to be concerned that the user
might:
A. create new users.
B. delete database and log files.
C. access the system utility tools.
D. access the system writeable directories.
- 1 Answers
- 5218 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Access to the operating system does not result necessarily
in granting access to creating new users. Hence, it is not a
likely concern. The other choices are likely concerns if the
operating system is not defined properly. In this case,
users can access the system writeable directories, delete
database and log files, and access system utility tools.
| Is This Answer Correct ? | 4 Yes | 0 No |
Disaster recovery planning addresses the: A. technological aspect of business continuity planning. B. operational piece of business continuity planning. C. functional aspect of business continuity planning. D. overall coordination of business continuity planning.
Which of the following is a check (control) for completeness? A. Check digits B. Parity bits C. One-for-one checking D. Prerecorded input
Which of the following is a measure of the size of an information system based on the number and complexity of a system's inputs, outputs and files? A. Program evaluation review technique (PERT) B. Rapid application development (RAD) C. Function point analysis (FPA) D. Critical path method (CPM)
Which of the following provides nonrepudiation services for e-commerce transactions? A. Public key infrastructure (PKI) B. Data encryption standard (DES) C. Message authentication code (MAC) D. Personal identification number (PIN)
Birth date and marriage date items were switched while entering data. Which of the following data validation checks could detect this? A. Logical relationship B. Sequence C. Reasonableness D. Validity
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
A programmer included a routine into a payroll application to search for his/her own payroll number. As a result, if this payroll number does not appear during the payroll run, a routine will generate and place random numbers onto every paycheck. This routine is known as: A. scavenging. B. data leakage. C. piggybacking. D. a trojan horse.
IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.
A request for a change to a report format in a module (subsystem) was made. After making the required changes, the programmer should carry out: A. unit testing. B. unit and module testing. C. unit, module and regression testing. D. module testing.
Which of the following facilitates program maintenance? A. More cohesive and loosely coupled programs B. Less cohesive and loosely coupled programs C. More cohesive and strongly coupled programs D. Less cohesive and strongly coupled programs
IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as: A. critical. B. vital. C. sensitive. D. noncritical.
Cisco Certifications 
