Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor reviewing back-up procedures for software need
only determine that:
A. object code libraries are backed up.
B. source code libraries are backed up.
C. both object and source codes libraries are backed up.
D. program patches are maintained at the originating site.
- 1 Answers
- 4646 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Backup for software must include both object and source code
libraries and must include a provision for maintaining
program patches on a current basis at all backup locations.
| Is This Answer Correct ? | 6 Yes | 1 No |
Which of the following is the MOST critical for the successful implementation and maintenance of a security policy? A. Assimilation of the framework and intent of a written security policy by all appropriate parties B. Management support and approval for the implementation and maintenance of a security policy C. Enforcement of security rules by providing punitive actions for any violation of security rules D. Stringent implementation, monitoring and enforcing of rules by the security officer through access control software
An organization provides information to its supply-chain partners and customers through an extranet infrastructure. Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture? A. A secure socket layer (SSL) has been implemented for user authentication and remote administration of the firewall. B. On the basis of changing requirements, firewall policies are updated. C. Inbound traffic is blocked unless the traffic type and connections have been specifically permitted. D. The firewall is placed on top of the commercial operating system with all installation options.
The responsibility for designing, implementing and maintaining a system of internal control lies with: A. the IS auditor. B. management. C. the external auditor. D. the programming staff.
An IS auditor, performing a review of an application?s controls, discovers a weakness in system software, which could materially impact the application. The IS auditor should: A. Disregard these control weaknesses as a system software review is beyond the scope of this review. B. Conduct a detailed system software review and report the control weaknesses. C. Include in the report a statement that the audit was limited to a review of the application?s controls. D. Review the system software controls as relevant and recommend a detailed system software review.
Disaster recovery planning for a company's computer system usually focuses on: A. operations turnover procedures. B. strategic long-range planning. C. the probability that a disaster will occur. D. alternative procedures to process transactions.
Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist? A. Reviewing program code B. Reviewing operations documentation C. Turning off the UPS, then the power D. Reviewing program documentation
Which of the following is a data validation edit and control? A. Hash totals B. Reasonableness checks C. Online access controls D. Before and after image reporting
The PKI element that manages the certificate life cycle, including certificate directory maintenance and certificate revocation list (CRL) maintenance and publication is the: A. certificate authority. B. digital certificate. C. certification practice statement. D. registration authority.
Capacity monitoring software is used to ensure: A. maximum use of available capacity. B. that future acquisitions meet user needs. C. concurrent use by a large number of users. D. continuity of efficient operations.
A control that detects transmission errors by appending calculated bits onto the end of each segment of data is known as a: A. reasonableness check. B. parity check. C. redundancy check. D. check digits.
An IS auditor discovers that an organization?s business continuity plan provides for an alternate processing site that will accommodate fifty percent of the primary processing capability. Based on this, which of the following actions should the IS auditor take? A. Do nothing, because generally, less than twenty-five percent of all processing is critical to an organization?s survival and the backup capacity, therefore is adequate. B. Identify applications that could be processed at the alternate site and develop manual procedures to backup other processing. C. Ensure that critical applications have been identified and that the alternate site could process all such applications. D. Recommend that the information processing facility arrange for an alternate processing site with the capacity to handle at least seventy-five percent of normal processing.
Which of the following types of transmission media provide the BEST security against unauthorized access? A. Copper wire B. Twisted pair C. Fiber-optic cables D. Coaxial cables
Cisco Certifications 
