Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following findings would an IS auditor be MOST
concerned about when performing an audit of backup and
recovery and the offsite storage vault?
A. There are three individuals with a key to enter the area.
B. Paper documents also are stored in the offsite vault.
C. Data files, which are stored in the vault, are synchronized.
D. The offsite vault is located in a separate facility.
- 1 Answers
- 8671 Views
- Apple, I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Choice A is incorrect because more than one person would
typically need to have a key to the vault to ensure that
individuals responsible for the offsite vault can take
vacations and rotate duties. Choice B is not correct because
the IS auditor would not be concerned whether paper
documents are stored in the offsite vault. In fact, paper
documents, such as procedural documents and a copy of the
contingency plan, most likely would be stored in the offsite
vault, and the location of the vault is important, but not
as important as the files being synchronized.
| Is This Answer Correct ? | 3 Yes | 1 No |
Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly? A. Field checks B. Control totals C. Reasonableness checks D. A before-and-after maintenance report
The reliability of an application system's audit trail may be questionable if: A. user IDs are recorded in the audit trail. B. the security administrator has read-only rights to the audit file. C. date time stamps record when an action occurs. D. users can amend audit trail records when correcting system errors.
During the review of an organization's disaster recovery and business continuity plan, the IS auditor found that a paper test was performed to verify the existence of all necessary procedures and actions within the recovery plan. This is a: A. preparedness test. B. module test. C. full test. D. walk-through test.
A tax calculation program maintains several hundred tax rates. The BEST control to ensure that tax rates entered into the program are accurate is: A. an independent review of the transaction listing. B. a programmed edit check to prevent entry of invalid data. C. programmed reasonableness checks with 20 percent data entry range. D. a visual verification of data entered by the processing department.
Which of the following is the MOST effective type of antivirus software? A. Scanners B. Active monitors C. Integrity checkers D. Vaccines
The application test plans are developed in which of the following systems development life cycle (SDLC) phases? A. Design B. Testing C. Requirement D. Development
Confidential data residing on a PC is BEST protected by: A. a password. B. file encryption. C. removable diskettes. D. a key operated power source.
In a business continuity plan, there are several methods of providing telecommunication continuity. One method is diverse routing which involves: A. providing extra capacity with the intent of using the surplus capacity should the normal primary transmission capability not be available. B. routing information via other alternate media such as copper cable or fiber optics. C. providing diverse long-distance network availability utilizing T-1 circuits among the major long-distance carriers. D. routing traffic through split-cable facilities or duplicate-cable facilities.
While reviewing an ongoing project, the IS auditor notes that the development team has spent eight hours of activity on the first day against a budget of 24 hours (over three days). The projected time to complete the remainder of the activity is 20 hours. The IS auditor should report that the project: A. is behind schedule. B. is ahead of schedule. C. is on schedule. D. cannot be evaluated until the activity is completed.
An organization has outsourced network and desktop support. Although the relationship has been reasonably successful, risks remain due to connectivity issues. Which of the following controls should FIRST be performed to assure the organization reasonably mitigates these possible risks? A. Network defense program B. Encryption/Authentication C. Adequate reporting between organizations D. Adequate definition in contractual relationship
Which of the following types of firewalls would BEST protect a network from an Internet attack? A. Screened subnet firewall B. Application filtering gateway C. Packet filtering router D. Circuit-level gateway
Which of the following BEST describes the role of a systems analyst? A. Defines corporate databases B. Designs systems based on the needs of the user C. Schedules computer resources D. Tests and evaluates programmer and optimization tools
Cisco Certifications 
