A company disposing of personal computers that once were
used to store confidential data should first:
A. demagnetize the hard disk.
B. low-level format the hard disk.
C. delete all data contained on the hard disk.
D. defragment the data contained on the hard disk.
- 1 Answers
- 3853 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Demagnetizing the hard disk is the best way to ensure that
confidential data once stored on the hard disk cannot be
recovered. Low-level formatting destroys the file allocation
table not the data and the data could be reconstructed with
the appropriate software. Deleting data merely removes its
reference in the file allocation table and the data can be
recovered. Defragmenting is an efficient procedure and does
not remove data.
| Is This Answer Correct ? | 6 Yes | 0 No |
An IS auditor observed that some data entry operators leave their computers in the midst of data entry without logging off. Which of the following controls should be suggested to prevent unauthorized access? A. Encryption B. Switch off the computer when leaving C. Password control D. Screen saver password
Which of the following is a benefit of a risk-based approach to audit planning? Audit: A. scheduling may be performed months in advance. B. budgets are more likely to be met by the IS audit staff. C. staff will be exposed to a variety of technologies. D. resources are allocated to the areas of highest concern.
Accountability for the maintenance of appropriate security measures over information assets resides with the: A. security administrator. B. systems administrator. C. data and systems owners. D. systems operations group.
The risk of an IS auditor using an inadequate test procedure and concluding that material errors do not exist when, in fact, they exist is:
In a risk-based audit approach an IS auditor should FIRST complete a/an: A. inherent risk assessment. B. control risk assessment. C. test of control assessment. D. substantive test assessment.
Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.
While reviewing the business continuity plan of an organization, the IS auditor observed that the organization's data and software files are backed up on a periodic basis. Which characteristic of an effective plan does this demonstrate? A. Deterrence B. Mitigation C. Recovery D. Response
Which of the following processes describes risk assessment? Risk assessment is: A. subjective. B. objective. C. mathematical. D. statistical.
Functional acknowledgements are used: A. as an audit trail for EDI transactions. B. to functionally describe the IS department. C. to document user roles and responsibilities. D. as a functional description of application software.
Which of the following should concern an IS auditor when reviewing security in a client-server environment? A. Data is protected by an encryption technique. B. Diskless workstations prevent unauthorized access. C. Ability of users to access and modify the database directly. D. Disabling floppy drives on the users machines.
Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with an organization's change control procedures? A. Review software migration records and verify approvals. B. Identify changes that have occurred and verify approvals. C. Review change control documentation and verify approvals. D. Ensure that only appropriate staff can migrate changes into production.
Which of the following devices extends the network and has the capacity to store frames and act as a storage and forward device? A. Router B. Bridge C. Repeater D. Gateway
Cisco Certifications 
