Answer / ddd

message authentication could be one other safe way along
with encryption, as said by the abive guest, wherein the
user needs to set some authentication thus ensuring only
proper persons are in the transmission of data.

Answer / guest

Answer: A

Encryption of data is the most secure method. The other
methods are less secure, with leased lines being possibly
the least secure method.

An advantage in using a bottom-up versus a top-down approach to software testing is that: A. interface errors are detected earlier. B. confidence in the system is achieved earlier. C. errors in critical modules are detected earlier. D. major functions and processing are tested earlier.

1 Answers   HCL, KPMG, Misys,

---

The MAIN reason for requiring that all computer clocks across an organization be synchronized is to: A. prevent omission or duplication of transactions. B. ensure smooth data transition from client machines to servers. C. ensure that email messages have accurate time stamps. D. support the incident investigation process.

2 Answers  

---

Which of the following is a technique that could be used to capture network user passwords? A. Encryption B. Sniffing C. Spoofing D. A signed document cannot be altered.

1 Answers  

---

Which of the following is a continuity plan test that uses actual resources to simulate a system crash to cost-effectively obtain evidence about the plan's effectiveness? A. Paper test B. Post test C. Preparedness test D. Walk-through

2 Answers  

---

Which of the following is the MOST effective technique for providing security during data transmission? A. Communication log B. Systems software log C. Encryption D. Standard protocol

1 Answers  

---

Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with an organization's change control procedures? A. Review software migration records and verify approvals. B. Identify changes that have occurred and verify approvals. C. Review change control documentation and verify approvals. D. Ensure that only appropriate staff can migrate changes into production.

1 Answers  

---

Which of the following is a threat? A. Lack of security B. Loss of goodwill C. Power outage D. Information services

1 Answers  

---

Which of the following can be used to verify output results and control totals by matching them against the input data and control totals? A. Batch header forms B. Batch balancing C. Data conversion error corrections D. Access controls over print spools

1 Answers  

---

An IS auditor discovers that programmers have update access to the live environment. In this situation, the IS auditor is LEAST likely to be concerned that programmers can: A. authorize transactions. B. add transactions directly to the database. C. make modifications to programs directly. D. access data from live environment and provide faster maintenance.

1 Answers  

---

A disaster recovery plan (DRP) for an organization should: A. reduce the length of the recovery time and the cost of recovery. B. increase the length of the recovery time and the cost of recovery. C. reduce the duration of the recovery time and increase the cost of recovery. D. not affect the recovery time nor the cost of recovery.

1 Answers  

---

An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.

1 Answers  

---

While reviewing an ongoing project, the IS auditor notes that the development team has spent eight hours of activity on the first day against a budget of 24 hours (over three days). The projected time to complete the remainder of the activity is 20 hours. The IS auditor should report that the project: A. is behind schedule. B. is ahead of schedule. C. is on schedule. D. cannot be evaluated until the activity is completed.

1 Answers  

---