Answer / guest

Answer: D

If the IS auditor assigned to the development process
actually contributes to the design of the system, then true
independence has been compromised. Therefore, to insure an
independent review of the system, a different IS auditor
should review the system prior to production or within a
reasonable time frame after implementation.

Which of the following BEST determines that complete encryption and authentication protocols exist for protecting information while transmitted? A. A digital signature with RSA has been implemented. B. Work is being done in tunnel mode with the nested services of AH and ESP C. Digital certificates with RSA are being used. D. Work is being done in transport mode, with the nested services of AH and ESP

1 Answers  

---

An IS steering committee should: A. include a mix of members from different departments and staff levels. B. ensure that IS security policies and procedures have been executed properly. C. have formal terms of reference and maintain minutes of its meetings. D. be briefed about new trends and products at each meeting by a vendor.

1 Answers  

---

An installed Ethernet cable run in an unshielded twisted pair (UTP) network is more than 100 meters long. Which of the following could be caused by the length of the cable? A. Electromagnetic interference (EMI) B. Cross talk C. Dispersion D.Attenuation

2 Answers  

---

An advantage in using a bottom-up versus a top-down approach to software testing is that: A. interface errors are detected earlier. B. confidence in the system is achieved earlier. C. errors in critical modules are detected earlier. D. major functions and processing are tested earlier.

1 Answers   HCL, KPMG, Misys,

---

Disaster recovery planning for a company's computer system usually focuses on: A. operations turnover procedures. B. strategic long-range planning. C. the probability that a disaster will occur. D. alternative procedures to process transactions.

1 Answers  

---

Which of the following physical access controls would provide the highest degree of security over unauthorized access? A. Bolting door lock B. Cipher lock C. Electronic door lock D. Fingerprint scanner

1 Answers  

---

An IS auditor is performing an audit of a network operating system. Which of the following is a user feature the IS auditor should review? A. Availability of online network documentation B. Support of terminal access to remote hosts C. Handling file transfer between hosts and inter-user communications D. Performance management, audit and control

1 Answers  

---

Utility programs that assemble software modules needed to execute a machine instruction application program version are: A. text editors. B. program library managers. C. linkage editors and loaders. D. debuggers and development aids.

1 Answers   ICICI,

---

Electromagnetic emissions from a terminal represent an exposure because they: A. affect noise pollution. B. disrupt processor functions. C. produce dangerous levels of electric current. D. can be detected and displayed.

1 Answers  

---

Receiving an EDI transaction and passing it through the communications interface stage usually requires: A. translating and unbundling transactions. B. routing verification procedures. C. passing data to the appropriate application system. D. creating a point of receipt audit log.

1 Answers  

---

Which of the following testing methods is MOST effective during the initial phases of prototyping? A. System B. Parallel C. Volume D. Top-down

2 Answers  

---

Which of the following group/individuals should assume overall direction and responsibility for costs and timetables of system development projects? A. User management B. Project steering committee C. Senior management D. Systems development management

1 Answers  

---