Interested to Buy Any Domain ? << Click Here >> for more details...
When performing a review of the structure of an electronic
funds transfer (EFT) system, an IS auditor observes that the
technological infrastructure is based on a centralized
processing scheme that has been outsourced to a provider in
another country. Based on this information, which of the
following conclusions should be the main concern of the IS
auditor?
A. There could be a question with regards to the legal
jurisdiction.
B. Having a provider abroad will cause excesive costs in
future audits.
C. The auditing process will be difficult because of the
distances.
D. There could be different auditing norms.
- 2 Answers
- 5507 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
In the funds transfer process, when the processing scheme is
centralized in a different country, there could be legal
issues of jurisdiction that might affect the right to
perform a review in the other country. The other choices,
though possible, are not as relevant as the issue of legal
jurisdiction.
| Is This Answer Correct ? | 6 Yes | 0 No |
Answer / guest
A. There could be a question with regards to the legal
jurisdiction.
| Is This Answer Correct ? | 2 Yes | 0 No |
Which of the following would be the LEAST helpful in restoring service from an incident currently underway? A. Developing a database repository of past incidents and actions to facilitate future corrective actions B. Declaring the incident, which not only helps to carry out corrective measures, but also improves the awareness level C. Developing a detailed operations plan that outlines specific actions to be taken to recover from an incident D. Establishing multidisciplinary teams consisting of executive management, security staff, information systems staff, legal counsel, public relations, etc., to carry out the response.
Which of the following fire suppressant systems would an IS auditor expect to find when conducting an audit of an unmanned computer center? A. Carbon dioxide B. Halon C. Dry-pipe sprinkler D. Wet-pipe sprinkler
An enterprise has established a steering committee to oversee its e-business program. The steering committee would MOST likely be involved in the: A. documentation of requirements. B. escalation of project issues. C. design of interface controls. D. specification of reports.
IS auditors reviewing access control should review data classification to ensure that encryption parameters are classified as: A. sensitive. B. confidential. C. critical. D. private.
IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.
In the ISO/OSI model, which of the following protocols is the FIRST to establish security for the user application? A. Session layer. B. Transport layer C. Network layer D. Presentation layer
A decrease in amplitude as a signal propagates along a transmission medium is known as: A. noise. B. crosstalk. C. attenuation. D. delay distortion.
An IS auditor who is participating in a systems development project should: A. recommend appropriate control mechanisms regardless of cost. B. obtain and read project team meeting minutes to determine the status of the project. C. ensure that adequate and complete documentation exists for all project phases. D. not worry about his/her own ability to meet target dates since work will progress regardless.
Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist? A. Reviewing program code B. Reviewing operations documentation C. Turning off the UPS, then the power D. Reviewing program documentation
An IS auditor, in evaluating proposed biometric control devices reviews the false rejection rates (FRRs), false acceptance rates (FARs) and equal error rates (ERRs) of three different devices. The IS auditor should recommend acquiring the device having the: A. least ERR. B. most ERR. C. least FRR but most FAR. D. least FAR but most FRR.
Which of the following is the MOST critical for the successful implementation and maintenance of a security policy? A. Assimilation of the framework and intent of a written security policy by all appropriate parties B. Management support and approval for the implementation and maintenance of a security policy C. Enforcement of security rules by providing punitive actions for any violation of security rules D. Stringent implementation, monitoring and enforcing of rules by the security officer through access control software
The FIRST task an IS auditor should complete when performing an audit in an unfamiliar area is to: A. design the audit programs for each system or function involved. B. develop a set of compliance tests and substantive tests. C. gather background information pertinent to the new audit. D. assign human and economical resources.
Cisco Certifications 
