Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor conducting an access controls review in a
client-server environment discovers that all printing
options are accessible by all users. In this situation, the
IS auditor is MOST likely to conclude that:
A. exposure is greater since information is available to
unauthorized users.
B. operating efficiency is enhanced since anyone can print
any report, any time.
C. operating procedures are more effective since information
is easily available.
D. user friendliness and flexibility is facilitated since
there is a smooth flow of information among users.
- 2 Answers
- 7720 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Information in all its forms needs to be protected from
unauthorized access. Unrestricted access to the report
option results in an exposure. Efficiency and effectiveness
are not relevant factors in this situation. Greater control
over reports will not be accomplished since reports need not
be in a printed form only. Information could be transmitted
outside as electronic files without printing as print
options allow for printing in an electronic form as well.
| Is This Answer Correct ? | 6 Yes | 0 No |
Answer / guest
A. exposure is greater since information is available to
unauthorized users.
| Is This Answer Correct ? | 1 Yes | 0 No |
In a small organization, where segregation of duties is not practical, an employee performs the function of computer operator and application programmer. Which of the following controls should the IS auditor recommend? A. Automated logging of changes to development libraries B. Additional staff to provide segregation of duties C. Procedures that verify that only approved program changes are implemented D. Access controls to prevent the operator from making program modifications
Which of the following programs would a sound information security policy MOST likely include to handle suspected intrusions? A. Response B. Correction C. Detection D. Monitoring
Which of the following is the MOST important issue to the IS auditor in a business process re-engineering (BPR) project would be? A. The loss of middle management, which often is a result of a BPR project B. That controls are usually given low priority in a BPR project C. The considerable negative impact that information protection could have on BPR D. The risk of failure due to the large size of the task usually undertaken in a BPR project
Which of the following duties would be a concern if performed along with systems administration? A. Maintenance of access rules B. Review of system audit trail C. Data librarian D. Performance monitoring
Which of the following processes describes risk assessment? Risk assessment is: A. subjective. B. objective. C. mathematical. D. statistical.
If a database is restored using before-image dumps, where should the process be restarted following an interruption? A. Before the last transaction B. After the last transaction C. The first transaction after the latest checkpoint D. The last transaction before the latest checkpoint
1. which of the following is used to achieve accountability. a.identification b. authentication c. authorization d. iniation
Which of the following systems-based approaches would a financial processing company employ to monitor spending patterns to identify abnormal patterns and report them? A. A neural network B. Database management software C. Management information systems D. Computer assisted audit techniques
The MAJOR advantage of the risk assessment approach over the baseline approach to information security management is that it ensures: A. information assets are over protected. B. a basic level of protection is applied regardless of asset value. C. appropriate levels of protection are applied to information assets. D. an equal proportion of resources are devoted to protecting all information assets.
The MOST appropriate person to chair the steering committee for a system development project with significant impact on a business area would be the: A. business analyst. B. chief information officer. C. project manager. D. executive level manager.
Which of the following should concern an IS auditor when reviewing security in a client-server environment? A. Data is protected by an encryption technique. B. Diskless workstations prevent unauthorized access. C. Ability of users to access and modify the database directly. D. Disabling floppy drives on the users machines.
The general ledger setup function in an enterprise resource package (ERP) allows for setting accounting periods. Access to this function has been permitted to users in finance, the warehouse and order entry. The MOST likely reason for such broad access is the: A. need to change accounting periods on a regular basis.. B. requirement to post entries for a closed accounting period. C. lack of policies and procedures for the proper segregation of duties. D. need to create/modify the chart of accounts and its allocations.
Cisco Certifications 
