To make an electronic funds transfer (EFT), one employee
enters the amount field and another employee reenters the
same data again, before the money is transferred. The
control adopted by the organization in this case is:
A. sequence check.
B. key verification.
C. check digit.
D. completeness check.
Answer / guest
Answer: B
Key verification is a process in which keying-in is repeated
by a separate individual using a machine that compares the
original entry to the repeated entry. Sequence check refers
to the continuity in serial numbers within the number range
on documents. A check digit is a numeric value that has been
calculated mathematically and added to data to ensure that
the original data have not been altered or an incorrect but
valid value substituted. Completeness checks ensure that all
the characters required for a field have been input.
| Is This Answer Correct ? | 9 Yes | 0 No |
A data center has a badge-entry system. Which of the following is MOSTimportant to protect the computing assets in the center? A. Badge readers are installed in locations where tampering would be noticed B. The computer that controls the badge system is backed up frequently C. A process for promptly deactivating lost or stolen badges exists D. All badge entry attempts are logged
Which of the following BEST determines that complete encryption and authentication protocols exist for protecting information while transmitted? A. A digital signature with RSA has been implemented. B. Work is being done in tunnel mode with the nested services of AH and ESP C. Digital certificates with RSA are being used. D. Work is being done in transport mode, with the nested services of AH and ESP
Which of the following line media would provide the BEST security for a telecommunication network? A. Broad band network digital transmission B. Baseband network C. Dial-up D. Dedicated lines
A LAN administrator normally would be restricted from: A. having end-user responsibilities. B. reporting to the end-user manager. C. having programming responsibilities. D. being responsible for LAN security administration.
If a database is restored using before-image dumps, where should the process be restarted following an interruption? A. Before the last transaction B. After the last transaction C. The first transaction after the latest checkpoint D. The last transaction before the latest checkpoint
The MAIN reason for requiring that all computer clocks across an organization be synchronized is to: A. prevent omission or duplication of transactions. B. ensure smooth data transition from client machines to servers. C. ensure that email messages have accurate time stamps. D. support the incident investigation process.
Which of the following group/individuals should assume overall direction and responsibility for costs and timetables of system development projects? A. User management B. Project steering committee C. Senior management D. Systems development management
To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.
In a public key infrastructure (PKI), the authority responsible for the identification and authentication of an applicant for a digital certificate (i.e., certificate subjects) is the: A. registration authority (RA). B. issuing certification authority (CA). C. subject CA. D. policy management authority.
Which of the following implementation modes would provide the GREATEST amount of security for outbound data connecting to the Internet? A. Transport mode with authentication header plus encapsulating security payload (ESP) B. Secure socket layer (SSL) mode C. Tunnel mode with AH plus ESP D. Triple-DES encryption mode
The PRIMARY purpose of compliance tests is to verify whether: A. controls are implemented as prescribed. B. documentation is accurate and current. C. access to users is provided as specified. D. data validation procedures are provided.
An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions should the IS auditor take? A. Personally delete all copies of the unauthorized software. B. Inform auditee of the unauthorized software, and follow up to confirm deletion. C. Report the use of the unauthorized software to auditee management and the need to prevent recurrence. D. Take no action, as it is a commonly accepted practice and operations management is responsible for monitoring such use.