Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is the MOST important objective of
data protection?
A. Identifying persons who need access to information
B. Ensuring the integrity of information
C. Denying or authorizing access to the IS system
D. Monitoring logical accesses
- 1 Answers
- 10021 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
Maintaining data integrity is the most important objective
of data security. This is a necessity if an organization is
to continue as a viable and successful enterprise. The other
choices are important techniques for achieving the objective
of data integrity.
| Is This Answer Correct ? | 8 Yes | 3 No |
An IS auditor performing a review of an application's controls would evaluate the: A. efficiency of the application in meeting the business processes. B. impact of any exposures discovered. C. business processes served by the application. D. the application's optimization.
Which of the following procedures should be implemented to help ensure the completeness of inbound transactions via electronic data interchange (EDI)? A. Segment counts built into the transaction set trailer B. A log of the number of messages received, periodically verified with the transaction originator C. An electronic audit trail for accountability and tracking D. Matching acknowledgement transactions received to the log of EDI messages sent
Functionality is a characteristic associated with evaluating the quality of software products throughout their lifecycle, and is BEST described as the set of attributes that bear on the: A. existence of a set of functions and their specified properties. B. ability of the software to be transferred from one environment to another. C. capability of software to maintain its level of performance under stated conditions. D. relationship between the performance of the software and the amount of resources used.
To develop a successful business continuity plan, end user involvement is critical during which of the following phases? A. Business recovery strategy B. Detailed plan development C. Business impact analysis D. Testing and maintenance
Which of the following BEST describes an integrated test facility? A. A technique that enables the IS auditor to test a computer application for the purpose of verifying correct processing B. The utilization of hardware and/or software to review and test the functioning of a computer system C. A method of using special programming options to permit printout of the path through a computer program taken to process a specific transaction D. A procedure for tagging and extending transactions and master records that are used by an IS auditor for tests
Which of the following provides the framework for designing and developing logical access controls? A. Information systems security policy B. Access control lists C. Password management D. System configuration files
Which of the following is the FIRST thing an IS auditor should do after the discovery of a trojan horse program in a computer system? A. Investigate the author. B. Remove any underlying threats. C. Establish compensating controls. D. Have the offending code removed.
Which of the following group/individuals should assume overall direction and responsibility for costs and timetables of system development projects? A. User management B. Project steering committee C. Senior management D. Systems development management
Which of the following would be included in an IS strategic plan?
Sign-on procedures include the creation of a unique user ID and password. However, an IS auditor discovers that in many cases the user name and password are the same. The BEST control to mitigate this risk is to: A. change the company's security policy. B. educate users about the risk of weak passwords. C. build in validations to prevent this during user creation and password change. D. require a periodic review of matching user ID and passwords for detection and correction.
Prices are charged on the basis of a standard master file rate that changes as volume increases. Any exceptions must be manually approved. What is the MOST effective automated control to help ensure that all price exceptions are approved? A. All amounts are displayed back to the data entry clerk, who must verify them visually. B. Prices outside the normal range should be entered twice to verify data entry accuracy. C. The system beeps when price exceptions are entered and prints such occurrences on a report. D. A second-level password must be entered before a price exception can be processed.
An IS steering committee should: A. include a mix of members from different departments and staff levels. B. ensure that IS security policies and procedures have been executed properly. C. have formal terms of reference and maintain minutes of its meetings. D. be briefed about new trends and products at each meeting by a vendor.
Cisco Certifications 
