1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

Without causing a conflict of interest, a duty compatible
with those of a security administrator would be:

A. quality assurance.

B. application programming.

C. systems programming.

D. data entry.

Question Posted / guest


Without causing a conflict of interest, a duty compatible with those of a security administrator wo..

Answer / guest

Answer: A

Quality assurance could be an additional responsibility of
the security administrator. The security administrator,
being responsible for application programming, systems
programming or data entry, would not provide an adequate
segregation of duties since he/she would be in a position to
openly introduce fraudulent or malicious code or data
causing damage to the organization.

Is This Answer Correct ?    5 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

The window of time recovery of information processing capabilities is based on the: A. criticality of the processes affected. B. quality of the data to be processed. C. nature of the disaster. D. applications that are mainframe based.

1 Answers  

A dry-pipe fire extinguisher system is a system that uses: A. water, but in which water does not enter the pipes until a fire has been detected. B. water, but in which the pipes are coated with special watertight sealants. C. carbon dioxide instead of water. D. halon instead of water.

1 Answers  

Which of the following user profiles should be of MOST concern to the IS auditor, when performing an audit of an EFT system? A. Three users with the ability to capture and verifiy their own messages B. Five users with the ability to capturr and send their own messages C. Five users with the ability to verificy other users and to send of their own messages D. Three users with the ability to capture and verifiy the messages of other users and to send their own messages

1 Answers  

An IT steering committee would MOST likely perform which of the following functions? A. Placement of a purchase order with the approved IT vendor B. Installation of systems software and application software C. Provide liaison between IT department and user department D. Interview staff for the IT department

2 Answers  

An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely: A. check to ensure the type of transaction is valid for that card type. B. verify the format of the number entered then locate it on the database. C. ensure that the transaction entered is within the cardholder's credit limit. D. confirm that the card is not shown as lost or stolen on the master file.

1 Answers  

Which of the following is the MOST fundamental step in effectively preventing a virus attack? A. Executing updated antivirus software in the background on a periodic basis B. Buying standard antivirus software, which is installed on all servers and workstations C. Ensuring that all software is checked for a virus in a separate PC before being loaded into the production environment D. Adopting a comprehensive antivirus policy and communicating it to all users

1 Answers  

Which of the following provisions in a contract for external information systems services would an IS auditor consider to be LEAST significant? A. Ownership of program and files B. Statement of due care and confidentiality C. Continued service of outsourcer in the event of a disaster D. Detailed description of computer hardware used by the vendor

1 Answers  

An internal audit department, that organizationally reports exclusively to the chief financial officer (CFO) rather than to an audit committee, is MOST likely to: A. have its audit independence questioned. B. report more business-oriented and relevant findings. C. enhance the implementation of the auditor's recommendations. D. result in more effective action being taken on the recommendations.

2 Answers   ABC, CISA,

Which of the following is the MOST important objective of data protection? A. Identifying persons who need access to information B. Ensuring the integrity of information C. Denying or authorizing access to the IS system D. Monitoring logical accesses

1 Answers  

Which of the following is an object-oriented technology characteristic that permits an enhanced degree of security over data? A. Inheritance B. Dynamic warehousing C. Encapsulation D. Polymorphism

3 Answers  

Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code

1 Answers  

Which of the following is the initial step in creating a firewall policy? A. A cost-benefits analysis of methods for securing the applications B. Identification of network applications to be externally accessed C. Identification of vulnerabilities associated with network applications to be externally accessed D. Creation of an applications traffic matrix showing protection methods

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)