Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following independent duties is traditionally
performed by the data control group?
A. Access to data
B. Authorization tables
C. Custody of assets
D. Reconciliation
- 1 Answers
- 4918 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Reconciliation is a responsibility performed by the data
control group, with the use of control totals and balancing
sheets. This type of independent verification increases the
level of confidence that the application has run
successfully and the data are in proper balance. Access to
data are controls provided by a combination of physical and
logical security in both the user area and the information
processing facility. Authorization tables are built by the
IS department, based on the authorization forms provided by
the data owners. Custody of assets must be determined and
assigned appropriately. The data ownership usually is
assigned to a particular user department, and duties should
be specific and written. The owner of the data has
responsibility for determining authorization levels required
to provide adequate security, while the data security
administration group is often responsible for implementing
and enforcing the security system.
| Is This Answer Correct ? | 2 Yes | 0 No |
The PRIMARY objective of conducting a post-implementation review is to assess whether the system A) achieved the desired objectives B) provides for backup and recovery C) provides for information security D) documentation is clear and understandable
A control log basic to a real-time application system is a(n): A. audit log. B. console log. C. terminal log. D. transaction log.
An IS auditor discovers evidence of fraud perpetrated with a manager's user id. The manager had written the password, allocated by the system administrator, inside his/her desk drawer. The IS auditor should conclude that the: A. manager's assistant perpetrated the fraud. B. perpetrator cannot be established beyond doubt. C. fraud must have been perpetrated by the manager. D. system administrator perpetrated the fraud.
Change management procedures are established by IS management to: A. control the movement of applications from the test environment to the production environment. B. control the interruption of business operations from lack of attention to unresolved problems. C. ensure the uninterrupted operation of the business in the event of a disaster. D. verify that system changes are properly documented.
Which of the following tests confirm that the new system can operate in its target environment? A. Sociability testing B. Regression testing C. Validation testing D. Black box testing
There are several methods of providing telecommunications continuity. The method of routing traffic through split cable or duplicate cable facilities is: A. alternative routing. B. diverse routing. C. long-haul network diversity. D. last mile circuit protection.
An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely: A. check to ensure the type of transaction is valid for that card type. B. verify the format of the number entered then locate it on the database. C. ensure that the transaction entered is within the cardholder's credit limit. D. confirm that the card is not shown as lost or stolen on the master file.
The most likely error to occur when implementing a firewall is: A. incorrectly configuring the access lists. B. compromising the passwords due to social engineering. C. connecting a modem to the computers in the network. D. inadequately protecting the network and server from virus attacks.
An IS auditor should be able to identify and evaluate various types of risks and their potential effects. Which of the following risks is associated with authorized program exits (trap doors)? A. Inherent B. Detection C. Audit D. Error
Which of the following is the MOST effective technique for providing security during data transmission? A. Communication log B. Systems software log C. Encryption D. Standard protocol
Which of the following is a measure of the size of an information system based on the number and complexity of a system's inputs, outputs and files? A. Program evaluation review technique (PERT) B. Rapid application development (RAD) C. Function point analysis (FPA) D. Critical path method (CPM)
Automated teller machines (ATMs) are a specialized form of a point-of-sale terminal that: A. allows for cash withdrawal and financial deposits only. B. are usually located in populous areas to deter theft or vandalism. C. utilizes protected telecommunication lines for data transmissions. D. must include high levels of logical and physical security.
Cisco Certifications 
