Interested to Buy Any Domain ? << Click Here >> for more details...
To determine which users can gain access to the privileged
supervisory state, which of the following should an IS
auditor review?
A. System access log files
B. Enabled access control software parameters
C. Logs of access control violations
D. System configuration files for control options used
- 1 Answers
- 8374 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Review of system configuration files for control options
used would show which users have access to the privileged
supervisory state. Both systems access log files and logs of
access violations are detective in nature. Access control
software is run under the operating system.
| Is This Answer Correct ? | 12 Yes | 0 No |
A key element in a risk analysis is/are: A. audit planning. B. controls. C. vulnerabilities. D. liabilities.
Which of the following functions, if performed by scheduling and operations personnel, would be in conflict with a policy requiring a proper segregation of duties? A. Job submission B. Resource management C. Code correction D. Output distribution
Which of the following would normally be found in application run manuals? A. Details of source documents B. Error codes and their recovery actions C. Program flowcharts and file definitions D. Change records for the application source code
A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? A. Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). B. A digital signature with RSA has been implemented. C. Digital certificates with RSA are being used. D. Work is being completed in TCP services.
A debugging tool, which reports on the sequence of steps executed by a program, is called a/an: A. output analyzer. B. memory dump. C. compiler. D. logic path monitor.
When performing an audit of access rights, an IS auditor should be suspicious of which of the following if allocated to a computer operator? A. READ access to data B. DELETE access to transaction data files C. Logged READ/EXECUTE access to programs D. UPDATE access to job control language/script files
If an application program is modified and proper system maintenance procedures are in place, which of the following should be tested? The: A. integrity of the database B. access controls for the applications programmer C. complete program, including any interface systems D. segment of the program containing the revised code
The use of a GANTT chart can: A. aid in scheduling project tasks. B. determine project checkpoints. C. ensure documentation standards. D. direct the post-implementation review.
IT governance ensures that an organization aligns its IT strategy with: A. Enterprise objectives. B. IT objectives. C. Audit objectives. D. Finance objectives.
Which of the following tasks is performed by the same person in a well-controlled information processing facility/computer center? A. Security administration and management B. Computer operations and system development C. System development and change management D. System development and systems maintenance
Which of the following data entry controls provides the GREATEST assurance that the data is entered correctly? A. Using key verification B. Segregating the data entry function from data entry verification C. Maintaining a log/record detailing the time, date, employee's initials/user id and progress of various data preparation and verification tasks D. Adding check digits
An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity
Cisco Certifications 
