Answer / guest

Answer: A

Reviewing access control configuration would be first task
performed to determine whether security has been mapped
appropriately in the system. Since a post-implementation
review is done after user acceptance testing and actual
implementation, one would not engage in interface testing or
detailed design documentation. Evaluating interface testing
would be part of the implementation process. The issue of
reviewing detailed design documentation is not generally
relevant to an enterprise resource management system since
these are usually vendor packages with user manuals. System
testing should be performed before final user sign off.

Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same? A. A substantive test of program library controls B. A compliance test of program library controls C. A compliance test of the program compiler controls D. A substantive test of the program compiler controls

1 Answers  

---

A manufacturer has been purchasing materials and supplies for its business through an e-commerce application. Which of the following should this manufacturer rely on to prove that the transactions were actually made? A. Reputation B. Authentication C. Encryption D. Nonrepudiation

1 Answers  

---

Which of the following controls is LEAST likely to detect changes made online to master records? A. Update access to master file is restricted to a supervisor independent of data entry. B. Clerks enter updates online and are finalized by an independent supervisor. C. An edit listing of all updates is produced daily and reviewed by an independent supervisor. D. An update authorization form must be approved by an independent supervisor before entry.

1 Answers  

---

Which of the following is a disadvantage of image processing? A. Verifies signatures B. Improves service C. Relatively inexpensive to use D. Reduces deterioration due to handling

3 Answers   Wipro,

---

The MAIN reason for requiring that all computer clocks across an organization be synchronized is to: A. prevent omission or duplication of transactions. B. ensure smooth data transition from client machines to servers. C. ensure that email messages have accurate time stamps. D. support the incident investigation process.

2 Answers  

---

During the review of an organization's disaster recovery and business continuity plan, the IS auditor found that a paper test was performed to verify the existence of all necessary procedures and actions within the recovery plan. This is a: A. preparedness test. B. module test. C. full test. D. walk-through test.

1 Answers  

---

Which of the following is the most important element in the design of a data warehouse? A. Quality of the metadata B. Speed of the transactions C. Volatility of the data D. Vulnerability of the system

1 Answers  

---

Which of the following database administrator (DBA) activities is unlikely to be recorded on detective control logs? A. Deletion of a record B. Change of a password C. Disclosure of a password D. Changes to access rights

1 Answers  

---

To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is: A. during data preparation. B. in transit to the computer. C. between related computer runs. D. during the return of the data to the user department.

2 Answers  

---

Which tests is an IS auditor performing when certain program is selected to determine if the source and object versions are the same?

4 Answers  

---

Which of the following is a practice that should be incorporated into the plan for testing disaster recovery procedures? A. Invite client participation. B. Involve all technical staff. C. Rotate recovery managers. D. Install locally stored backup.

4 Answers   Microsoft,

---

The objective of IT governance is to ensure that the IT strategy is aligned with the objectives of (the): A. enterprise. B. IT. C. audit. D. finance.

1 Answers  

---