Interested to Buy Any Domain ? << Click Here >> for more details...
An organization is introducing a single sign-on (SSO)
system. Under the SSO system, users will be required to
enter only one user ID and password for access to all
application systems. Under the SSO system, unauthorized access:
A. is less likely.
B. is more likely.
C. will have a greater impact.
D. will have a smaller impact.
- 1 Answers
- 4401 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The impact will be greater since the hacker needs to know
only one password to gain access to all systems and can,
therefore, cause greater mischief than if only the password
to one of the systems is known. Less likely would be the
correct answer if the single sign-on system were to be
introduced with a stronger form of authentication, such as a
smart card/challenge response system. There is no indication
that the probability of someone attempting to gain access to
systems after introduction of single sign-on is greater than
before. The impact can only be greater, not smaller, since
the access gained is wider.
| Is This Answer Correct ? | 5 Yes | 2 No |
A control log basic to a real-time application system is a(n): A. audit log. B. console log. C. terminal log. D. transaction log.
Which of the following represents the MOST pervasive control over application development? A. IS auditors B. Standard development methodologies C. Extensive acceptance testing D. Quality assurance groups
The secure socket layer (SSL) protocol addresses the confidentiality of a message through: A. symmetric encryption. B. message authentication code. C. hash function. D. digital signature certificates.
If the decision has been made to acquire software rather than develop it internally, this decision is normally made during the: A. requirements definition phase of the project. B. feasibility study phase of the project. C. detailed design phase of the project. D. programming phase of the project.
When selecting software, which of the following business and technical issues is the MOST important to be considered? A. Vendor reputation B. Requirements of the organization C. Cost factors D. Installed base
Which of the following would an IS auditor expect to find in a console log? A. Names of system users B. Shift supervisor identification C. System errors D. Data edit errors
With regard to sampling it can be said that: A. sampling is generally applicable when the population relates to an intangible or undocumented control. B. if an auditor knows internal controls are strong, the confidence coefficient may be lowered. C. attribute sampling would help prevent excessive sampling of an attribute by stopping an audit test at the earliest possible moment. D. variable sampling is a technique to estimate the rate of occurrence of a given control or set of related controls.
As a business process reengineering (BPR) project takes hold it is expected that: A. business priorities will remain stable. B. information technologies will not change. C. the process will improve product, service and profitability. D. input from clients and customers will no longer be necessary.
Which of the following is widely accepted as one of the critical components in networking management? A. Configuration management B. Topological mappings C. Application of monitoring tools D. Proxy server trouble shooting
The PRIMARY objective of conducting a post-implementation review is to assess whether the system A) achieved the desired objectives B) provides for backup and recovery C) provides for information security D) documentation is clear and understandable
The FIRST step in data classification is to: A. establish ownership. B. perform a criticality analysis. C. define access rules. D. create a data dictionary.
Which of the following is a benefit of using callback devices? A. Provide an audit trail B. Can be used in a switchboard environment C. Permit unlimited user mobility D. Allow call forwarding
Cisco Certifications 
