Interested to Buy Any Domain ? << Click Here >> for more details...
In reviewing the IS short-range (tactical) plan, the IS
auditor should determine whether:
A. there is an integration of IS and business staffs within
projects.
B. there is a clear definition of the IS mission and vision.
C. there is a strategic information technology planning
methodology in place.
D. the plan correlates business objectives to IS goals and
objectives.
- 1 Answers
- 9443 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
The integration of IS and business staff in projects is an
operational issue and should be considered while reviewing
the short-range plan. A strategic plan would provide a
framework for the IS short-range plan. Choices B, C, and D
are areas covered by a strategic plan.
| Is This Answer Correct ? | 10 Yes | 0 No |
During an audit of a telecommunications system the IS auditor finds that the risk of intercepting data transmitted to and from remote sites is very high. The MOST effective control for reducing this exposure is: A. encryption. B. callback modems. C. message authentication. D. dedicated leased lines.
The responsibility, authority and accountability of the IS audit function is documented appropriately in an audit charter and MUST be: A. approved by the highest level of management. B. approved by audit department management. C. approved by user department management. D. changed every year before commencement of IS audits.
During which phase of a system development process should an IS auditor first raise the issue of application controls? A. Construction B. System design C. Acceptance testing D. Functional specification
In a TCP/IP-based network, an IP address specifies a: A. network connection. B. router/gateway. C. computer in the network. D. device on the network.
Software maintainability BEST relates to which of the following software attributes? A. Resources needed to make specified modifications. B. Effort needed to use the system application. C. Relationship between software performance and the resources needed. D. Fulfillment of user needs.
In a LAN environment, which of the following minimizes the risk of data corruption during transmission? A. Using end-to-end encryption for data communication B. Using separate conduits for electrical and data cables C. Using check sums for checking the corruption of data D. Connecting the terminals using a star topology
The risk of an IS auditor using an inadequate test procedure and concluding that material errors do not exist when, in fact, they exist is:
Congestion control is BEST handled by which OSI layer? A. Data link B. Session layer C. Transport layer D. Network layer
During which of the following phases in systems development would user acceptance test plans normally be prepared? A. Feasibility study B. Requirements definition C. Implementation planning D. Post-implementation review
Which of the following can identify attacks and penetration attempts to a network? A. Firewall B. Packet filters C. Stateful inspection D. Intrusion detection system (IDs)
Which of the following types of firewalls would BEST protect a network from an Internet attack? A. Screened subnet firewall B. Application filtering gateway C. Packet filtering router D. Circuit-level gateway
Which of the following is the MOST important reason for an IS auditor to be involved in a system development project? A. Evaluate the efficiency of resource utilization. B. Develop audit programs for subsequent audits of the system. C. Evaluate the selection of hardware to be used by the system. D. Ensure that adequate controls are built into the system during development.
Cisco Certifications 
