Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor performing an application maintenance audit
would review the log of program changes for the:
A. authorization for program changes.
B. creation date of a current object module.
C. number of program changes actually made.
D. creation date of a current source program.
- 1 Answers
- 7449 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
The manual log will most likely contain information on
authorized changes to a program. Deliberate, unauthorized
changes will not be documented by the responsible party. An
automated log, found usually in library management products,
and not a change log would most likely contain date
information for the source and executable modules.
| Is This Answer Correct ? | 12 Yes | 0 No |
Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.
What data should be used for regression testing? A. Different data than used in the previous test B. The most current production data C. The data used in previous tests D. Data produced by a test data generator
Controls designed to ensure that unauthorized changes are not made to information residing in a computer file are known as: A. data security controls. B. implementation controls. C. program security controls. D. computer operations controls.
Sales orders are automatically numbered sequentially at each of a retailer's multiple outlets. Small orders are processed directly at the outlets, with large orders sent to a central production facility. The MOST appropriate control to ensure that all orders transmitted to production are received and processed would be to: A. send and reconcile transaction counts and totals. B. have data transmitted back to the local site for comparison. C. compare data communications protocols with parity checking. D. track and account for the numerical sequence of sales orders at the production facility.
An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.
Which of the following procedures can a biometric system perform? A. Measure airborne contamination. B. Provide security over physical access. C. Monitor temperature and humidity levels. D. Detect hazardous electromagnetic fields in an area.
Which of the following audit procedures would an IS auditor normally perform FIRST when reviewing an organization's systems development methodology? A. Determine procedural adequacy. B. Analyze procedural effectiveness. C. Evaluate level of compliance with procedures. D. Compare established standards to observed procedures.
The reason for having controls in an IS environment: A. remains unchanged from a manual environment, but the implemented control features may be different. B. changes from a manual environment, therefore the implemented control features may be different. C. changes from a manual environment, but the implemented control features will be the same. D. remains unchanged from a manual environment and the implemented control features will also be the same.
In a system development project the purpose of the program and procedure development phase is to: A. prepare, test and document all programs and manual procedures. B. document a business or system problem to a level at which management can select a solution. C. prepare a high-level design of a proposed system solution and present reasons for adopting a solution. D. expand the general design of an approved solution so that program and procedure writing can begin.
To help mitigate the effects of a denial of service attack, which mechanism can an Internet service provider (ISP) use to identify Internet protocol (IP) packets from unauthorized sources? A. Inbound traffic filtering B. Rate limiting C. Reverse address lookup D. Network performance monitoring
Connection-oriented protocols in the TCP/IP suite are implemented in the: A. transport layer. B. application layer. C. physical layer. D. network layer.
A utility is available to update critical tables in case of data inconsistency. This utility can be executed at the OS prompt or as one of menu options in an application. The BEST control to mitigate the risk of unauthorized manipulation of data is to: A. delete the utility software and install it as and when required. B. provide access to utility on a need-to-use basis. C. provide access to utility to user management D. define access so that the utility can be only executed in menu option.
Cisco Certifications 
