Answer / guest

Answer: A

The most secure way would be a virtual private network (VPN)
using encryption, authentication and tunneling to allow data
to travel securely from a private network to the Internet.
Choices B, C and D are network connectivity options, which
are normally too expensive to be practical for small- to
medium-sized organizations.

A control that detects transmission errors by appending calculated bits onto the end of each segment of data is known as a: A. reasonableness check. B. parity check. C. redundancy check. D. check digits.

2 Answers  

---

Which of the following programs would a sound information security policy MOST likely include to handle suspected intrusions? A. Response B. Correction C. Detection D. Monitoring

1 Answers  

---

The planning and monitoring of computer resources to ensure that they are being used efficiently and effectively is: A. hardware monitoring. B. capacity management. C. network management. D. job scheduling.

1 Answers  

---

What type of transmission requires modems? A. Encrypted B. Digital C. Analog D. Modulated

1 Answers  

---

Which of the following encrypt/decrypt steps provides the GREATEST assurance in achieving confidentiality, message integrity and nonrepudiation by either sender or recipient? A. The recipient uses his/her private key to decrypt the secret key. B. The encrypted pre-hash code and the message are encrypted using a secret key. C. The encrypted pre-hash code is derived mathematically from the message to be sent. D. The recipient uses the sender's public key, verified with a certificate authority, to decrypt the pre-hash code.

1 Answers  

---

Corrective action has been taken by an auditee immediately after the identification of a reportable finding. The auditor should: A. include the finding in the final report because the IS auditor is responsible for an accurate report of all findings. B. not include the finding in the final report because the audit report should include only unresolved findings. C. not include the finding in the final report because corrective action can be verified by the IS auditor during the audit. D. include the finding in the closing meeting for discussion purposes only.

2 Answers  

---

The MOST appropriate person to chair the steering committee for a system development project with significant impact on a business area would be the: A. business analyst. B. chief information officer. C. project manager. D. executive level manager.

1 Answers  

---

Which of the following would be the LEAST likely indication that complete or selected outsourcing of IS functions should be considered? A. The applications development backlog is greater than three years. B. It takes one year to develop and implement a high-priority system. C. More than 60 percent of programming costs are spent on system maintenance. D. Duplicate information systems functions exist at two sites.

1 Answers  

---

To make an electronic funds transfer (EFT), one employee enters the amount field and another employee reenters the same data again, before the money is transferred. The control adopted by the organization in this case is: A. sequence check. B. key verification. C. check digit. D. completeness check.

1 Answers  

---

Which of the following access control functions is LEAST likely to be performed by a database management system (DBMS) software package? A. User access to field data B. User sign-on at the network level C. User authentication at the program level D. User authentication at the transaction level

1 Answers  

---

Which of the following is a check (control) for completeness? A. Check digits B. Parity bits C. One-for-one checking D. Prerecorded input

1 Answers  

---

With the help of the security officer, granting access to data is the responsibility of: A. data owners. B. programmers. C. system analysts. D. librarians.

1 Answers  

---