Answer / guest

Answer: A

"The objective of a vulnerability assessment is to find the
security holds in the computers and elements analyzed and
its intent is not to damage the infrastructure. The intent
of penetration testing is to imitate a hacker's activities
and determine how far they could go into the network. They
are not the same

they have different approaches. Vulnerability assessments
and penetration testing can be executed both by automated or
manual tools or processes and can be executed by commercial
or free tools."

Which of the following is the most important element in the design of a data warehouse? A. Quality of the metadata B. Speed of the transactions C. Volatility of the data D. Vulnerability of the system

1 Answers  

---

Which of the following line media would provide the BEST security for a telecommunication network? A. Broad band network digital transmission B. Baseband network C. Dial-up D. Dedicated lines

1 Answers  

---

Involvement of senior management is MOST important in the development of: A. strategic plans. B. IS policies. C. IS procedures. D. standards and guidelines.

1 Answers  

---

Which of the following components of a business continuity plan is PRIMARILY the responsibility of an organization?s IS department? A. Developing the business continuity plan B. Selecting and approving the strategy for business continuity plan C. Declaring a disaster D. Restoring the IS systems and data after a disaster

1 Answers  

---

The BEST method of proving the accuracy of a system tax calculation is by: A. detailed visual review and analysis of the source code of the calculation programs. B. recreating program logic using generalized audit software to calculate monthly totals. C. preparing simulated transactions for processing and comparing the results to predetermined results. D. automatic flowcharting and analysis of the source code of the calculation programs.

2 Answers  

---

While developing a risk-based audit program, which of the following would the IS auditor MOST likely focus on? A. Business processes B. Critical IT applications C. Corporate objectives D. Business strategies

3 Answers   CISA,

---

Which of the ISO/OSI model layers provides for routing packets between nodes? A. Data link B. Network C. Transport D. Session

1 Answers   Network,

---

Which of the following is a management technique that enables organizations to develop strategically important systems faster while reducing development costs and maintaining quality? A. Function point analysis B. Critical path methodology C. Rapid application development D. Program evaluation review technique

1 Answers  

---

Congestion control is BEST handled by which OSI layer? A. Data link B. Session layer C. Transport layer D. Network layer

3 Answers  

---

Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports

1 Answers  

---

An IS auditor is conducting substantive audit tests of a new accounts receivable module. The IS auditor has a tight schedule and limited computer expertise. Which would be the BEST audit technique to use in this situation? A. Test data B. Parallel simulation C. Integrated test facility D. Embedded audit module

1 Answers  

---

Which of the following systems-based approaches would a financial processing company employ to monitor spending patterns to identify abnormal patterns and report them? A. A neural network B. Database management software C. Management information systems D. Computer assisted audit techniques

2 Answers  

---