Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is the PRIMARY safeguard for securing
software and data within an information processing facility?
A. Security awareness
B. Reading the security policy
C. Security committee
D. Logical access controls
- 1 Answers
- 8033 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
To retain a competitive advantage and to meet basic business
requirements, organizations must ensure the integrity of the
information stored on their computer systems, preserve the
confidentiality of sensitive data and ensure the continued
availability of their information systems. To meet these
goals logical access controls must be in place. Awareness
(choice A) itself does not protect against unauthorized
access or disclosure of information. Knowledge of an
information systems security policy (choice B), which should
be known by the organization's employees, would help to
protect information, but would not prevent the unauthorized
access of information. A security committee (choice C) is
key to the protection of information assets, but would
address security issues within a broader perspective.
| Is This Answer Correct ? | 6 Yes | 0 No |
Which of the following issues should be included in the business continuity plan? A. The staff required to maintain critical business functions in the short, medium and long term B. The potential for a natural disaster to occur, such as an earthquake C. Disastrous events impacting information systems processing and end-user functions D. A risk analysis that considers systems malfunctions, accidental file deletions or other failures
One of the purposes of library control software is to allow: A. programmers access to production source and object libraries. B. batch program updating. C. operators to update the control library with the production version before testing is completed. D. read-only access to source code.
Requiring passwords to be changed on a regular basis, assigning a new one-time password when a user forgets his/hers, and requiring users not to write down their passwords are all examples of: A. audit objectives. B. audit procedures. C. controls objectives. D. control procedures.
A manufacturer has been purchasing materials and supplies for its business through an e-commerce application. Which of the following should this manufacturer rely on to prove that the transactions were actually made? A. Reputation B. Authentication C. Encryption D. Nonrepudiation
Which of the following is the MOST effective control procedure for security of a stand-alone small business computer environment? A. Supervision of computer usage B. Daily management review of the trouble log C. Storage of computer media in a locked cabinet D. Independent review of an application system design
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as: A. critical. B. vital. C. sensitive. D. noncritical.
Which of the following is the MOST important function to be performed by IT management within an outsourced environment? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance
Security administration procedures require read-only access to: A. access control tables. B. security log files. C. logging options. D. user profiles.
An IS auditor, performing a review of an application?s controls, discovers a weakness in system software, which could materially impact the application. The IS auditor should: A. Disregard these control weaknesses as a system software review is beyond the scope of this review. B. Conduct a detailed system software review and report the control weaknesses. C. Include in the report a statement that the audit was limited to a review of the application?s controls. D. Review the system software controls as relevant and recommend a detailed system software review.
Which of the following is a control to compensate for a programmer having access to accounts payable production data? A. Processing controls such as range checks and logic edits B. Reviewing accounts payable output reports by data entry C. Reviewing system-produced reports for checks (cheques) over a stated amount D. Having the accounts payable supervisor match all checks (cheques) to approved invoices
An organization is developing a new business system. Which of the following will provide the MOST assurance that the system provides the required functionality? A. Unit testing B. Regression testing C. Acceptance testing D. Integration testing
An IS auditor who is reviewing application run manuals would expect them to contain: A. details of source documents. B. error codes and their recovery actions. C. program logic flowcharts and file definitions. D. change records for the application source code.
Cisco Certifications 
