Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor's primary concern when application developers
wish to use a copy of yesterday's production transaction
file for volume tests is that:
A. users may prefer to use contrived data for testing.
B. unauthorized access to sensitive data may result.
C. error handling and credibility checks may not be fully
proven.
D. full functionality of the new process is not necessarily
tested.
- 1 Answers
- 5515 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
Unless the data is sanitized there is the risk of disclosing
sensitive date.
| Is This Answer Correct ? | 5 Yes | 0 No |
Which of the following is a substantive test?
Confidential data stored on a laptop is BEST protected by: A. storage on optical disks. B. logon ID and password. C. data encryption. D. physical locks.
Which of the following is a strength of a client-server security system? A. Change control and change management procedures are inherently strong. B. Users can manipulate data without controlling resources on the mainframe. C. Network components seldom become obsolete. D. Access to confidential data or data manipulation is controlled tightly.
A database administrator is responsible for: A. maintaining the access security of data residing on the computers. B. implementing database definition controls. C. granting access rights to users. D. defining system's data structure.
During an IS audit of the disaster recovery plan (DRP) of a global enterprise, the auditor observes that some remote offices have very limited local IT resources. Which of the following observations would be the MOST critical for the IS auditor? A. A test has not been made to ensure that local resources could maintain security and service standards when recovering from a disaster or incident. B. The corporate business continuity plan (BCP) does not accurately document the systems that exist at remote offices. C. Corporate security measures have not been incorporated into the test plan. D. A test has not been made to ensure that tape backups from the remote offices are usable.
When a new system is to be implemented within a short time frame, it is MOST important to: A. finish writing user manuals. B. perform user acceptance testing. C. add last-minute enhancements to functionalities. D. ensure that code has been documented and reviewed.
An IS auditor's primary concern when application developers wish to use a copy of yesterday's production transaction file for volume tests is that: A. users may prefer to use contrived data for testing. B. unauthorized access to sensitive data may result. C. error handling and credibility checks may not be fully proven. D. full functionality of the new process is not necessarily tested.
LANs: A. protect against virus infection. B. protect against improper disclosure of data. C. provide program integrity from unauthorized changes. D. provide central storage for a group of users.
The success of control self-assessment (CSA) depends highly on: A. Having line managers assume a portion of the responsibility for control monitoring. B. Assigning staff managers the responsibility for building, but not monitoring, controls. C. The implementation of stringent control policy and rule- driven controls. D. The implementation of supervision and the monitoring of control assigned duties
WHICH OF THE FOLLOWING IS OFTEN AN ADVANTAGE OF USING PROTOTYPING GOR DYDTEM DVELOPMENT
The BEST overall quantitative measure of the performance of biometric control devices is: A. false rejection rate. B. false acceptance rate. C. equal error rate. D. estimated error rate.
An IS auditor performing a review of the backup processing facilities should be MOST concerned that: A. adequate fire insurance exists. B. regular hardware maintenance is performed. C. offsite storage of transaction and master files exists. D. backup processing facilities are tested fully.
Cisco Certifications 
