Interested to Buy Any Domain ? << Click Here >> for more details...
A company has implemented a new client-server enterprise
resource planning (ERP) system. Local branches transmit
customer orders to a central manufacturing facility. Which
of the following would BEST ensure that the orders are
entered accurately and the corresponding products are produced?
A. Verifying production to customer orders
B. Logging all customer orders in the ERP system
C. Using hash totals in the order transmitting process
D. Approving (production supervisor) orders prior to production
- 1 Answers
- 9754 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Verification will ensure that production orders match
customer orders. Logging can be used to detect inaccuracies,
but does not in itself guarantee accurate processing. Hash
totals will ensure accurate order transmission, but not
accurate processing centrally. Production supervisory
approval is a time consuming manual process that does not
guarantee proper control.
| Is This Answer Correct ? | 4 Yes | 0 No |
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
Which of the following is a measure of the size of an information system based on the number and complexity of a system's inputs, outputs and files? A. Program evaluation review technique (PERT) B. Rapid application development (RAD) C. Function point analysis (FPA) D. Critical path method (CPM)
The FIRST step in data classification is to: A. establish ownership. B. perform a criticality analysis. C. define access rules. D. create a data dictionary.
Which of the following types of firewalls provide the GREATEST degree and granularity of control? A. Screening router B. Packet filter C. Application gateway D. Circuit gateway
Automated teller machines (ATMs) are a specialized form of a point-of-sale terminal that: A. allows for cash withdrawal and financial deposits only. B. are usually located in populous areas to deter theft or vandalism. C. utilizes protected telecommunication lines for data transmissions. D. must include high levels of logical and physical security.
An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical hardware configuration is already established. The IS auditor should: A. take no action as the lack of a current plan is the only significant finding. B. recommend that the hardware configuration at each site should be identical. C. perform a review to verify that the second configuration can support live processing. D. report that the financial expenditure on the alternative site is wasted without an effective plan.
Requiring passwords to be changed on a regular basis, assigning a new one-time password when a user forgets his/hers, and requiring users not to write down their passwords are all examples of: A. audit objectives. B. audit procedures. C. controls objectives. D. control procedures.
Which of the following is necessary to have FIRST in the development of a business continuity plan? A. Risk-based classification of systems B. Inventory of all assets C. Complete documentation of all disasters D. Availability of hardware and software
When auditing a mainframe operating system, what would the IS auditor do to establish which control features are in operation? A. Examine the parameters used when the system was generated B. Discuss system parameter options with the vendor C. Evaluate the systems documentation and installation guide D. Consult the systems programmers
Which of the following should concern an IS auditor when reviewing security in a client-server environment? A. Data is protected by an encryption technique. B. Diskless workstations prevent unauthorized access. C. Ability of users to access and modify the database directly. D. Disabling floppy drives on the users machines.
The PRIMARY objective of an IS audit function is to: A. determine whether everyone uses IS resources according to their job description. B. determine whether information systems safeguard assets, and maintain data integrity. C. examine books of accounts and relative documentary evidence for the computerized system. D. determine the ability of the organization to detect fraud.
Which of the following exposures could be caused by a line-grabbing technique? A. Unauthorized data access B. Excessive CPU cycle usage C. Lockout of terminal polling D. Multiplexor control dysfunction
Cisco Certifications 
