Interested to Buy Any Domain ? << Click Here >> for more details...
The reason for having controls in an IS environment:
A. remains unchanged from a manual environment, but the
implemented control features may be different.
B. changes from a manual environment, therefore the
implemented control features may be different.
C. changes from a manual environment, but the implemented
control features will be the same.
D. remains unchanged from a manual environment and the
implemented control features will also be the same.
- 2 Answers
- 7120 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
The internal control objectives apply to all areas, whether
manual or automated. There are additional objectives to be
achieved in the IS environment, when compared to the manual
environment. Common control objectives remain unchanged in
both the IS environment and manual environment, although the
implementation of the control functions may be different in
the IS environment, e.g., the adequacy of backup/recovery in
a common internal control objective for IS and manual
environment. The specific IS control objective may be to
adequately back up the files to allow for proper recovery.
This may be achieved by implementing proper control
procedures, such as business continuity policy, in the IS
department. Therefore, the implementation of the control
functions may be different in the IS environment. But the
common control objectives in an IS environment remains
unchanged from a manual environment.
| Is This Answer Correct ? | 7 Yes | 0 No |
Which of the following security techniques is the BEST method for authenticating a user's identity? A. Smart card B. Biometrics C. Challenge-response token D. User ID and password
Which of the following would be included in an IS strategic plan? A. Specifications for planned hardware purchases B. Analysis of future business objectives C. Target dates for development projects D. Annual budgetary targets for the IS department
Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.
Which of the following is a benefit of using callback devices? A. Provide an audit trail B. Can be used in a switchboard environment C. Permit unlimited user mobility D. Allow call forwarding
Disaster recovery planning addresses the: A. technological aspect of business continuity planning. B. operational piece of business continuity planning. C. functional aspect of business continuity planning. D. overall coordination of business continuity planning.
Which of the following encrypt/decrypt steps provides the GREATEST assurance in achieving confidentiality, message integrity and nonrepudiation by either sender or recipient? A. The recipient uses his/her private key to decrypt the secret key. B. The encrypted pre-hash code and the message are encrypted using a secret key. C. The encrypted pre-hash code is derived mathematically from the message to be sent. D. The recipient uses the sender's public key, verified with a certificate authority, to decrypt the pre-hash code.
The PRIMARY objective of a firewall is to protect: A. internal systems from exploitation by external threats. B. external systems from exploitation by internal threats. C. internal systems from exploitation by internal threats. D. itself and attached systems against being used to attack other systems.
To check the performance of flow and error control, an IS auditor should focus the use of a protocol analyzer on which of the following layers? A. Network B. Transport C. Data link D. Application
Which of the following provides the GREATEST assurance of message authenticity? A. The pre-hash code is derived mathematically from the message being sent. B. The pre-hash code is encrypted using the sender's private key. C. Encryption of the pre-hash code and the message using the secret key. D. Sender attains the recipient's public key and verifies the authenticity of its digital certificate with a certificate authority.
Information for detecting unauthorized input from a terminal would be BEST provided by the: A. console log printout. B. transaction journal. C. automated suspense file listing. D. user error report.
The FIRST step in developing a business continuity plan (BCP) is to: A. classify the importance of systems. B. establish a disaster recovery strategy. C. determine the critical recovery time period. D. perform a risk ranking.
Which of the following risks would be increased by the installation of a database system? A. Programming errors B. Data entry errors C. Improper file access D. Loss of parity
Cisco Certifications 
