Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor is auditing the controls relating to employee
termination. Which of the following is the MOST important
aspect to be reviewed?
A. The related company staff are notified about the termination
B. User ID and passwords of the employee have been deleted
C. The details of employee have been removed from active
payroll files
D. Company property provided to the employee has been returned
- 1 Answers
- 7745 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
The highest risk is logical access to information by a
terminated employee. This form of access is possible if the
user id and password of the terminated employee have not
been deleted. If the user id is not disabled or deleted, it
is possible that the employee without physically visiting
the company can access the information. The potential of
loss on account of access to information is much higher,
compared to payment of salary and non-return of company
property.
| Is This Answer Correct ? | 6 Yes | 0 No |
Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks? A. Check digit B. Existence check C. Completeness check D. Reasonableness check
An IS auditor is assigned to help design the data security aspects of an application under development. Which of the following provides the MOST reasonable assurance that corporate assets are protected when the application is certified for production? A. A review conducted by the internal auditor B. A review conducted by the assigned IS auditor C. Specifications by the user on the depth and content of the review D. An independent review conducted by another equally experienced IS auditor
There are several methods of providing telecommunications continuity. The method of routing traffic through split cable or duplicate cable facilities is: A. alternative routing. B. diverse routing. C. long-haul network diversity. D. last mile circuit protection.
Before reporting results of an audit to senior management, an IS auditor should: A. Confirm the findings with auditees. B. Prepare an executive summary and send it to auditee management. C. Define recommendations and present the findings to the audit committee. D. Obtain agreement from the auditee on findings and actions to be taken.
Which of the following data validation edits is effective in detecting transposition and transcription errors? A. Range check B. Check digit C. Validity check D. Duplicate check
With the help of the security officer, granting access to data is the responsibility of: A. data owners. B. programmers. C. system analysts. D. librarians.
Corrective action has been taken by an auditee immediately after the identification of a reportable finding. The auditor should: A. include the finding in the final report because the IS auditor is responsible for an accurate report of all findings. B. not include the finding in the final report because the audit report should include only unresolved findings. C. not include the finding in the final report because corrective action can be verified by the IS auditor during the audit. D. include the finding in the closing meeting for discussion purposes only.
An organization is proposing to install a single sign-on facility giving access to all systems. The organization should be aware that: A. Maximum unauthorized access would be possible if a password is disclosed. B. User access rights would be restricted by the additional security parameters. C. The security administrator?s workload would increase. D. User access rights would be increased.
A company has implemented a new client-server enterprise resource planning (ERP) system. Local branches transmit customer orders to a central manufacturing facility. Which of the following would BEST ensure that the orders are entered accurately and the corresponding products are produced? A. Verifying production to customer orders B. Logging all customer orders in the ERP system C. Using hash totals in the order transmitting process D. Approving (production supervisor) orders prior to production
Which of the following would contribute MOST to an effective business continuity plan (BCP)? The BCP: A. document was circulated to all interested parties. B. planning involved all user departments. C. was approved by senior management. D. was audited by an external IS auditor.
Which of the following BEST describes the role of a systems analyst? A. Defines corporate databases B. Designs systems based on the needs of the user C. Schedules computer resources D. Tests and evaluates programmer and optimization tools
The PKI element that manages the certificate life cycle, including certificate directory maintenance and certificate revocation list (CRL) maintenance and publication is the: A. certificate authority. B. digital certificate. C. certification practice statement. D. registration authority.
Cisco Certifications 
