Interested to Buy Any Domain ? << Click Here >> for more details...
When auditing a mainframe operating system, what would the
IS auditor do to establish which control features are in
operation?
A. Examine the parameters used when the system was generated
B. Discuss system parameter options with the vendor
C. Evaluate the systems documentation and installation guide
D. Consult the systems programmers
- 1 Answers
- 5784 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
The only way to establish which controls are functioning in
a current operating system is to determine what the
parameter settings were at the time the system was generated
or created (often referred to as the initial program load or
IPL). Although the findings of this exercise may well be
further evaluated by discussion with the vendor, evaluating
the documentation and consulting the systems programmers,
these actions would not, by themselves, establish specific
control features.
| Is This Answer Correct ? | 6 Yes | 1 No |
Which of the following would be the LEAST important aspect of a business continuity plan? A. Redundant facilities B. Relocation procedures C. Adequate insurance coverage D. Current and available business continuity manual
Which of the following is widely accepted as one of the critical components in networking management? A. Configuration management B. Topological mappings C. Application of monitoring tools D. Proxy server trouble shooting
Which of the following is the FIRST step in a business process reengineering (BPR) project? A. Defining the areas to be reviewed B. Developing a project plan C. Understanding the process under review D. Reengineering and streamlining the process under review
Which of the following should be in place to protect the purchaser of an application package in the event that the vendor ceases to trade? A. Source code held in escrow. B. Object code held by a trusted third party. C. Contractual obligation for software maintenance. D. Adequate training for internal programming staff.
The technique used to ensure security in virtual private networks (VPNs) is: A. encapsulation. B. wrapping. C. transform. D. encryption.
During an audit, an IS auditor learns that lengthy and complex passwords are required to reach the network via modem. These passwords were established by an outside provider. The communications software allows users to select a ?remember password? option. What should the IS auditor's PRIMARY recommendation be? A. Disable the save password option and have users record them elsewhere. B. Request that the provider change the dial-in password to a group password. C. Establish and enforce a process to have users change their passwords. D. Allow users to change their passwords to something less complex.
Which of the following would allow a company to extend it?s enterprise?s intranet across the Internet to it?s business partners? A. Virtual private network B. Client-Server C. Dial-Up access D. Network service provider
Which of the following security techniques is the BEST method for authenticating a user's identity? A. Smart card B. Biometrics C. Challenge-response token D. User ID and password
Which of the following is a control to detect an unauthorized change in a production environment? A. Denying programmers access to production data. B. Requiring change request to include benefits and costs. C. Periodically comparing control and current object and source programs. D. Establishing procedures for emergency changes.
An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The IS auditor's report should recommend that: A. the deputy CEO be censured for his failure to approve the plan. B. a board of senior managers be set up to review the existing plan. C. the existing plan be approved and circulated to all key management and staff. D. a manager coordinate the creation of a new or revised plan within a defined time limit.
An organization acquiring other businesses continues using its legacy EDI systems, and uses three separate value added network (VAN) providers. No written VAN agreements exist. The IS auditor should recommend that management: A. obtain independent assurance of the third party service providers. B. set up a process for monitoring the service delivery of the third party. C. ensure that formal contracts are in place. D. consider agreements with third party service providers in the development of continuity plans.
A digital signature contains a message digest to: A. show if the message has been altered after transmission. B. define the encryption algorithm. C. confirm the identity of the originator. D. enable message transmission in a digital format.
Cisco Certifications 
