Interested to Buy Any Domain ? << Click Here >> for more details...
An organization is proposing to install a single sign-on
facility giving access to all systems. The organization
should be aware that:
A. Maximum unauthorized access would be possible if a
password is disclosed.
B. User access rights would be restricted by the additional
security parameters.
C. The security administrator?s workload would increase.
D. User access rights would be increased.
- 1 Answers
- 10518 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
If a password is disclosed when single sign-on is enabled,
there is a risk that unauthorized access to all systems will
be possible. User access rights should remain unchanged by
single sign-on as additional security parameters are not
necessarily implemented. One of the intended benefits of
single sign-on is that security administration would be
simplified and an increased workload is unlikely.
| Is This Answer Correct ? | 10 Yes | 0 No |
Is it appropriate for an IS auditor from a company that is considering outsourcing its IS processing to request and review a copy of each vendor's business continuity plan? A. Yes, because the IS auditor will evaluate the adequacy of the service bureau's plan and assist his/her company in implementing a complementary plan. B. Yes, because, based on the plan, the IS auditor will evaluate the financial stability of the service bureau and its ability to fulfill the contract. C. No, because the backup to be provided should be specified adequately in the contract. D. No, because the service bureau's business continuity plan is proprietary information.
While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/back up at an offsite location would be: A. shadow file processing. B. electronic vaulting. C. hard-disk mirroring. D. hot-site provisioning.
Which of the following audit procedures would MOST likely be used in an audit of a systems development project? A. Develop test transactions B. Use code comparison utilities C. Develop audit software programs D. Review functional requirements documentation
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
Which of the following is a control over database administration activities? A. A database checkpoint to restart processing after a system failure B. Database compression to reduce unused space C. Supervisory review of access logs D. Backup and recovery procedures to ensure database availability
A data warehouse is: A. object orientated. B. subject orientated. C. departmental specific. D. a volatile databases.
The application test plans are developed in which of the following systems development life cycle (SDLC) phases? A. Design B. Testing C. Requirement D. Development
The primary goal of a web site certificate is: A. authentication of the web site to be surfed through. B. authentication of the user who surfs through that site. C. preventing surfing of the web site by hackers. D. the same purpose as that of a digital certificate.
Functionality is a characteristic associated with evaluating the quality of software products throughout their lifecycle, and is BEST described as the set of attributes that bear on the: A. existence of a set of functions and their specified properties. B. ability of the software to be transferred from one environment to another. C. capability of software to maintain its level of performance under stated conditions. D. relationship between the performance of the software and the amount of resources used.
Which of the following is the MOST important reason for an IS auditor to be involved in a system development project? A. Evaluate the efficiency of resource utilization. B. Develop audit programs for subsequent audits of the system. C. Evaluate the selection of hardware to be used by the system. D. Ensure that adequate controls are built into the system during development.
An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely: A. check to ensure the type of transaction is valid for that card type. B. verify the format of the number entered then locate it on the database. C. ensure that the transaction entered is within the cardholder's credit limit. D. confirm that the card is not shown as lost or stolen on the master file.
According to the Committee of Sponsoring Organizations (COSO), the internal control framework consists of which of the following? A. Processes, people, objectives. B. Profits, products, processes. C. Costs, revenues, margins. D. Return on investment, earnings per share, market share.
Cisco Certifications 
