Interested to Buy Any Domain ? << Click Here >> for more details...
The PRIMARY advantage of a continuous audit approach is that it:
A. does not require an IS auditor to collect evidence on
system reliability while processing is taking place.
B. requires the IS auditor to review and follow up
immediately on all information collected.
C. can improve system security when used in time-sharing
environments that process a large number of transactions.
D. does not depend on the complexity of an organization's
computer systems.
- 3 Answers
- 12431 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: C
The use of continuous auditing techniques can actually
improve system security when used in time-sharing
environments that process a large number of transactions,
but leave a scarce paper trail. Choice A is incorrect since
the continuous audit approach often does require an IS
auditor to collect evidence on system reliability while
processing is taking place. Choice B is incorrect since an
IS auditor normally would review and follow up only on
material deficiencies or errors detected. Choice D is
incorrect since the use of continuous audit techniques does
depend on the complexity of an organization's computer systems.
| Is This Answer Correct ? | 12 Yes | 0 No |
Answer / antoine
C. can improve system security when used in time-sharing
environments that process a large number of transactions
| Is This Answer Correct ? | 7 Yes | 0 No |
Answer / lorie
The correct answer is B per ISACA database: B. Continuous audit allows audit and response to audit issues in a timely manner because audit findings are gathered in near real time
| Is This Answer Correct ? | 0 Yes | 0 No |
52. Which of the following tests confirm that the new system can operate in its target environment?
An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning
Which of the following should be of MOST concern to an IS auditor? A. Lack of reporting of a successful attack on the network B. Failure to notify police of an attempted intrusion C. Lack of periodic examination of access rights D. Lack of notification to the public of an intrusion
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
The implementation of cost-effective controls in an automated system is ultimately the responsibility of the: A. system administrator. B. quality assurance function. C. business unit management. D. chief of internal audit.
Authentication is the process by which the: A. system verifies that the user is entitled to input the transaction requested. B. system verifies the identity of the user. C. user identifies himself to the system. D. user indicates to the system that the transaction was processed correctly.
A long-term IS employee with a strong technical background and broad managerial experience has applied for a vacant position in the IS audit department. Determining whether to hire this individual for this position should be based on the individual's experience and: A. the length of service since this will help ensure technical competence. B. age as training in audit techniques may be impractical. C. IS knowledge since this will bring enhanced credibility to the audit function. D. ability, as an IS auditor, to be independent of existing IS relationships.
Which of the following would be the LEAST helpful in restoring service from an incident currently underway? A. Developing a database repository of past incidents and actions to facilitate future corrective actions B. Declaring the incident, which not only helps to carry out corrective measures, but also improves the awareness level C. Developing a detailed operations plan that outlines specific actions to be taken to recover from an incident D. Establishing multidisciplinary teams consisting of executive management, security staff, information systems staff, legal counsel, public relations, etc., to carry out the response.
An audit charter should: A. be dynamic and change often to coincide with the changing nature of technology and the audit profession. B. clearly state audit objectives for the delegation of authority for the maintenance and review of internal controls. C. document the audit procedures designed to achieve the planned audit objectives. D. outline the overall authority, scope and responsibilities of the audit function.
Which of the following is a substantive audit test? A. Verifying that a management check has been performed regularly B. Observing that user IDs and passwords are required to sign on the computer C. Reviewing reports listing short shipments of goods received D. Reviewing an aged trial balance of accounts receivable
A dry-pipe fire extinguisher system is a system that uses: A. water, but in which water does not enter the pipes until a fire has been detected. B. water, but in which the pipes are coated with special watertight sealants. C. carbon dioxide instead of water. D. halon instead of water.
An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.
Cisco Certifications 
