1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

An IS auditor performing a telecommunication access control
review should be concerned PRIMARILY with the:

A. maintenance of access logs of usage of various system
resources.

B. authorization and authentication of the user prior to
granting access to system resources.

C. adequate protection of stored data on servers by
encryption or other means.

D. accountability system and the ability to identify any
terminal accessing system resources.

Question Posted / guest

Answers were Sorted based on User's Feedback



An IS auditor performing a telecommunication access control review should be concerned PRIMARILY wi..

Answer / guest

Answer: B

The authorization and authentication of users is the most
significant aspect in a telecommunications access control
review as it is a preventive control. Weak controls at this
level can affect all other aspects. The maintenance of
access logs of usage of system resources is a detective
control. The adequate protection of data being transmitted
to and from servers by encryption or other means is a method
of protecting information during transmission and is not an
access issue. The accountability system and the ability to
identify any terminal accessing system resources deal with
controlling access through the identification of a terminal.

Is This Answer Correct ?    9 Yes 0 No

An IS auditor performing a telecommunication access control review should be concerned PRIMARILY wi..

Answer / antoine

B. authorization and authentication of the user prior to
granting access to system resources.

Is This Answer Correct ?    2 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is best ensured by: A. database integrity checks. B. validation checks. C. input controls. D. database commits and rollbacks.

1 Answers  

Requiring passwords to be changed on a regular basis, assigning a new one-time password when a user forgets his/hers, and requiring users not to write down their passwords are all examples of: A. audit objectives. B. audit procedures. C. controls objectives. D. control procedures.

1 Answers  

Losses can be minimized MOST effectively by using outside storage facilities to do which of the following? A. Provide current, critical information in backup files B. Ensure that current documentation is maintained at the backup facility C. Test backup hardware D. Train personnel in backup procedures

1 Answers  

IS auditors are MOST likely to perform compliance tests of internal controls if, after their initial evaluation of the controls, they conclude that: A. a substantive test would be too costly. B. the control environment is poor. C. inherent risk is low. D. control risks are within the acceptable limits.

2 Answers  

To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is: A. during data preparation. B. in transit to the computer. C. between related computer runs. D. during the return of the data to the user department.

2 Answers  




Which of the following types of firewalls provide the GREATEST degree and granularity of control? A. Screening router B. Packet filter C. Application gateway D. Circuit gateway

1 Answers  

Which of the following would normally be found in application run manuals? A. Details of source documents B. Error codes and their recovery actions C. Program flowcharts and file definitions D. Change records for the application source code

1 Answers  

Which of the following data entry controls provides the GREATEST assurance that the data is entered correctly? A. Using key verification B. Segregating the data entry function from data entry verification C. Maintaining a log/record detailing the time, date, employee's initials/user id and progress of various data preparation and verification tasks D. Adding check digits

2 Answers  

Receiving an EDI transaction and passing it through the communications interface stage usually requires: A. translating and unbundling transactions. B. routing verification procedures. C. passing data to the appropriate application system. D. creating a point of receipt audit log.

1 Answers  

Which of the following is intended to detect the loss or duplication of input? A. Hash totals B. Check digits C. Echo checks D. Transaction codes

1 Answers  

In a business continuity plan, there are several methods of providing telecommunication continuity. One method is diverse routing which involves: A. providing extra capacity with the intent of using the surplus capacity should the normal primary transmission capability not be available. B. routing information via other alternate media such as copper cable or fiber optics. C. providing diverse long-distance network availability utilizing T-1 circuits among the major long-distance carriers. D. routing traffic through split-cable facilities or duplicate-cable facilities.

2 Answers   CISA,

Which of the following is the PRIMARY safeguard for securing software and data within an information processing facility? A. Security awareness B. Reading the security policy C. Security committee D. Logical access controls

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)