Interested to Buy Any Domain ? << Click Here >> for more details...
IS management has recently informed the IS auditor of its
decision to disable certain referential integrity controls
in the payroll system to provide users with a faster report
generator. This will MOST likely increase the risk of:
A. data entry by unauthorized users.
B. a nonexistent employee being paid.
C. an employee receiving an unauthorized raise.
D. duplicate data entry by authorized users.
- 2 Answers
- 8409 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: B
Referential integrity controls prevent the occurrence of
unmatched foreign key values. Given that a nonexistent
employee does not appear in the employees' table, it will
never have a corresponding entry in the salary payments
table. The other choices cannot be detected by referential
integrity controls.
| Is This Answer Correct ? | 3 Yes | 0 No |
A company performs full backup of data and programs on a regular basis. The primary purpose of this practice is to: A. maintain data integrity in the applications. B. restore application processing after a disruption. C. prevent unauthorized changes to programs and data. D. ensure recovery of data processing in case of a disaster.
Which of the following provisions in a contract for external information systems services would an IS auditor consider to be LEAST significant? A. Ownership of program and files B. Statement of due care and confidentiality C. Continued service of outsourcer in the event of a disaster D. Detailed description of computer hardware used by the vendor
Business continuity/disaster recovery is PRIMARILY the responsibility of: A. IS management. B. business unit managers. C. the security administrator. D. the board of directors.
Which of the following functions, if performed by scheduling and operations personnel, would be in conflict with a policy requiring a proper segregation of duties? A. Job submission B. Resource management C. Code correction D. Output distribution
With reference to the risk management process, which of the following statements is correct? A. Vulnerabilities can be exploited by a threat. B. Vulnerabilities are events with the potential to cause harm to IS resources. C. Vulnerability exists because of threats associated with use of information resources. D. Lack of user knowledge is an example of a threat.
A hub is a device that connects: A. two LANs using different protocols. B. a LAN with a WAN. C. a LAN with a metropolitan area network (MAN). D. two segments of a single LAN.
In a risk-based audit approach, an IS auditor, in addition to risk, would be influenced by: A. the availability of CAATs. B. management's representation. C. organizational structure and job responsibilities. D. the existence of internal and operational controls
An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical hardware configuration is already established. The IS auditor should: A. take no action as the lack of a current plan is the only significant finding. B. recommend that the hardware configuration at each site should be identical. C. perform a review to verify that the second configuration can support live processing. D. report that the financial expenditure on the alternative site is wasted without an effective plan.
Which of the following is the MOST important issue to the IS auditor in a business process re-engineering (BPR) project would be? A. The loss of middle management, which often is a result of a BPR project B. That controls are usually given low priority in a BPR project C. The considerable negative impact that information protection could have on BPR D. The risk of failure due to the large size of the task usually undertaken in a BPR project
Which of the following is a strength of the program evaluation review technique (PERT) over other techniques? PERT: A. considers different scenarios for planning and control projects. B. allows the user to input program and system parameters. C. tests system maintenance processes accurately. D. estimates costs of system projects.
Which of the following components is responsible for the collection of data in an intrusion detection system (IDS)? A. Analyzer B. Administration console C. User interface D. Sensor
The security level of a private key system depends on the number of: A. encryption key bits. B. messages sent. C. keys. D. channels used.
Cisco Certifications 
