Interested to Buy Any Domain ? << Click Here >> for more details...
A data center has a badge-entry system. Which of the
following is MOSTimportant to protect the computing assets
in the center?
A. Badge readers are installed in locations where tampering
would be noticed
B. The computer that controls the badge system is backed up
frequently
C. A process for promptly deactivating lost or stolen badges
exists
D. All badge entry attempts are logged
- 5 Answers
- 9722 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / baboo
The badge entry system is an access control mecahnism, which helps protect company assest by providing access based on business needs. The process of removing logical access when the badge is lost/employee leaves the organisation, contributes MOST to protection of assets.
Choice A, Tampering of badges is very difficult practically and may not be a feasible option.
Choice D, Logging is not a control. Reviewing logs is a control.
Backing up badge system is would not protect the organisation assets.
| Is This Answer Correct ? | 8 Yes | 1 No |
Answer / abir
C. A process for promptly deactivating lost or stolen badges exists
| Is This Answer Correct ? | 1 Yes | 0 No |
Answer / dinesh
The choices A,C and D are important to protect the assets
in data center. The question might be Which one is "Least
important". Kindly clarify.
| Is This Answer Correct ? | 0 Yes | 2 No |
Answer / guest
Choice D appears to be the appropriate answer in the sense that all badge entry attempts, successful or not are logged. This log can be reviewed for any malicious attempt to access the data center
| Is This Answer Correct ? | 0 Yes | 4 No |
Answer / s.arun
The computer that controls the badge system is backed up
frequently
| Is This Answer Correct ? | 0 Yes | 6 No |
The potential for unauthorized system access by way of terminals or workstations within an organization's facility is increased when: A. connecting points are available in the facility to connect laptops to the network. B. users take precautions to keep their passwords confidential. C. terminals with password protection are located in unsecured locations. D. terminals are located within the facility in small clusters under the supervision of an administrator.
Which of the following can be used to verify output results and control totals by matching them against the input data and control totals? A. Batch header forms B. Batch balancing C. Data conversion error corrections D. Access controls over print spools
When reviewing a business process reengineering (BPR) project, which of the following is the MOST important for an IS auditor to evaluate? A. The impact of removed controls. B. The cost of new controls. C. The BPR project plans. D. The continuous improvement and monitoring plans.
A MAJOR risk of using single sign-on (SSO) is that it: A. has a single authentication point. B. represents a single point of failure. C. causes an administrative bottleneck. D. leads to a lockout of valid users.
E-cash is a form of electronic money that: A. can be used over any computer network. B. utilizes reusable e-cash coins to make payments. C. does not require the use of an Internet digital bank. D. contains unique serial numbering to track the identity of the buyer.
A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it:
A proposed transaction processing application will have many data capture sources and outputs in both paper and electronic form. To ensure that transactions are not lost during processing, the IS auditor should recommend the inclusion of: A. validation controls. B. internal credibility checks. C. clerical control procedures. D. automated systems balancing.
An Internet-based attack using password sniffing can: A. enable one party to act as if they are another party. B. cause modification to the contents of certain transactions. C. be used to gain access to systems containing proprietary information. D. result in major problems with billing systems and transaction processing agreements.
During which of the following phases in systems development would user acceptance test plans normally be prepared? A. Feasibility study B. Requirements definition C. Implementation planning D. Post-implementation review
An existing system is being extensively enhanced by extracting and reusing design and program components. This is an example of: A. reverse engineering. B. prototyping. C. software reuse. D. reengineering.
Which of the following is the MOST important criterion for the selection of a location for an offsite storage facility for IS backup files? The offsite facility must be: A. physically separated from the data center and not subject to the same risks. B. given the same level of protection as that of the computer data center. C. outsourced to a reliable third party. D. equipped with surveillance capabilities.
IS auditors who have participated in the development of an application system might have their independence impaired if they: A. perform an application development review. B. recommend control and other system enhancements. C. perform an independent evaluation of the application after its implementation. D. are involved actively in the design and implementation of the application system.
Cisco Certifications 
