Interested to Buy Any Domain ? << Click Here >> for more details...
To review access to ceratin data base to determine whether
the "new user" forms were correctly authorized. This is an
example of:
- 4 Answers
- 7080 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / bbb
A. variable sampling.
B. auditor sampling.
C. compliance testing.
D. substantive testing.
| Is This Answer Correct ? | 0 Yes | 0 No |
To prevent unauthorized entry to the data maintained in a dial-up fast response system, an IS auditor should recommend: A. online terminals be placed in restricted areas. B. online terminals be equipped with key locks. C. ID cards be required to gain access to online terminals. D. online access be terminated after three unsuccessful attempts.
Which of the following is the MOST effective control procedure for security of a stand-alone small business computer environment? A. Supervision of computer usage B. Daily management review of the trouble log C. Storage of computer media in a locked cabinet D. Independent review of an application system design
An organization is proposing to install a single sign-on facility giving access to all systems. The organization should be aware that: A. Maximum unauthorized access would be possible if a password is disclosed. B. User access rights would be restricted by the additional security parameters. C. The security administrator?s workload would increase. D. User access rights would be increased.
Which of the following is a substantive test?
Separation of duties between computer opeartors and other data processing personnel is intended to: A. Prevent unauthorized modifications to program or data. B. Reduce overall cost of operations C. Allow operators to concentrate on their assigned duties D. Restrict operator access to data
Which of the following is LEAST likely to be contained in a digital certificate for the purposes of verification by a trusted third party (TTP)/certification authority (CA)? A. Name of the TTP/CA B. Public key of the sender C. Name of the public key holder D. Time period for which the key is valid
In which of the following phases of the system development life cycle (SDLC) is it the MOST important for the IS auditor to participate? A. Design B. Testing C. Programming D. Implementation
The security level of a private key system depends on the number of: A. encryption key bits. B. messages sent. C. keys. D. channels used.
Which of the following controls would be the MOST comprehensive in a remote access network with multiple and diverse subsystems? A. Proxy server B. Firewall installation C. Network administrator D. Password implementation and administration
Which of the following audit procedures would MOST likely be used in an audit of a systems development project? A. Develop test transactions B. Use code comparison utilities C. Develop audit software programs D. Review functional requirements documentation
An IS auditor performing an application maintenance audit would review the log of program changes for the: A. authorization for program changes. B. creation date of a current object module. C. number of program changes actually made. D. creation date of a current source program.
To check the performance of flow and error control, an IS auditor should focus the use of a protocol analyzer on which of the following layers? A. Network B. Transport C. Data link D. Application
Cisco Certifications 
