Interested to Buy Any Domain ? << Click Here >> for more details...
A primary benefit derived from an organization employing
control self-assessment (CSA) techniques is that it:
- 5 Answers
- 13618 Views
- Cognizant, I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Can identify high risk areas that will need detail review
later
| Is This Answer Correct ? | 27 Yes | 1 No |
Answer / bbb
A can identify high-risk areas that might need a detailed
review later.
B. allows IS auditors to independently assess risk.
C. can be used as a replacement for traditional audits.
D. allows management to relinquish responsibility for control.
| Is This Answer Correct ? | 11 Yes | 3 No |
Answer / vijayakumari
empowers staff to take ownership and accountability
| Is This Answer Correct ? | 5 Yes | 1 No |
Answer / a mu
It can be used to identify areas that are high risk and may
need more detailed review later.
| Is This Answer Correct ? | 1 Yes | 0 No |
Which of the following message services provides the strongest protection that a specific action has occurred? A. Proof of delivery B. Nonrepudiation C. Proof of submission D. Message origin authentication
Which of the following processes describes risk assessment? Risk assessment is: A. subjective. B. objective. C. mathematical. D. statistical.
The difference between a vulnerability assessment and a penetration test is that a vulnerability assessment: A. searches and checks the infrastructure to detect vulnerabilities, whereas penetration testing intends to exploit the vulnerabilities to probe the damage that could result from the vulnerabilities. B. and penetration tests are different names for the same activity. C. is executed by automated tools, whereas penetration testing is a totally manual process. D. is executed by commercial tools, whereas penetration testing is executed by public processes.
The PRIMARY objective of a firewall is to protect: A. internal systems from exploitation by external threats. B. external systems from exploitation by internal threats. C. internal systems from exploitation by internal threats. D. itself and attached systems against being used to attack other systems.
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the: A. hardware is protected against power surges. B. integrity is maintained if the main power is interrupted. C. immediate power will be available if the main power is lost. D. hardware is protected against long-term power fluctuations.
During a review of a customer master file an IS auditor discovered numerous customer name duplications arising from variations in customer first names. To determine the extent of the duplication the IS auditor would use: A. test data to validate data input. B. test data to determine system sort capabilities. C. generalized audit software to search for address field duplications. D. generalized audit software to search for account field duplications.
Which of the following is the MOST important objective of data protection? A. Identifying persons who need access to information B. Ensuring the integrity of information C. Denying or authorizing access to the IS system D. Monitoring logical accesses
Which of the following fire suppressant systems would an IS auditor expect to find when conducting an audit of an unmanned computer center? A. Carbon dioxide B. Halon C. Dry-pipe sprinkler D. Wet-pipe sprinkler
Data edits are an example of: A. preventive controls. B. detective controls. C. corrective controls. D. compensating controls.
When a complete segregation of duties cannot be achieved in an online system environment, which of the following functions should be separated from the others? A. Origination B. Authorization C. Recording D. Correction
Which of the following audit procedures would an IS auditor be LEAST likely to include in a security audit? A. Review the effectiveness and utilization of assets. B. Test to determine that access to assets is adequate. C. Validate physical, environmental and logical access policies per job profiles. D. Evaluate asset safeguards and procedures that prevent unauthorized access to the assets.
Which of the following functions, if combined, would be the GREATEST risk to an organization? A. Systems analyst and database administrator B. Quality assurance and computer operator C. Tape librarian and data entry clerk D. Application programmer and tape librarian
Cisco Certifications 
