Which of the following exposures could be caused by a
line-grabbing technique?
A. Unauthorized data access
B. Excessive CPU cycle usage
C. Lockout of terminal polling
D. Multiplexor control dysfunction
- 1 Answers
- 24889 Views
- Samsung, I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Line grabbing will enable eavesdropping, thus allowing
unauthorized data access. It will not necessarily cause
multiplexor dysfunction, excessive CPU usage or lockout of
terminal polling.
| Is This Answer Correct ? | 93 Yes | 4 No |
Which of the following is the MOST effective means of determining which controls are functioning properly in an operating system? A. Consulting with the vendor B. Reviewing the vendor installation guide C. Consulting with the system programmer D. Reviewing the system generation parameters
Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with an organization's change control procedures? A. Review software migration records and verify approvals. B. Identify changes that have occurred and verify approvals. C. Review change control documentation and verify approvals. D. Ensure that only appropriate staff can migrate changes into production.
When implementing continuous monitoring systems an IS auditor's first step is to identify: A. reasonable target thresholds. B. high-risk areas within the organization. C. the location and format of output files. D. applications that provide the highest potential payback.
Which of the following access control functions is LEAST likely to be performed by a database management system (DBMS) software package? A. User access to field data B. User sign-on at the network level C. User authentication at the program level D. User authentication at the transaction level
Passwords should be: A. assigned by the security administrator. B. changed every 30 days at the discretion of the user. C. reused often to ensure the user does not forget the password. D. displayed on the screen so that the user can ensure that it has been entered properly.
Which of the following would normally be found in application run manuals? A. Details of source documents B. Error codes and their recovery actions C. Program flowcharts and file definitions D. Change records for the application source code
When conducting a review of business process re-engineering, an IS auditor found that a key preventive control had been removed. In this case, the IS auditor should: A. inform management of the finding and determine if management is willing to accept the potential material risk of not having that preventing control. B. determine if a detective control has replaced the preventive control during the process and if so, not report the removal of the preventive control. C. recommend that this and all control procedures that existed before the process was reengineered be included in the new process. D. develop a continuous audit approach to monitor the effects of the removal of the preventive control.
The PRIMARY purpose of undertaking a parallel run of a new system is to: A. verify that the system provides required business functionality. B. validate the operation of the new system against its predecessor. C. resolve any errors in the program and file interfaces. D. verify that the system can process the production load.
Which of the following physical access controls would provide the highest degree of security over unauthorized access? A. Bolting door lock B. Cipher lock C. Electronic door lock D. Fingerprint scanner
The use of coding standards is encouraged by IS auditors because they: A. define access control tables. B. detail program documentation. C. standardize dataflow diagram methodology. D. ensure compliance with field naming conventions.
Which of the following would be the BEST population to take a sample from when testing program changes? A. Test library listings B. Source program listings C. Program change requests D. Production library listings
Which of the following implementation modes would provide the GREATEST amount of security for outbound data connecting to the Internet? A. Transport mode with authentication header plus encapsulating security payload (ESP) B. Secure socket layer (SSL) mode C. Tunnel mode with AH plus ESP D. Triple-DES encryption mode
Cisco Certifications 
