Involvement of senior management is MOST important in the development of: A. strategic plans. B. IS policies. C. IS procedures. D. standards and guidelines.
1 11005Which of the following would an IS auditor expect to find in a console log? A. Names of system users B. Shift supervisor identification C. System errors D. Data edit errors
1 6442Which of the following is the MOST effective means of determining which controls are functioning properly in an operating system? A. Consulting with the vendor B. Reviewing the vendor installation guide C. Consulting with the system programmer D. Reviewing the system generation parameters
1 7212Analysis of which of the following would MOST likely enable the IS auditor to determine if a non-approved program attempted to access sensitive data? A. Abnormal job termination reports B. Operator problem reports C. System logs D. Operator work schedules
1 4471A tax calculation program maintains several hundred tax rates. The BEST control to ensure that tax rates entered into the program are accurate is: A. an independent review of the transaction listing. B. a programmed edit check to prevent entry of invalid data. C. programmed reasonableness checks with 20 percent data entry range. D. a visual verification of data entered by the processing department.
1 4755An advantage of using sanitized live transactions in test data is that: A. all transaction types will be included. B. every error condition is likely to be tested. C. no special routines are required to assess the results. D. test transactions are representative of live processing.
1 14300Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.
2 5918Which of the following user profiles should be of MOST concern to the IS auditor, when performing an audit of an EFT system? A. Three users with the ability to capture and verifiy their own messages B. Five users with the ability to capturr and send their own messages C. Five users with the ability to verificy other users and to send of their own messages D. Three users with the ability to capture and verifiy the messages of other users and to send their own messages
1 5235Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster? A. The alternate facility will be available until the original information processing facility is restored. B. User management was involved in the identification of critical systems and their associated critical recovery times. C. Copies of the plan are kept at the homes of key decision making personnel. D. Feedback to management assuring them that the business continuity plans are indeed workable and that the procedures are current.
1 4979Which of the following types of firewalls provide the GREATEST degree and granularity of control? A. Screening router B. Packet filter C. Application gateway D. Circuit gateway
1 13173Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users? A. System analysis B. Authorization of access to data C. Application programming D. Data administration
1 4354Which of the following is the PRIMARY reason for involving an IS auditor in the definition of a system's requirements? A. Post-application reviews do not need to be performed. B. Total budgeted system development costs can be reduced. C. It is costly to institute controls after a system becomes operational. D. The extent of user involvement in design activities is reduced.
1 4418The primary purpose of an audit charter is to: A. document the audit process used by the enterprise. B. formally document the audit department's plan of action. C. document a code of professional conduct for the auditor. D. describe the authority and responsibilities of the audit department.
1 12595An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the: A. maintenance of access logs of usage of various system resources. B. authorization and authentication of the user prior to granting access to system resources. C. adequate protection of stored data on servers by encryption or other means. D. accountability system and the ability to identify any terminal accessing system resources.
CISA,
1 4145In regard to moving an application program from the test environment to the production environment, the BEST control would be provided by having the: A. application programmer copy the source program and compiled object module to the production libraries. B. as paul says, C. production control group compile the object module to the production libraries using the source program in the test environment. D. production control group copy the source program to the production libraries and then compile the program.
1 3962
Which protocol you manually enable route summarization?
Which protocol works only on cisco routers?
Frame relay technology works on which layer of osi model?
What is the point-to-point protocol in ccna?
Hub in star topology or bus topology?
Tell me why we use filter option?
What is the function of a router?
windows file/folder sharing ?
Can anybody mail me latest Cog 132 certificate, which is relatd cognos metadata modeling. My email ID is sanyoggupta@rediffmail.com
Tell me which protocol comes under hybrid dynamic type?
Define the virtual channel?
I am complietd DECE passing year 2006. But i am working ht line electrical field in Private textile company. How i can get electrical C liecense. Please clearify my doubt my no.9047566688
How do we handle decimal data error in rpg ?
What is the igp (interior gateway protocol)?
Explain the difference between switch & hub?