IS management has decided to rewrite a legacy customer
relations system using fourth-generation languages (4GLs).
Which of the following risks is MOST often associated with
system development using 4GLs?
A. Inadequate screen/report design facilities
B. Complex programming language subsets
C. Lack of portability across operating systems
D. Inability to perform data intensive operations
- 1 Answers
- 12149 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
4GLs are usually not suitable for data intensive operations.
Instead, they are used mainly for graphic user interface
(GUI) design or as simple query/report generators.
Screen/report design facilities are one of the main
advantages of 4GLs, and 4GLs have simple programming
language subsets. Portability is also one of the main
advantages of 4GLs.
| Is This Answer Correct ? | 30 Yes | 3 No |
The document used by the top management of organizations to delegate authority to the IS audit function is the: A. long-term audit plan. B. audit charter. C. audit planning methodology. D. steering committee minutes.
In a public key infrastructure (PKI), the authority responsible for the identification and authentication of an applicant for a digital certificate (i.e., certificate subjects) is the: A. registration authority (RA). B. issuing certification authority (CA). C. subject CA. D. policy management authority.
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as: A. critical. B. vital. C. sensitive. D. noncritical.
Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.
Authentication is the process by which the: A. system verifies that the user is entitled to input the transaction requested. B. system verifies the identity of the user. C. user identifies himself to the system. D. user indicates to the system that the transaction was processed correctly.
The key difference between a microwave radio system and a satellite radiolink system is that: A. microwave uses line-of-sight and satellite uses transponders during transmission. B. microwave operates through transponders placed on the earth's orbit. C. satellite uses line-of-sight during transmission. D. microwave uses fiber optic cables.
Which of the following procedures should be implemented to help ensure the completeness of inbound transactions via electronic data interchange (EDI)? A. Segment counts built into the transaction set trailer B. A log of the number of messages received, periodically verified with the transaction originator C. An electronic audit trail for accountability and tracking D. Matching acknowledgement transactions received to the log of EDI messages sent
When reviewing the implementation of a LAN the IS auditor should FIRST review the: A. node list. B. acceptance test report. C. network diagram. D. user's list.
Which of the following satisfies a two-factor user authentication? A. Iris scanning plus finger print scanning B. Terminal ID plus global positioning system (GPS) C. A smart card requiring the user's PIN D. User ID along with password
An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions should the IS auditor take? A. Personally delete all copies of the unauthorized software. B. Inform auditee of the unauthorized software, and follow up to confirm deletion. C. Report the use of the unauthorized software to auditee management and the need to prevent recurrence. D. Take no action, as it is a commonly accepted practice and operations management is responsible for monitoring such use.
Disaster recovery planning for a company's computer system usually focuses on: A. operations turnover procedures. B. strategic long-range planning. C. the probability that a disaster will occur. D. alternative procedures to process transactions.
Analysis of which of the following would MOST likely enable the IS auditor to determine if a non-approved program attempted to access sensitive data? A. Abnormal job termination reports B. Operator problem reports C. System logs D. Operator work schedules
Cisco Certifications 
