Answer / guest

Answer: B

A retention date will ensure that a file cannot be
overwritten before that date has passed. The retention date
will not affect the ability to read the file. Backup copies
would be expected to have a different retention date and
therefore may well be retained after the file has been
overwritten. The creation date, not the retention date, will
differentiate files with the same name.

An IS auditor performing an application maintenance audit would review the log of program changes for the: A. authorization for program changes. B. creation date of a current object module. C. number of program changes actually made. D. creation date of a current source program.

1 Answers  

---

The review of router access control lists should be conducted during a/an: A. environmental review. B. network security review. C. business continuity review. D. data integrity review.

1 Answers  

---

Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code

1 Answers  

---

Which of the following is the MOST effective means of determining which controls are functioning properly in an operating system? A. Consulting with the vendor B. Reviewing the vendor installation guide C. Consulting with the system programmer D. Reviewing the system generation parameters

1 Answers  

---

In the ISO/OSI model, which of the following protocols is the FIRST to establish security for the user application? A. Session layer. B. Transport layer C. Network layer D. Presentation layer

1 Answers  

---

Before reporting results of an audit to senior management, an IS auditor should: A. Confirm the findings with auditees. B. Prepare an executive summary and send it to auditee management. C. Define recommendations and present the findings to the audit committee. D. Obtain agreement from the auditee on findings and actions to be taken.

1 Answers   TPA,

---

Which of the following independent duties is traditionally performed by the data control group? A. Access to data B. Authorization tables C. Custody of assets D. Reconciliation

1 Answers  

---

The PRIMARY reason for replacing checks (cheques) with EFT systems in the accounts payable area is to: A. make the payment process more efficient. B. comply with international EFT banking standards. C. decrease the number of paper-based payment forms. D. reduce the risk of unauthorized changes to payment transactions.

1 Answers  

---

Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code

2 Answers  

---

The use of a GANTT chart can: A. aid in scheduling project tasks. B. determine project checkpoints. C. ensure documentation standards. D. direct the post-implementation review.

2 Answers  

---

Which of the following provides nonrepudiation services for e-commerce transactions? A. Public key infrastructure (PKI) B. Data encryption standard (DES) C. Message authentication code (MAC) D. Personal identification number (PIN)

1 Answers  

---

The primary role of an IS auditor during the system design phase of an application development project is to: A. advise on specific and detailed control procedures. B. ensure the design accurately reflects the requirement. C. ensure all necessary controls are included in the initial design. D. advise the development manager on adherence to the schedule.

1 Answers  

---