The MOST effective method of preventing unauthorized use of
data files is:
A. automated file entry.
B. tape librarian.
C. access control software.
D. locked library.
Answer / guest
Answer: C
Access control software is an active control designed to
prevent unauthorized access to data.
Is This Answer Correct ? | 6 Yes | 1 No |
Which of the following concerns about the security of an electronic message would be addressed by digital signatures? A. Unauthorized reading B. Theft C. Unauthorized copying D. Alteration
Confidential data residing on a PC is BEST protected by: A. a password. B. file encryption. C. removable diskettes. D. a key operated power source.
The PRIMARY benefit of database normalization is the: A. minimization redundancy of information in tables required to satisfy users? needs. B. ability to satisfy more queries. C. maximization of database integrity by providing information in more than one table. D. minimization of response time through faster processing of information.
The risk of an IS auditor using an inadequate test procedure and concluding that material errors do not exist when, in fact, they exist is:
Which of the following is the BEST way to handle obsolete magnetic tapes before disposing of them? A. Overwriting the tapes B. Initializing the tape labels C. Degaussing the tapes D. Erasing the tapes
Digital signatures require the: A. signer to have a public key and the receiver to have a private key. B. signer to have a private key and the receiver to have a public key. C. signer and receiver to have a public key. D. signer and receiver to have a private key.
Separation of duties between computer opeartors and other data processing personnel is intended to: A. Prevent unauthorized modifications to program or data. B. Reduce overall cost of operations C. Allow operators to concentrate on their assigned duties D. Restrict operator access to data
In a risk-based audit approach an IS auditor should FIRST complete a/an: A. inherent risk assessment. B. control risk assessment. C. test of control assessment. D. substantive test assessment.
IS auditors are MOST likely to perform compliance tests of internal controls if, after their initial evaluation of the controls, they conclude that: A. a substantive test would be too costly. B. the control environment is poor. C. inherent risk is low. D. control risks are within the acceptable limits.
Which of the following audit procedures would an IS auditor normally perform FIRST when reviewing an organization's systems development methodology? A. Determine procedural adequacy. B. Analyze procedural effectiveness. C. Evaluate level of compliance with procedures. D. Compare established standards to observed procedures.
When auditing the proposed acquisition of a new computer system, the IS auditor should FIRST establish that: A. a clear business case has been approved by management. B. corporate security standards will be met. C. users will be involved in the implementation plan. D. the new system will meet all required user functionality.
During which phase of a system development process should an IS auditor first raise the issue of application controls? A. Construction B. System design C. Acceptance testing D. Functional specification