The MOST effective method of preventing unauthorized use of
data files is:
A. automated file entry.
B. tape librarian.
C. access control software.
D. locked library.
- 1 Answers
- 7800 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Access control software is an active control designed to
prevent unauthorized access to data.
| Is This Answer Correct ? | 6 Yes | 1 No |
Which of the following is critical to the selection and acquisition of the correct operating system software? A. Competitive bids B. User department approval C. Hardware-configuration analysis D. Purchasing department approval
A validation which ensures that input data are matched to predetermined reasonable limits or occurrence rates, is known as: A. Reasonableness check. B. Validity check. C. Existence check. D. Limit check.
Information requirement definitions, feasibility studies and user requirements are significant considerations when: A. defining and managing service levels. B. identifying IT solutions. C. managing changes. D. assessing internal IT control.
An IS auditor evaluating data integrity in a transaction driven system environment should review atomicity, to determine whether: A. the database survives failures (hardware or software). B. each transaction is separated from other transactions. C. integrity conditions are maintained. D. a transaction is completed or not, or a database is updated or not.
Which of the following can be used to verify output results and control totals by matching them against the input data and control totals? A. Batch header forms B. Batch balancing C. Data conversion error corrections D. Access controls over print spools
Which of the following physical access controls would provide the highest degree of security over unauthorized access? A. Bolting door lock B. Cipher lock C. Electronic door lock D. Fingerprint scanner
The extent to which data will be collected during an IS audit should be determined, based on the: A. availability of critical and required information. B. auditor's familiarity with the circumstances. C. auditee's ability to find relevant evidence. D. purpose and scope of the audit being done.
Without compensating controls, which of the following functions would represent a risk if combined with that of a system analyst? A. Application programming B. Data entry C. Quality assurance D. Database administrator
An IS auditor is assigned to help design the data security aspects of an application under development. Which of the following provides the MOST reasonable assurance that corporate assets are protected when the application is certified for production? A. A review conducted by the internal auditor B. A review conducted by the assigned IS auditor C. Specifications by the user on the depth and content of the review D. An independent review conducted by another equally experienced IS auditor
When reviewing the implementation of a LAN the IS auditor should FIRST review the: A. node list. B. acceptance test report. C. network diagram. D. user's list.
An IS auditor should use statistical sampling and not judgmental (nonstatistical) sampling, when: A. the probability of error must be objectively quantified. B. the auditor wants to avoid sampling risk. C. generalized audit software is unavailable. D. the tolerable error rate cannot be determined.
Which of the following would be the LEAST important aspect of a business continuity plan? A. Redundant facilities B. Relocation procedures C. Adequate insurance coverage D. Current and available business continuity manual
Cisco Certifications 
