One of the purposes of library control software is to allow:
A. programmers access to production source and object libraries.
B. batch program updating.
C. operators to update the control library with the
production version before testing is completed.
D. read-only access to source code.
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
An important purpose of library control software is to allow
read-only access to source code. Choices A, B, and C are
activities which library control software should help to
prevent or prohibit.
Is This Answer Correct ? | 30 Yes | 0 No |
Answer / hemant kumar
The Library Control Procedure's primary purpose is to
provide protection & security for the source code that is
under development. Test objects are also controlled by the
library control procedure. Maintaining separate sets of
libraries for each testing level is one of the most
efficient methods of protection for any project. Separate
libraries make it easier to identify the different versions
of test-objects by eliminating the chance of confusion.
Transfer request forms are used to authorize transfers
between libraries that require reviews or approvals.
Promotions, demotions and re-promotions of test objects are
actions that are used to transfer test objects between
testing levels.
Is This Answer Correct ? | 10 Yes | 0 No |
While developing a risk-based audit program, which of the following would the IS auditor MOST likely focus on? A. Business processes B. Critical IT applications C. Corporate objectives D. Business strategies
When a new system is to be implemented within a short time frame, it is MOST important to: A. finish writing user manuals. B. perform user acceptance testing. C. add last-minute enhancements to functionalities. D. ensure that code has been documented and reviewed.
Which of the following applet intrusion issues poses the GREATEST risk of disruption to an organization? A. A program that deposits a virus on a client machine B. Applets recording keystrokes and, therefore, passwords C. Downloaded code that reads files on a client's hard drive D. Applets opening connections from the client machine
When a systems development life cycle (SDLC) methodology is inadequate, the MOST serious immediate risk is that the new system will: A. be completed late. B. exceed the cost estimates. C. not meet business and user needs. D. be incompatible with existing systems.
Which of the following is the MOST likely reason why e-mail systems have become a useful source of evidence for litigation? A. Multiple cycles of backup files remain available. B. Access controls establish accountability for e-mail activity. C. Data classification regulates what information should be communicated via e-mail. D. Within the enterprise, a clear policy for using e-mail ensures that evidence is available.
An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls? A. Allow changes to be made only with the DBA user account. B. Make changes to the database after granting access to a normal user account C. Use the DBA user account to make changes, log the changes and review the change log the following day. D. Use the normal user account to make changes, log the changes and review the change log the following day.
The purpose of debugging programs is to: A. generate random data that can be used to test programs before implementing them. B. protect valid changes from being overwritten by other changes during programming. C. define the program development and maintenance costs to be include in the feasibility study. D. ensure that abnormal terminations and coding flaws are detected and corrected.
Of the following, the MAIN purpose for periodically testing offsite backup facilities is to: A. ensure the integrity of the data in the database. B. eliminate the need to develop detailed contingency plans. C. ensure the continued compatibility of the contingency facilities. D. ensure that program and system documentation remains current.
If a database is restored using before-image dumps, where should the process be restarted following an interruption? A. Before the last transaction B. After the last transaction C. The first transaction after the latest checkpoint D. The last transaction before the latest checkpoint
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the: A. hardware is protected against power surges. B. integrity is maintained if the main power is interrupted. C. immediate power will be available if the main power is lost. D. hardware is protected against long-term power fluctuations.
LANs: A. protect against virus infection. B. protect against improper disclosure of data. C. provide program integrity from unauthorized changes. D. provide central storage for a group of users.
Which of the following is the MOST critical element of an effective disaster recovery plan (DRP)? A. Offsite storage of backup data B. Up-to-date list of key disaster recovery contacts C. Availability of a replacement data center D. Clearly defined recovery time objective (RTO)