1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

The potential for unauthorized system access by way of
terminals or workstations within an organization's facility
is increased when:

A. connecting points are available in the facility to
connect laptops to the network.

B. users take precautions to keep their passwords confidential.

C. terminals with password protection are located in
unsecured locations.

D. terminals are located within the facility in small
clusters under the supervision of an administrator.

Question Posted / guest


The potential for unauthorized system access by way of terminals or workstations within an organiza..

Answer / guest

Answer: A

Any person with wrongful intentions can connect a laptop to
the network. The unsecured connecting points make
unauthorized access possible if the individual has knowledge
of a valid user id and password. The other choices are
controls for preventing unauthorized network access. If
system passwords are not readily available for intruders to
use, they must guess, which introduces an additional factor
and requires time. System passwords provide protection
against unauthorized use of terminals located in unsecured
locations. Supervision is a very effective control when used
to monitor access to a small operating unit or production
resources.

Is This Answer Correct ?    9 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

A key element in a risk analysis is/are: A. audit planning. B. controls. C. vulnerabilities. D. liabilities.

1 Answers  

IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.

1 Answers  

An audit charter should: A. be dynamic and change often to coincide with the changing nature of technology and the audit profession. B. clearly state audit objectives for the delegation of authority for the maintenance and review of internal controls. C. document the audit procedures designed to achieve the planned audit objectives. D. outline the overall authority, scope and responsibilities of the audit function.

2 Answers  

A primary function of risk management is the identification of cost-effective controls. In selecting appropriate controls, which of the following methods is best to study the effectiveness of adding various safeguards in reducing vulnerabilities? A. "What if" analysis B. Traditional cost/benefit analysis C. Screening analysis D. A "back-of-the-envelope" analysis

1 Answers  

Which of the following is the MOST effective technique for providing security during data transmission? A. Communication log B. Systems software log C. Encryption D. Standard protocol

1 Answers  




Which of the following is the MOST important consideration when developing a business continuity plan for a bank? A. Antivirus software B. Naming standards C. Customer balance list D. Password policy

1 Answers  

Which tests is an IS auditor performing when certain program is selected to determine if the source and object versions are the same?

4 Answers  

Which of the following would be the LEAST helpful in restoring service from an incident currently underway? A. Developing a database repository of past incidents and actions to facilitate future corrective actions B. Declaring the incident, which not only helps to carry out corrective measures, but also improves the awareness level C. Developing a detailed operations plan that outlines specific actions to be taken to recover from an incident D. Establishing multidisciplinary teams consisting of executive management, security staff, information systems staff, legal counsel, public relations, etc., to carry out the response.

2 Answers  

An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity

1 Answers  

Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code

1 Answers  

While developing a risk-based audit program, which of the following would the IS auditor MOST likely focus on? A. Business processes B. Critical IT applications C. Corporate objectives D. Business strategies

3 Answers   CISA,

A probable advantage to an organization that has outsourced its data processing services is that: A. needed IS expertise can be obtained from the outside. B. greater control can be exercised over processing. C. processing priorities can be established and enforced internally. D. greater user involvement is required to communicate user needs.

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)