Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following controls is LEAST likely to detect
changes made online to master records?
A. Update access to master file is restricted to a
supervisor independent of data entry.
B. Clerks enter updates online and are finalized by an
independent supervisor.
C. An edit listing of all updates is produced daily and
reviewed by an independent supervisor.
D. An update authorization form must be approved by an
independent supervisor before entry.
- 1 Answers
- 4354 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Approval by an independent supervisor prior to entry cannot
control changes made online. All other responses prevent or
detect the circumvention of controls.
| Is This Answer Correct ? | 2 Yes | 0 No |
Which of the following is a technique that could be used to capture network user passwords? A. Encryption B. Sniffing C. Spoofing D. A signed document cannot be altered.
IS auditors, in performing detailed network assessments and access control reviews should FIRST: A. determine the points of entry. B. evaluate users access authorization. C. assess users identification and authorization. D. evaluate the domain-controlling server configuration.
Which of the following would be the BEST population to take a sample from when testing program changes? A. Test library listings B. Source program listings C. Program change requests D. Production library listings
Which of the following is an implementation risk within the process of decision support systems? A. Management control B. Semistructured dimensions C. Inability to specify purpose and usage patterns D. Changes in decision processes
In a risk-based audit approach, an IS auditor, in addition to risk, would be influenced by: A. the availability of CAATs. B. management's representation. C. organizational structure and job responsibilities. D. the existence of internal and operational controls
Which of the following is the primary purpose for conducting parallel testing? A. To determine if the system is cost-effective. B. To enable comprehensive unit and system testing. C. To highlight errors in the program interfaces with files. D. To ensure the new system meets user requirements.
Which of the following will help detect changes made by an intruder to the system log of a server? A. Mirroring of the system log on another server B. Simultaneously duplicating the system log on a write-once disk C. Write protecting the directory containing the system log D. Storing the backup of the system log offsite
During the course of an audit, the IS auditor discovers that the human resources (HR) department uses a cloud-based application to manage employee records. The HR department engaged in a contract outside of the normal vendor management process and manages the application on its own. Which of the following choices is of MOST concern? A. Maximum acceptable downtime metrics have not been defined in the contract. B. The IT department does not manage the relationship with the cloud vendor. C. The help desk call center is in a different country, with different privacy requirements. D. Company-defined security policies are not applied to the cloud application.
An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.
Without compensating controls, which of the following functions would represent a risk if combined with that of a system analyst? A. Application programming B. Data entry C. Quality assurance D. Database administrator
During a post-implementation review of an enterprise resource management system, an IS auditor would MOST likely: A. review access control configuration. B. evaluate interface testing. C. review detailed design documentation. D. evaluate system testing.
What type of transmission requires modems? A. Encrypted B. Digital C. Analog D. Modulated
Cisco Certifications 
