1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

An IS auditor performing a review of the EFT operations of a
retailing company would verify that the customers credit
limit is checked before funds are transferred by reviewing
the EFT:

A. system's interface.

B. switch facility.

C. personal identification number generating procedure.

D. operation backup procedures.

Question Posted / guest


An IS auditor performing a review of the EFT operations of a retailing company would verify that th..

Answer / guest

Answer: A

At the application processing level, the IS auditor should
review the interface between the EFT system and the
application system that processes the accounts from which
funds are transferred. Choice B is incorrect because an EFT
switch is the facility that provides the communication
linkage for all equipment in the network. Choices C and D
are procedures that would not help determine if the
customer's credit limit is verified before the funds are
transferred.

Is This Answer Correct ?    6 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Which of the following BEST determines that complete encryption and authentication protocols exist for protecting information while transmitted? A. A digital signature with RSA has been implemented. B. Work is being done in tunnel mode with the nested services of AH and ESP C. Digital certificates with RSA are being used. D. Work is being done in transport mode, with the nested services of AH and ESP

1 Answers  

To help mitigate the effects of a denial of service attack, which mechanism can an Internet service provider (ISP) use to identify Internet protocol (IP) packets from unauthorized sources? A. Inbound traffic filtering B. Rate limiting C. Reverse address lookup D. Network performance monitoring

2 Answers  

Which of the following is intended to detect the loss or duplication of input? A. Hash totals B. Check digits C. Echo checks D. Transaction codes

1 Answers  

An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the: A. maintenance of access logs of usage of various system resources. B. authorization and authentication of the user prior to granting access to system resources. C. adequate protection of stored data on servers by encryption or other means. D. accountability system and the ability to identify any terminal accessing system resources.

1 Answers   CISA,

Which of the following IS functions may be performed by the same individual, without compromising on control or violating segregation of duties? A. Job control analyst and applications programmer B. Mainframe operator and system programmer C. Change/problem and quality control administrator D. Applications and system programmer

4 Answers  




Creation of an electronic signature: A. encrypts the message. B. verifies where the message came from. C. cannot be compromised when using a private key. D. cannot be used with e-mail systems.

1 Answers  

In an EDI process, the device which transmits and receives electronic documents is the: A. communications handler. B. EDI translator. C. application interface. D. EDI interface.

1 Answers  

Which of the following is a substantive audit test? A. Verifying that a management check has been performed regularly B. Observing that user IDs and passwords are required to sign on the computer C. Reviewing reports listing short shipments of goods received D. Reviewing an aged trial balance of accounts receivable

1 Answers  

Information requirement definitions, feasibility studies and user requirements are significant considerations when: A. defining and managing service levels. B. identifying IT solutions. C. managing changes. D. assessing internal IT control.

1 Answers  

Which of the following controls would BEST detect intrusion? A. User ids and user privileges are granted through authorized procedures. B. Automatic logoff is used when a workstation is inactive for a particular period of time. C. Automatic logoff of the system after a specified number of unsuccessful attempts. D. Unsuccessful logon attempts are monitored by the security administrator.

2 Answers  

Which of the following alternative business recovery strategies would be LEAST appropriate for an organization with a large database and online communications network environment? A. Hot site B. Cold site C. Reciprocal agreement D. Dual information processing facilities

1 Answers  

As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard-copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following are necessary to restore these files? A. The previous day's backup file and the current transaction tape B. The previous day's transaction file and the current transaction tape C. The current transaction tape and the current hard-copy transaction log D. The current hard-copy transaction log and the previous day's transaction file

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)