Interested to Buy Any Domain ? << Click Here >> for more details...
Prices are charged on the basis of a standard master file
rate that changes as volume increases. Any exceptions must
be manually approved. What is the MOST effective automated
control to help ensure that all price exceptions are approved?
A. All amounts are displayed back to the data entry clerk,
who must verify them visually.
B. Prices outside the normal range should be entered twice
to verify data entry accuracy.
C. The system beeps when price exceptions are entered and
prints such occurrences on a report.
D. A second-level password must be entered before a price
exception can be processed.
- 1 Answers
- 5114 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
"Automated control should ensure that the system processes
the price exceptions only on approval of another user who is
authorized to approve such exceptions. A second-level
password would ensure that price exceptions will be approved
by a user who has been authorized by management. Visual
verification of all amounts by a data entry clerk is not a
control, but a basic requirement for any data entry. The
user being able to visually verify what has been entered is
a basic manual control. Entry of price exceptions twice, is
an input control. This does not ensure that exceptions will
be verified automatically by another user. The system
beeping on entry of a price exception is only a warning to
the data entry clerk
it does not prevent proceeding further. Printing of these
exceptions on a report is a detective (manual) control."
| Is This Answer Correct ? | 5 Yes | 0 No |
Which of the following logical access exposures involves changing data before, or as it is entered into the computer? A. Data diddling B. Trojan horse C. Worm D. Salami technique
Which of the following is the operating system mode in which all instructions can be executed? A. Problem B. Interrupt C. Supervisor D. Standard processing
When reviewing an organization's logical access security, which of the following would be of the MOST concern to an IS auditor? A. Passwords are not shared. B. Password files are encrypted. C. Redundant logon IDs are deleted. D. The allocation of logon IDs is controlled.
An IS auditor reviews an organization chart PRIMARILY for: A. an understanding of workflows. B. investigating various communication channels. C. understanding the responsibilities and authority of individuals. D. investigating the network connected to different employees.
Which of the following is a role of an IS steering committee? A. Initiate computer applications. B. Ensure efficient use of data processing resources. C. Prepare and monitor system implementation plans. D. Review the performance of the systems department.
Functionality is a characteristic associated with evaluating the quality of software products throughout their lifecycle, and is BEST described as the set of attributes that bear on the: A. existence of a set of functions and their specified properties. B. ability of the software to be transferred from one environment to another. C. capability of software to maintain its level of performance under stated conditions. D. relationship between the performance of the software and the amount of resources used.
Which of the following exposures associated with the spooling of sensitive reports for offline printing would an IS auditor consider to be the MOST serious? A. Sensitive data can be read by operators. B. Data can be amended without authorization. C. Unauthorized report copies can be printed. D. Output can be lost in the event of system failure.
The difference between whitebox testing and blackbox testing is that whitebox testing: A. involves the IS auditor. B. is performed by an independent programmer team. C. examines a program's internal logical structure. D. uses the bottom-up approach.
Java applets and ActiveX controls are distributed executable programs that execute in the background of a web browser client. This practice is considered reasonable when: A. a firewall exists. B. a secure web connection is used. C. the source of the executable is certain. D. the host website is part of your organization.
Separation of duties between computer opeartors and other data processing personnel is intended to: A. Prevent unauthorized modifications to program or data. B. Reduce overall cost of operations C. Allow operators to concentrate on their assigned duties D. Restrict operator access to data
Which of the following provides the GREATEST assurance of message authenticity? A. The pre-hash code is derived mathematically from the message being sent. B. The pre-hash code is encrypted using the sender's private key. C. Encryption of the pre-hash code and the message using the secret key. D. Sender attains the recipient's public key and verifies the authenticity of its digital certificate with a certificate authority.
Connection-oriented protocols in the TCP/IP suite are implemented in the: A. transport layer. B. application layer. C. physical layer. D. network layer.
Cisco Certifications 
