Interested to Buy Any Domain ? << Click Here >> for more details...
During an audit of the tape management system at a data
center, an IS auditor discovered that parameters are set to
bypass or ignore the labels written on tape header records.
The IS auditor also determined that effective staging and
job setup procedures were in place. In this situation, the
IS auditor should conclude that the:
A. tape headers should be manually logged and checked by the
operators.
B. staging and job setup procedures are not appropriate
compensating controls.
C. staging and job setup procedures compensate for the tape
label control weakness.
D. tape management system parameters must be set to check
all labels.
- 1 Answers
- 21227 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Compensating controls are an important part of a control
structure. They are considered adequate if they help to
achieve the control objective and are cost-effective. In
this situation the IS auditor is most likely to conclude
that staging and job setup procedures compensate for the
tape label control weakness.
| Is This Answer Correct ? | 42 Yes | 0 No |
A manufacturer has been purchasing materials and supplies for its business through an e-commerce application. Which of the following should this manufacturer rely on to prove that the transactions were actually made? A. Reputation B. Authentication C. Encryption D. Nonrepudiation
Which of the following would an IS auditor consider to be the MOST helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program? A. A system downtime log B. Vendors' reliability figures C. Regularly scheduled maintenance log D. A written preventive maintenance schedule
Capacity monitoring software is used to ensure: A. maximum use of available capacity. B. that future acquisitions meet user needs. C. concurrent use by a large number of users. D. continuity of efficient operations.
A vendor/contractor?s performance against service level agreements must be evaluated by the: A. customer. B. contractor. C. third-party. D. contractor?s management.
The MAJOR advantage of the risk assessment approach over the baseline approach to information security management is that it ensures: A. information assets are over protected. B. a basic level of protection is applied regardless of asset value. C. appropriate levels of protection are applied to information assets. D. an equal proportion of resources are devoted to protecting all information assets.
When reviewing an organization's logical access security, which of the following would be of the MOST concern to an IS auditor? A. Passwords are not shared. B. Password files are encrypted. C. Redundant logon IDs are deleted. D. The allocation of logon IDs is controlled.
To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:
Birth date and marriage date items were switched while entering data. Which of the following data validation checks could detect this? A. Logical relationship B. Sequence C. Reasonableness D. Validity
IS auditors reviewing access control should review data classification to ensure that encryption parameters are classified as: A. sensitive. B. confidential. C. critical. D. private.
An IS auditor should use statistical sampling and not judgmental (nonstatistical) sampling, when: A. the probability of error must be objectively quantified. B. the auditor wants to avoid sampling risk. C. generalized audit software is unavailable. D. the tolerable error rate cannot be determined.
Which of the following data validation edits is effective in detecting transposition and transcription errors? A. Range check B. Check digit C. Validity check D. Duplicate check
Which of the following tests confirm that the new system can operate in its target environment? A. Sociability testing B. Regression testing C. Validation testing D. Black box testing
Cisco Certifications 
