Interested to Buy Any Domain ? << Click Here >> for more details...
During a review of a large data center an IS auditor
observed computer operators acting as backup tape librarians
and security administrators. Which of these situations would
be MOST critical to report?
A. Computer operators acting as tape librarians
B. Computer operators acting as security administrators
C. Computer operators acting as a tape librarian and
security administrator
D. It is not necessary to report any of these situations.
- 1 Answers
- 4528 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
Computer operators should not be given security
administrator access. Computer operators acting as security
administrators could manipulate the security system to give
themselves access. The access could be used to set up
fictitious accounts and to eliminate any record of it from
the log. Computer operators in large data centers are often
called upon to act as tape librarians. As long as the
operator cannot manipulate the system logging, it is
acceptable for the librarian to track what has taken place.
| Is This Answer Correct ? | 2 Yes | 0 No |
For an online transaction processing system, transactions per second is a measure of: A. throughput. B. response time. C. turnaround time. D. uptime.
The PRIMARY benefit of database normalization is the: A. minimization redundancy of information in tables required to satisfy users? needs. B. ability to satisfy more queries. C. maximization of database integrity by providing information in more than one table. D. minimization of response time through faster processing of information.
An organization provides information to its supply-chain partners and customers through an extranet infrastructure. Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture? A. A secure socket layer (SSL) has been implemented for user authentication and remote administration of the firewall. B. On the basis of changing requirements, firewall policies are updated. C. Inbound traffic is blocked unless the traffic type and connections have been specifically permitted. D. The firewall is placed on top of the commercial operating system with all installation options.
WHICH OF THE FOLLOWING IS OFTEN AN ADVANTAGE OF USING PROTOTYPING GOR DYDTEM DVELOPMENT
In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems? A. Maintaining system software parameters B. Ensuring periodic dumps of transaction logs C. Ensuring grandfather-father-son file backups D. Maintaining important data at an off-site location
Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.
An IS auditor is reviewing a project that is using an agile software development approach. Which of the following should the IS auditor expect to find? A. Use of a capability maturity model (CMM) B. Regular monitoring of task-level progress against schedule C. Extensive use of software development tools to maximize team productivity D. Postiteration reviews that identify lessons learned for future use in the project
The FIRST step in developing a business continuity plan (BCP) is to: A. classify the importance of systems. B. establish a disaster recovery strategy. C. determine the critical recovery time period. D. perform a risk ranking.
hello all i want to do cisa certification but dont have knowledge of auditing. i m fresher and ccna certified. so, please advice me how should i prepare .and having cisa certification is it easy to get a job. please reply as soon as possible.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
While copying files from a floppy disk a user introduced a virus into the network. Which of the following would MOST effectively detect the existence of the virus? A: A. scan of all floppy disks before use B. virus monitor on the network file server C. scheduled daily scan of all network drives D. virus monitor on the user's personal computer
During which of the following steps in the business process reengineering should the benchmarking team visit the benchmarking partner? A. Observation B. Planning C. Analysis D. Adaptation
Cisco Certifications 
