Interested to Buy Any Domain ? << Click Here >> for more details...
The FIRST step in data classification is to:
A. establish ownership.
B. perform a criticality analysis.
C. define access rules.
D. create a data dictionary.
- 1 Answers
- 11394 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Data classification is necessary to define access rules
based on a need-to-do and need-to-know basis. The data owner
is responsible for defining the access rules are, hence
establishment of ownership is the first step in data
classification. The other choices are incorrect. A
criticality analysis is required for protection of data,
which takes input from data classification. Access
definition is complete after data classification and input
for a data dictionary is prepared from the data
classification process.
| Is This Answer Correct ? | 8 Yes | 1 No |
Which of the following is a check (control) for completeness? A. Check digits B. Parity bits C. One-for-one checking D. Prerecorded input
An existing system is being extensively enhanced by extracting and reusing design and program components. This is an example of: A. reverse engineering. B. prototyping. C. software reuse. D. reengineering.
Which of the following is the PRIMARY safeguard for securing software and data within an information processing facility? A. Security awareness B. Reading the security policy C. Security committee D. Logical access controls
Which of the following IS functions may be performed by the same individual, without compromising on control or violating segregation of duties? A. Job control analyst and applications programmer B. Mainframe operator and system programmer C. Change/problem and quality control administrator D. Applications and system programmer
Which of the following user profiles should be of MOST concern to the IS auditor, when performing an audit of an EFT system? A. Three users with the ability to capture and verifiy their own messages B. Five users with the ability to capturr and send their own messages C. Five users with the ability to verificy other users and to send of their own messages D. Three users with the ability to capture and verifiy the messages of other users and to send their own messages
Which of the following functions, if combined, would be the GREATEST risk to an organization? A. Systems analyst and database administrator B. Quality assurance and computer operator C. Tape librarian and data entry clerk D. Application programmer and tape librarian
Programs that can run independently and travel from machine to machine across network connections, with the ability to destroy data or utilize tremendous computer and communication resources, are referred to as: A. trojan horses. B. viruses. C. worms. D. logic bombs.
52. Which of the following tests confirm that the new system can operate in its target environment?
In which of the following network configurations would problem resolution be the easiest? A. Bus B. Ring C.Star D. Mesh
Which of the following is a substantive audit test? A. Verifying that a management check has been performed regularly B. Observing that user IDs and passwords are required to sign on the computer C. Reviewing reports listing short shipments of goods received D. Reviewing an aged trial balance of accounts receivable
For which of the following applications would rapid recovery be MOST crucial? A. Point-of-sale system B. Corporate planning C. Regulatory reporting D. Departmental chargeback
What is a risk associated with attempting to control physical access to sensitive areas, such as computer rooms, through card keys, locks, etc.? A. Unauthorized individuals wait for controlled doors to open and walk in behind those authorized. B. The contingency plan for the organization cannot effectively test controlled access practices. C. Access cards, keys, and pads can be easily duplicated allowing easy compromise of the control. D. Removing access for people no longer authorized is complex.
Cisco Certifications 
