Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following logical access exposures involves
changing data before, or as it is entered into the computer?
A. Data diddling
B. Trojan horse
C. Worm
D. Salami technique
- 2 Answers
- 9511 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Data diddling involves changing data before, or as it is
entered into the computer. A trojan horse involves
unauthorized changes to a computer program. A worm is a
destructive program that destroys data. The salami technique
is a program modification that slices off small amounts of
money from a computerized transaction.
| Is This Answer Correct ? | 16 Yes | 2 No |
IS auditors are MOST likely to perform compliance tests of internal controls if, after their initial evaluation of the controls, they conclude that: A. a substantive test would be too costly. B. the control environment is poor. C. inherent risk is low. D. control risks are within the acceptable limits.
The reason for having controls in an IS environment: A. remains unchanged from a manual environment, but the implemented control features may be different. B. changes from a manual environment, therefore the implemented control features may be different. C. changes from a manual environment, but the implemented control features will be the same. D. remains unchanged from a manual environment and the implemented control features will also be the same.
A team conducting a risk analysis is having difficulty projecting the financial losses that could result from a risk. To evaluate the potential losses the team should: A. compute the amortization of the related assets. B. calculate a return on investment (ROI). C. apply a qualitative approach. D. spend the time needed to define exactly the loss amount.
To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against: A. the entire message and thereafter enciphering the message digest using the sender's private key. B. any arbitrary part of the message and thereafter enciphering the message digest using the sender's private key. C. the entire message and thereafter enciphering the message using the sender's private key. D. the entire message and thereafter enciphering the message along with the message digest using the sender's private key.
Which of the following components of a business continuity plan is PRIMARILY the responsibility of an organization?s IS department? A. Developing the business continuity plan B. Selecting and approving the strategy for business continuity plan C. Declaring a disaster D. Restoring the IS systems and data after a disaster
Which of the following functions, if performed by scheduling and operations personnel, would be in conflict with a policy requiring a proper segregation of duties? A. Job submission B. Resource management C. Code correction D. Output distribution
Which of the following sampling methods is MOST useful when testing for compliance? A. Attribute sampling B. Variable sampling C. Stratified mean per unit D. Difference estimation
During an audit of an enterprise that is dedicated to e-commerce, the IS manager states that digital signatures are used in the establishment of its commercial relations. To substantiate this, the IS auditor must prove that which of the following is used? A. A biometric, digitalized and encrypted parameter with the customer's public key B. A hash of the data that is transmitted and encrypted with the customer's private key C. A hash of the data that is transmitted and encrypted with the customer's public key D. The customer's scanned signature, encrypted with the customer's public key
For an online transaction processing system, transactions per second is a measure of: A. throughput. B. response time. C. turnaround time. D. uptime.
Which of the following represents the GREATEST risk created by a reciprocal agreement for disaster recovery made between two companies? A. Developments may result in hardware and software incompatibility. B. Resources may not be available when needed. C. The recovery plan cannot be tested. D. The security infrastructures in each company may be different.
An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.
The application test plans are developed in which of the following systems development life cycle (SDLC) phases? A. Design B. Testing C. Requirement D. Development
Cisco Certifications 
