Interested to Buy Any Domain ? << Click Here >> for more details...
With the help of the security officer, granting access to
data is the responsibility of:
A. data owners.
B. programmers.
C. system analysts.
D. librarians.
- 1 Answers
- 7092 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Data owners are responsible for the use of data. Written
authorization for users to gain access to computerized
information should be provided by the data owners. Security
administration with the owners approval sets up access rules
stipulating which users or group of users are authorized to
access data or files and the level of authorized access
(read or update).
| Is This Answer Correct ? | 4 Yes | 0 No |
To prevent unauthorized entry to the data maintained in a dial-up fast response system, an IS auditor should recommend: A. online terminals be placed in restricted areas. B. online terminals be equipped with key locks. C. ID cards be required to gain access to online terminals. D. online access be terminated after three unsuccessful attempts.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
Which of the following BEST provides access control to payroll data being processed on a local server? A. Logging of access to personal information B. Separate password for sensitive transactions C. Software restricts access rules to authorized staff D. System access restricted to business hours
To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.
A sequence of bits appended to a digital document that is used to secure an e-mail sent through the Internet is called a: A. digest signature. B. electronic signature. C. digital signature. D. hash signature.
Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same? A. A substantive test of program library controls B. A compliance test of program library controls C. A compliance test of the program compiler controls D. A substantive test of the program compiler controls
A key element in a risk analysis is/are: A. audit planning. B. controls. C. vulnerabilities. D. liabilities.
Which of the following is the PRIMARY safeguard for securing software and data within an information processing facility? A. Security awareness B. Reading the security policy C. Security committee D. Logical access controls
Which of the following provides a mechanism for coding and compiling programs interactively? A. Firmware B. Utility programs C. Online programming facilities D. Network management software
To identify the value of inventory that has been kept for more than eight weeks, an IS auditor would MOST likely use: A. test data. B. statistical sampling. C. an integrated test facility. D. generalized audit software.
When an organization's network is connected to an external network in an Internet client-server model not under that organization's control, security becomes a concern. In providing adequate security in this environment, which of the following assurance levels is LEAST important? A. Server and client authentication B. Data integrity C. Data recovery D. Data confidentiality
The application test plans are developed in which of the following systems development life cycle (SDLC) phases? A. Design B. Testing C. Requirement D. Development
Cisco Certifications 
