With the help of the security officer, granting access to
data is the responsibility of:
A. data owners.
B. programmers.
C. system analysts.
D. librarians.
- 1 Answers
- 6602 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Data owners are responsible for the use of data. Written
authorization for users to gain access to computerized
information should be provided by the data owners. Security
administration with the owners approval sets up access rules
stipulating which users or group of users are authorized to
access data or files and the level of authorized access
(read or update).
| Is This Answer Correct ? | 4 Yes | 0 No |
52. Which of the following tests confirm that the new system can operate in its target environment?
Which is the first software capability maturity model (CMM) level to include a standard software development process? A. Initial (level 1) B. Repeatable (level 2) C. Defined (level 3) D. Optimizing (level 5)
What type of transmission requires modems? A. Encrypted B. Digital C. Analog D. Modulated
Change management procedures are established by IS management to: A. control the movement of applications from the test environment to the production environment. B. control the interruption of business operations from lack of attention to unresolved problems. C. ensure the uninterrupted operation of the business in the event of a disaster. D. verify that system changes are properly documented.
In a small organization, an employee performs computer operations and, when the situation demands, program modifications. Which of the following should the IS auditor recommend? A. Automated logging of changes to development libraries B. Additional staff to provide separation of duties C. Procedures that verify that only approved program changes are implemented D. Access controls to prevent the operator from making program modifications
Which of the following would be MOST appropriate to ensure the confidentiality of transactions initiated via the Internet? A. Digital signature B. Data encryption standard (DES) C. Virtual private network (VPN) D. Public key encryption
Following the development of an application system, it is determined that several design objectives have not been achieved. This is MOST likely to have been caused by: A. insufficient user involvement. B. early dismissal of the project manager. C. inadequate quality assurance (QA) tools. D. noncompliance with defined approval points.
The interface that allows access to lower or higher level network services is called: A. firmware. B. middleware. C. X.25 interface. D. utilities.
Which of the following can identify attacks and penetration attempts to a network? A. Firewall B. Packet filters C. Stateful inspection D. Intrusion detection system (IDs)
An advantage of using sanitized live transactions in test data is that: A. all transaction types will be included. B. every error condition is likely to be tested. C. no special routines are required to assess the results. D. test transactions are representative of live processing.
Which of the following choices BEST ensures the effectiveness of controls related to interest calculation inside an accounting system? A. Re-performance B. Process walk-through C. Observation D. Documentation review
During a review of the controls over the process of defining IT service levels, an IS auditor would MOST likely interview the: A. systems programmer. B. legal staff. C. business unit manager. D. application programmer.
Cisco Certifications 
