Answer / guest

Answer: A

E-cash is a form of electronic money that can be sent from
any computer to any other computer using any network,
including the Internet. E-cash uses coins that can be used
only once, after which they are taken out of circulation.
These coins are anonymous and carry no traceable
information. Each transaction in which e-cash is used
requires the participation of an Internet connected digital
bank.

With reference to the risk management process, which of the following statements is correct? A. Vulnerabilities can be exploited by a threat. B. Vulnerabilities are events with the potential to cause harm to IS resources. C. Vulnerability exists because of threats associated with use of information resources. D. Lack of user knowledge is an example of a threat.

1 Answers  

---

A data administrator is responsible for: A. maintaining database system software. B. defining data elements, data names and their relationship. C. developing physical database structures. D. developing data dictionary system software.

3 Answers  

---

A digital signature contains a message digest to: A. show if the message has been altered after transmission. B. define the encryption algorithm. C. confirm the identity of the originator. D. enable message transmission in a digital format.

1 Answers  

---

Which of the following should be included in an organization's IS security policy? A. A list of key IT resources to be secured B. The basis for access authorization C. Identity of sensitive security features D. Relevant software security features

1 Answers  

---

Which of the following IS functions may be performed by the same individual, without compromising on control or violating segregation of duties? A. Job control analyst and applications programmer B. Mainframe operator and system programmer C. Change/problem and quality control administrator D. Applications and system programmer

4 Answers  

---

In a risk-based audit approach, an IS auditor, in addition to risk, would be influenced by: A. the availability of CAATs. B. management's representation. C. organizational structure and job responsibilities. D. the existence of internal and operational controls

2 Answers  

---

An audit charter should: A. be dynamic and change often to coincide with the changing nature of technology and the audit profession. B. clearly state audit objectives for the delegation of authority for the maintenance and review of internal controls. C. document the audit procedures designed to achieve the planned audit objectives. D. outline the overall authority, scope and responsibilities of the audit function.

2 Answers  

---

When logging on to an online system, which of the following processes would the system perform FIRST? A. Initiation B. Verification C. Authorization D. Authentication

1 Answers  

---

Which of the following is a data validation edit and control? A. Hash totals B. Reasonableness checks C. Online access controls D. Before and after image reporting

1 Answers  

---

Various standards have emerged to assist IS organizations in achieving an operational environment that is predictable, measurable and repeatable. The standard that provides the definition of the characteristics and the associated quality evaluation process to be used when specifying the requirements for and evaluating the quality of software products throughout their life cycle is: A. ISO 9001. B. ISO 9002. C. ISO 9126. D. ISO 9003.

2 Answers  

---

Which of the following is the FIRST thing an IS auditor should do after the discovery of a trojan horse program in a computer system? A. Investigate the author. B. Remove any underlying threats. C. Establish compensating controls. D. Have the offending code removed.

1 Answers  

---

A network diagnostic tool that monitors and records network information is a/an: A. online monitor. B. downtime report. C. help desk report. D. protocol analyzer.

1 Answers  

---