Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor, in evaluating proposed biometric control
devices reviews the false rejection rates (FRRs), false
acceptance rates (FARs) and equal error rates (ERRs) of
three different devices. The IS auditor should recommend
acquiring the device having the:
A. least ERR.
B. most ERR.
C. least FRR but most FAR.
D. least FAR but most FRR.
- 1 Answers
- 4623 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Equal error rate is the percent of times the false rejection
and acceptance are equal. The lower the overall measure, the
more effective the biometric. Neither a higher false
rejection rate nor false acceptance rate is desirable.
| Is This Answer Correct ? | 4 Yes | 0 No |
A single digitally signed instruction was given to a financial institution to credit a customer's account. The financial institution received the instruction three times and credited the account three times. Which of the following would be the MOST appropriate control against such multiple credits? A. Encrypting the hash of the payment instruction with the public key of the financial institution. B. Affixing a time stamp to the instruction and using it to check for duplicate payments. C. Encrypting the hash of the payment instruction with the private key of the instructor. D. Affixing a time stamp to the hash of the instruction before being digitally signed by the instructor.
The MOST appropriate person to chair the steering committee for a system development project with significant impact on a business area would be the: A. business analyst. B. chief information officer. C. project manager. D. executive level manager.
Which of the following is the MOST important issue to the IS auditor in a business process re-engineering (BPR) project would be? A. The loss of middle management, which often is a result of a BPR project B. That controls are usually given low priority in a BPR project C. The considerable negative impact that information protection could have on BPR D. The risk of failure due to the large size of the task usually undertaken in a BPR project
During the review of a biometrics system operation, the IS auditor should FIRST review the stage of: A. enrollment. B. identification. C. verification. D. storage.
During which of the following steps in the business process reengineering should the benchmarking team visit the benchmarking partner? A. Observation B. Planning C. Analysis D. Adaptation
To share data in a multivendor network environment, it is essential to implement program-to-program communication. With respect to program-to-program communication features that can be implemented in this environment, which of the following makes implementation and maintenance difficult? A. User isolation B. Controlled remote access C. Transparent remote access D. The network environments
An IS auditor has been assigned to conduct a test that compares job run logs to computer job schedules. Which of the following observations would be of the GREATEST concern to the IS auditor? A. There are a growing number of emergency changes. B. There were instances when some jobs were not completed on time. C. There were instances when some jobs were overridden by computer operators. D. Evidence shows that only scheduled jobs were run.
The quality assurance group is typically responsible for: A. ensuring that the output received from system processing is complete. B. monitoring the execution of computer processing tasks. C. ensuring that programs and program changes and documentation adhere to established standards. D. designing procedures to protect data against accidental disclosure, modification or destruction.
Data flow diagrams are used by IS auditors to: A. order data hierarchically. B. highlight high-level data definitions. C. graphically summarize data paths and storage. D. portray step-by-step details of data generation.
Which of the following is a form of an Internet attack? A. Searching for software design errors B. Guessing user passwords based on their personal information C. Breaking the deadman's door to gain entry D. Planting a trojan horse
A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of receiving financial data and has communicated the site's address, user ID and password to the financial services company in separate email messages. The company is to transmit its data to the FTP site after manually encrypting the data. The IS auditor's GREATEST concern with this process is that: A. the users may not remember to manually encrypt the data before transmission. B. the site credentials were sent to the financial services company via email. C. personnel at the consulting firm may obtain access to sensitive data. D. the use of a shared user ID to the FTP site does not allow for user accountability.
The IS department of an organization wants to ensure that the computer files, used in the information processing facility, are backed up adequately to allow for proper recovery. This is a/an: A. control procedure. B. control objective. C. corrective control. D. operational control.
Cisco Certifications 
