Answer / guest

Answer: B

Function point analysis is a technique for determining the
size of a development task based on the number of function
points. Function points are factors such as inputs, outputs,
inquiries, logical internal file, etc. While this will help
determine the size of individual activities, it will not
assist in determining project duration since there are many
over-lapping tasks. A PERT chart will help determine project
duration once all the activities and the work involved in
the activities are known. Rapid application development is a
methodology that enables organizations to develop
strategically important systems faster while reducing
development costs and maintaining quality, and
object-oriented system development is the process of
solution specification and modeling.

The general ledger setup function in an enterprise resource package (ERP) allows for setting accounting periods. Access to this function has been permitted to users in finance, the warehouse and order entry. The MOST likely reason for such broad access is the: A. need to change accounting periods on a regular basis.. B. requirement to post entries for a closed accounting period. C. lack of policies and procedures for the proper segregation of duties. D. need to create/modify the chart of accounts and its allocations.

1 Answers  

---

E-mail message authenticity and confidentiality is BEST achieved by signing the message using the:

1 Answers  

---

Which of the following tasks is performed by the same person in a well-controlled information processing facility/computer center? A. Security administration and management B. Computer operations and system development C. System development and change management D. System development and systems maintenance

1 Answers  

---

Applying a digital signature to data traveling in a network provides: A. confidentiality and integrity. B. security and nonrepudiation. C. integrity and nonrepudiation. D. confidentiality and nonrepudiation.

2 Answers  

---

Information for detecting unauthorized input from a terminal would be BEST provided by the: A. console log printout. B. transaction journal. C. automated suspense file listing. D. user error report.

1 Answers  

---

Which of the following is the MOST important consideration when developing a business continuity plan for a bank? A. Antivirus software B. Naming standards C. Customer balance list D. Password policy

1 Answers  

---

Which of the following audit techniques would an IS auditor place the MOST reliance on when determining whether an employee practices good preventive and detective security measures? A. Observation B. Detail testing C. Compliance testing D. Risk assessment

1 Answers  

---

Which of the following types of firewalls would BEST protect a network from an Internet attack? A. Screened subnet firewall B. Application filtering gateway C. Packet filtering router D. Circuit-level gateway

1 Answers  

---

Without compensating controls, which of the following functions would represent a risk if combined with that of a system analyst? A. Application programming B. Data entry C. Quality assurance D. Database administrator

1 Answers  

---

Which of the following is a control over component communication failure/errors? A. Restricting operator access and maintaining audit trails B. Monitoring and reviewing system engineering activity C. Providing network redundancy D. Establishing physical barriers to the data transmitted over the network

1 Answers  

---

To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:

2 Answers  

---

Where adequate segregation of duties between operations and programming are not achievable, the IS auditor should look for: A. compensating controls. B. administrative controls. C. corrective controls. D. access controls.

1 Answers  

---