Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following controls would BEST detect intrusion?
A. User ids and user privileges are granted through
authorized procedures.
B. Automatic logoff is used when a workstation is inactive
for a particular period of time.
C. Automatic logoff of the system after a specified number
of unsuccessful attempts.
D. Unsuccessful logon attempts are monitored by the security
administrator.
- 2 Answers
- 10322 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
IIntrusion is detected by the active monitoring and review
of unsuccessful logons. User ids and the granting of user
privileges defines a policy, not a control. Automatic logoff
is a method of preventing access on inactive terminals and
is not a detective control. Unsuccessful attempts to log on
is a method for preventing intrusion, not detecting.
| Is This Answer Correct ? | 6 Yes | 1 No |
A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not adequately performing which of the following types of testing? A. Unit testing B. Integration testing C. Design walk-throughs D. Configuration management
Which of the following is the PRIMARY reason for involving an IS auditor in the definition of a system's requirements? A. Post-application reviews do not need to be performed. B. Total budgeted system development costs can be reduced. C. It is costly to institute controls after a system becomes operational. D. The extent of user involvement in design activities is reduced.
A call-back system requires that a user with an id and password call a remote server through a dial-up line, then the server disconnects and: A. dials back to the user machine based on the user id and password using a telephone number from its database. B. dials back to the user machine based on the user id and password using a telephone number provided by the user during this connection. C. waits for a redial back from the user machine for reconfirmation and then verifies the user id and password using its database. D. waits for a redial back from the user machine for reconfirmation and then verifies the user id and password using the sender's database.
An IS auditor reviews an organization chart PRIMARILY for: A. an understanding of workflows. B. investigating various communication channels. C. understanding the responsibilities and authority of individuals. D. investigating the network connected to different employees.
Which of the following is a detective control? A. Physical access controls B. Segregation of duties C. Backup procedures D. Audit trails
Which of the following functions, if combined, would be the GREATEST risk to an organization? A. Systems analyst and database administrator B. Quality assurance and computer operator C. Tape librarian and data entry clerk D. Application programmer and tape librarian
An organization is moving its application maintenance in-house from an outside source. Which of the following should be the main concern of an IS auditor? A. Regression testing B. Job scheduling C. User manuals D. Change control procedures
Change management procedures are established by IS management to: A. control the movement of applications from the test environment to the production environment. B. control the interruption of business operations from lack of attention to unresolved problems. C. ensure the uninterrupted operation of the business in the event of a disaster. D. verify that system changes are properly documented.
Which of the following is the MOST reliable sender authentication method? A. Digital signatures B. Asymmetric cryptography C. Digital certificates D. Message authentication code
During which of the following steps in the business process reengineering should the benchmarking team visit the benchmarking partner? A. Observation B. Planning C. Analysis D. Adaptation
Which of the following would be a MAJOR disadvantage of using prototyping as a systems development methodology? A. User expectations of project timescales may be overly optimistic. B. Effective change control and management is impossible to implement. C. User participation in day-to-day project management may be too extensive. D. Users usually are not sufficiently knowledgeable to assist in system development.
Sales orders are automatically numbered sequentially at each of a retailer's multiple outlets. Small orders are processed directly at the outlets, with large orders sent to a central production facility. The MOST appropriate control to ensure that all orders transmitted to production are received and processed would be to: A. send and reconcile transaction counts and totals. B. have data transmitted back to the local site for comparison. C. compare data communications protocols with parity checking. D. track and account for the numerical sequence of sales orders at the production facility.
Cisco Certifications 
