Interested to Buy Any Domain ? << Click Here >> for more details...
IS auditors, in performing detailed network assessments and
access control reviews should FIRST:
A. determine the points of entry.
B. evaluate users access authorization.
C. assess users identification and authorization.
D. evaluate the domain-controlling server configuration.
- 2 Answers
- 6179 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
In performing detailed network assessments and access
control reviews IS auditors should first determine the
points of entry to the system and accordingly review the
points of entry for appropriate controls. Evaluation of user
access authorization, assessment of user identification and
authorization and evaluation of the domain-controlling
server configuration are all implementation issues for
appropriate controls for the points of entry.
| Is This Answer Correct ? | 5 Yes | 0 No |
If the decision has been made to acquire software rather than develop it internally, this decision is normally made during the: A. requirements definition phase of the project. B. feasibility study phase of the project. C. detailed design phase of the project. D. programming phase of the project.
In a business continuity plan, there are several methods of providing telecommunication continuity. One method is diverse routing which involves: A. providing extra capacity with the intent of using the surplus capacity should the normal primary transmission capability not be available. B. routing information via other alternate media such as copper cable or fiber optics. C. providing diverse long-distance network availability utilizing T-1 circuits among the major long-distance carriers. D. routing traffic through split-cable facilities or duplicate-cable facilities.
At the end of the testing phase of software development, an IS auditor observes that an intermittent software error has not been corrected. No action has been taken to resolve the error. The IS auditor should: A. report the error as a finding and leave further exploration to the auditee's discretion. B. attempt to resolve the error. C. recommend that problem resolution be escalated. D. ignore the error, as it is not possible to get objective evidence for the software error.
An IS auditor observed that some data entry operators leave their computers in the midst of data entry without logging off. Which of the following controls should be suggested to prevent unauthorized access? A. Encryption B. Switch off the computer when leaving C. Password control D. Screen saver password
Which of the following LAN physical layouts is subject to total loss if one device fails? A. Star B. Bus C. Ring D. Completely connected
When performing an audit of access rights, an IS auditor should be suspicious of which of the following if allocated to a computer operator? A. READ access to data B. DELETE access to transaction data files C. Logged READ/EXECUTE access to programs D. UPDATE access to job control language/script files
An internal audit department, that organizationally reports exclusively to the chief financial officer (CFO) rather than to an audit committee, is MOST likely to: A. have its audit independence questioned. B. report more business-oriented and relevant findings. C. enhance the implementation of the auditor's recommendations. D. result in more effective action being taken on the recommendations.
The purpose of debugging programs is to: A. generate random data that can be used to test programs before implementing them. B. protect valid changes from being overwritten by other changes during programming. C. define the program development and maintenance costs to be include in the feasibility study. D. ensure that abnormal terminations and coding flaws are detected and corrected.
At the end of a simulation of an operational contingency test, the IS auditor performed a review of the recovery process. The IS auditor concluded that the recovery took more than the critical time frame allows. Which of the following actions should the auditor recommend? A. Widen the physical capacity to accomplish better mobility in a shorter time. B. Shorten the distance to reach the hot site. C. Perform an integral review of the recovery tasks. D. Increase the number of human resources involved in the recovery process.
Many organizations require an employee to take a mandatory vacation (holiday) of a week or more to: A. ensure the employee maintains a quality of life, which will lead to greater productivity. B. reduce the opportunity for an employee to commit an improper or illegal act. C. provide proper cross training for another employee. D. eliminate the potential disruption caused when an employee takes vacation one day at a time.
Which of the following types of risks assumes an absence of compensating controls in the area being reviewed? A. Control risk B. Detection risk C. Inherent risk D. Sampling risk
To check the performance of flow and error control, an IS auditor should focus the use of a protocol analyzer on which of the following layers? A. Network B. Transport C. Data link D. Application
Cisco Certifications 
