Answer / guest

Answer: C

It is unlikely that reciprocal agreements could be made to
accommodate sophisticated environments, i.e., databases with
large communications networks. Even if a compatible
alternate facility could be located, it would be unlikely
that there would be sufficient capacity available to
accommodate foreign systems and provide the necessary
security and integrity. Further, a cold-site arrangement
could be appropriate, if plans to convert the cold site to a
hot site could be executed rapidly enough to accommodate
critical processing.

Access rules normally are included in which of the following documentation categories? A. Technical reference documentation B. User manuals C. Functional design specifications D. System development methodology documents

1 Answers  

---

Responsibility and reporting lines cannot always be established when auditing automated systems since: A. diversified control makes ownership irrelevant. B. staff traditionally change jobs with greater frequency. C. ownership is difficult to establish where resources are shared. D. duties change frequently in the rapid development of technology.

1 Answers  

---

In a web server, a common gateway interface (CGI) is MOST often used as a(n): A. consistent way for transferring data to the application program and back to the user. B. computer graphics imaging method for movies and TV. C. graphic user interface for web design. D. interface to access the private gateway domain.

1 Answers  

---

Utilizing audit software to compare the object code of two programs is an audit technique used to test program: A. logic. B. changes. C. efficiency. D. computations.

2 Answers  

---

Which of the following line media would provide the BEST security for a telecommunication network? A. Broad band network digital transmission B. Baseband network C. Dial-up D. Dedicated lines

1 Answers  

---

Which of the following would BEST support 24/7 availability? A. Daily backup B. Offsite storage C. Mirroring D. Periodic testing

1 Answers  

---

Which of the following is LEAST likely to be contained in a digital certificate for the purposes of verification by a trusted third party (TTP)/certification authority (CA)? A. Name of the TTP/CA B. Public key of the sender C. Name of the public key holder D. Time period for which the key is valid

1 Answers  

---

In reviewing the IS short-range (tactical) plan, the IS auditor should determine whether: A. there is an integration of IS and business staffs within projects. B. there is a clear definition of the IS mission and vision. C. there is a strategic information technology planning methodology in place. D. the plan correlates business objectives to IS goals and objectives.

1 Answers  

---

Which of the following is the initial step in creating a firewall policy? A. A cost-benefits analysis of methods for securing the applications B. Identification of network applications to be externally accessed C. Identification of vulnerabilities associated with network applications to be externally accessed D. Creation of an applications traffic matrix showing protection methods

1 Answers  

---

The PRIMARY purpose of audit trails is to: A. improve response time for users. B. establish accountability and responsibility for processed transactions. C. improve the operational efficiency of the system. D. provide useful information to auditors who may wish to track transactions.

1 Answers  

---

During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be PRIMARILY concerned about: A. the soundness of the impact analysis. B. hardware and software compatibility. C. differences in IS policies and  procedures. D. frequency of system testing.

1 Answers  

---

Which of the following would be a compensating control to mitigate risks resulting from an inadequate segregation of duties? A. Sequence check B. Check digit C. Source documentation retention D. Batch control reconciliations

1 Answers  

---