The BEST overall quantitative measure of the performance of
biometric control devices is:
A. false rejection rate.
B. false acceptance rate.
C. equal error rate.
D. estimated error rate.
- 1 Answers
- 7627 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Low equal error rate (EER) is a combination of the low false
rejection rate and the low false acceptance rate. EER,
expressed as a percentage, is a measure of the number of
times that the false rejection and false acceptance are
equal. A low EER is the measure of the more effective
biometrics control device. Low false rejection rates or low
false acceptance rates alone do not measure the efficiency
of the device. Estimated error rate is non-existing and
hence irrelevant.
| Is This Answer Correct ? | 9 Yes | 0 No |
Which of the following would an IS auditor consider to be the MOST important when evaluating an organization's IS strategy? That it: A. has been approved by line management. B. does not vary from the IS department's preliminary budget. C. complies with procurement procedures. D. supports the business objectives of the organization.
An organization is experiencing a growing backlog of undeveloped applications. As part of a plan to eliminate this backlog, end-user computing with prototyping, supported by the acquisition of an interactive application generator system is being introduced. Which of the following areas is MOST critical to the ultimate success of this venture? A. Data control B. Systems analysis C. Systems programming D. Application programming
Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code
Access rules normally are included in which of the following documentation categories? A. Technical reference documentation B. User manuals C. Functional design specifications D. System development methodology documents
The PRIMARY purpose of compliance tests is to verify whether: A. controls are implemented as prescribed. B. documentation is accurate and current. C. access to users is provided as specified. D. data validation procedures are provided.
Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.
Which of the following offsite information processing facility conditions would cause an IS auditor the GREATEST concern? The facility A. is identified clearly on the outside with the company name. B. is located more than an hour driving distance from the originating site. C. does not have any windows to let in natural sunlight. D. entrance is located in the back of the building rather than the front.
A probable advantage to an organization that has outsourced its data processing services is that: A. needed IS expertise can be obtained from the outside. B. greater control can be exercised over processing. C. processing priorities can be established and enforced internally. D. greater user involvement is required to communicate user needs.
Which of the following is the MOST effective means of determining which controls are functioning properly in an operating system? A. Consulting with the vendor B. Reviewing the vendor installation guide C. Consulting with the system programmer D. Reviewing the system generation parameters
The PRIMARY advantage of a continuous audit approach is that it: A. does not require an IS auditor to collect evidence on system reliability while processing is taking place. B. requires the IS auditor to review and follow up immediately on all information collected. C. can improve system security when used in time-sharing environments that process a large number of transactions. D. does not depend on the complexity of an organization's computer systems.
Which of the following tasks is performed by the same person in a well-controlled information processing facility/computer center? A. Security administration and management B. Computer operations and system development C. System development and change management D. System development and systems maintenance
Which of the following functions would be acceptable for the security administrator to perform in addition to his/her normal functions? A. Systems analyst B. Quality assurance C. Computer operator D. Systems programmer
Cisco Certifications 
