Interested to Buy Any Domain ? << Click Here >> for more details...
Accountability for the maintenance of appropriate security
measures over information assets resides with the:
A. security administrator.
B. systems administrator.
C. data and systems owners.
D. systems operations group.
- 2 Answers
- 9113 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: C
Management should ensure that all information assets (data
and systems) have an appointed owner who makes decisions
about classification and access rights. System owners
typically delegate day-to-day custodianship to the systems
delivery/operations group and security responsibilities to a
security administrator. Owners, however, remain accountable
for the maintenance of appropriate security measures.
| Is This Answer Correct ? | 8 Yes | 0 No |
Answer / guest
Security administrator should take enough care to ensure
that the information is in a safe zone.
| Is This Answer Correct ? | 1 Yes | 3 No |
When an IS auditor obtains a list of current users with access to a WAN/LAN and verifies that those listed are active associates, the IS auditor is performing a: A. compliance test. B. substantive test. C. statistical sample. D. risk assessment.
A referential integrity constraint consists of: A. ensuring the integrity of transaction processing. B. ensuring that data are updated through triggers. C. ensuring controlled user updates to database. D. rules for designing tables and queries.
A debugging tool, which reports on the sequence of steps executed by a program, is called a/an: A. output analyzer. B. memory dump. C. compiler. D. logic path monitor.
The BEST defense against network eavesdropping is: A. encryption. B. moving the defense perimeter outward. C. reducing the amplitude of the communication signal. D. masking the signal with noise.
A tax calculation program maintains several hundred tax rates. The BEST control to ensure that tax rates entered into the program are accurate is: A. an independent review of the transaction listing. B. a programmed edit check to prevent entry of invalid data. C. programmed reasonableness checks with 20 percent data entry range. D. a visual verification of data entered by the processing department.
The PRIMARY objective of an IS audit function is to: A. determine whether everyone uses IS resources according to their job description. B. determine whether information systems safeguard assets, and maintain data integrity. C. examine books of accounts and relative documentary evidence for the computerized system. D. determine the ability of the organization to detect fraud.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.
When developing a risk management program, the FIRST activity to be performed is a/an: A. threats assessment. B. classification of data. C. inventory of assets. D. criticality analysis.
The PRIMARY reason for separating the test and development environments is to: A. restrict access to systems under test. B. segregate user and development staff. C. control the stability of the test environment. D. secure access to systems under development.
Which of the following is the MOST effective means of determining which controls are functioning properly in an operating system? A. Consulting with the vendor B. Reviewing the vendor installation guide C. Consulting with the system programmer D. Reviewing the system generation parameters
The objective of IT governance is to ensure that the IT strategy is aligned with the objectives of (the): A. enterprise. B. IT. C. audit. D. finance.
Cisco Certifications 
