Answer / guest

Answer: A

Observation is considered to be the best test to ensure that
an employee understands and practices good preventive and
detective security.

The most likely error to occur when implementing a firewall is: A. incorrectly configuring the access lists. B. compromising the passwords due to social engineering. C. connecting a modem to the computers in the network. D. inadequately protecting the network and server from virus attacks.

1 Answers  

---

Which of the following line media would provide the BEST security for a telecommunication network? A. Broad band network digital transmission B. Baseband network C. Dial-up D. Dedicated lines

1 Answers  

---

An IS auditor has just completed a review of an organization that has a mainframe and a client-server environment where all production data reside. Which of the following weaknesses would be considered the MOST serious? A. The security officer also serves as the database administrator (DBA.) B. Password controls are not administered over the client/server environment. C. There is no business continuity plan for the mainframe system?s non-critical applications. D. Most LANs do not back up file server fixed disks regularly.

1 Answers  

---

The MOST significant level of effort for business continuity planning (BCP) generally is required during the: A. testing stage. B. evaluation stage. C. maintenance stage. D. early stages of planning.

2 Answers  

---

The use of a GANTT chart can: A. aid in scheduling project tasks. B. determine project checkpoints. C. ensure documentation standards. D. direct the post-implementation review.

2 Answers  

---

Which of the following is the MOST critical and contributes the MOST to the quality of data in a data warehouse? A. Accuracy of the source data B. Credibility of the data source C. Accuracy of the extraction process D. Accuracy of the data transformation

1 Answers  

---

Which of the following components of a business continuity plan is PRIMARILY the responsibility of an organization?s IS department? A. Developing the business continuity plan B. Selecting and approving the strategy for business continuity plan C. Declaring a disaster D. Restoring the IS systems and data after a disaster

1 Answers  

---

Which of the following encrypt/decrypt steps provides the GREATEST assurance in achieving confidentiality, message integrity and nonrepudiation by either sender or recipient? A. The recipient uses his/her private key to decrypt the secret key. B. The encrypted pre-hash code and the message are encrypted using a secret key. C. The encrypted pre-hash code is derived mathematically from the message to be sent. D. The recipient uses the sender's public key, verified with a certificate authority, to decrypt the pre-hash code.

1 Answers  

---

An IS auditor performing an access controls review should be LEAST concerned if: A. audit trails were not enabled. B. programmers have access to the live environment. C. group logons are being used for critical functions. D. the same user can initiate transactions and also change related parameters.

1 Answers  

---

Which of the following is the most important element in the design of a data warehouse? A. Quality of the metadata B. Speed of the transactions C. Volatility of the data D. Vulnerability of the system

1 Answers  

---

Which of the following would be included in an IS strategic plan? A. Specifications for planned hardware purchases B. Analysis of future business objectives C. Target dates for development projects D. Annual budgetary targets for the IS department

2 Answers  

---

An organization's disaster recovery plan should address early recovery of: A. all information systems processes. B. all financial processing applications. C. only those applications designated by the IS manager. D. processing in priority order, as defined by business management.

1 Answers  

---