Answer / guest

Answer: D

Packet replay is a combination of passive and active modes
of attack. This form of attack is particularly effective
when the receiving end of the communication channel is
automated and acts on the receipt and interpretation of
information packets without human intervention.

Which of the following data validation edits is effective in detecting transposition and transcription errors? A. Range check B. Check digit C. Validity check D. Duplicate check

1 Answers  

---

Which of the following would BEST support 24/7 availability? A. Daily backup B. Offsite storage C. Mirroring D. Periodic testing

1 Answers  

---

In a small organization, where segregation of duties is not practical, an employee performs the function of computer operator and application programmer. Which of the following controls should the IS auditor recommend? A. Automated logging of changes to development libraries B. Additional staff to provide segregation of duties C. Procedures that verify that only approved program changes are implemented D. Access controls to prevent the operator from making program modifications

1 Answers  

---

Which of the following concerns about the security of an electronic message would be addressed by digital signatures? A. Unauthorized reading B. Theft C. Unauthorized copying D. Alteration

1 Answers  

---

In a LAN environment, which of the following minimizes the risk of data corruption during transmission? A. Using end-to-end encryption for data communication B. Using separate conduits for electrical and data cables C. Using check sums for checking the corruption of data D. Connecting the terminals using a star topology

1 Answers  

---

The use of coding standards is encouraged by IS auditors because they: A. define access control tables. B. detail program documentation. C. standardize dataflow diagram methodology. D. ensure compliance with field naming conventions.

1 Answers  

---

Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.

1 Answers  

---

Which of the following is the MOST important function to be performed by IS management when a service has been outsource? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance

2 Answers  

---

Which of the following provides the framework for designing and developing logical access controls? A. Information systems security policy B. Access control lists C. Password management D. System configuration files

2 Answers  

---

Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure (PKI) with digital certificates for its business-to-consumer transactions via the Internet? A. Customers are widely dispersed geographically, but the certificate authorities (CAs) are not. B. Customers can make their transactions from any computer or mobile device. C. The CA has several data processing subcenters to administer certificates. D. The organization is the owner of the CA.

1 Answers  

---

The PRIMARY purpose of audit trails is to: A. improve response time for users. B. establish accountability and responsibility for processed transactions. C. improve the operational efficiency of the system. D. provide useful information to auditors who may wish to track transactions.

1 Answers  

---

Electromagnetic emissions from a terminal represent an exposure because they: A. affect noise pollution. B. disrupt processor functions. C. produce dangerous levels of electric current. D. can be detected and displayed.

1 Answers  

---