Answer / guest

Answer: D

Rooms located on higher floors are less likely to flood than
the ground floor. There is no more or less chance of damage
from social engineering, wind or earthquake.

A dry-pipe fire extinguisher system is a system that uses: A. water, but in which water does not enter the pipes until a fire has been detected. B. water, but in which the pipes are coated with special watertight sealants. C. carbon dioxide instead of water. D. halon instead of water.

1 Answers  

---

Which of the following database administrator (DBA) activities is unlikely to be recorded on detective control logs? A. Deletion of a record B. Change of a password C. Disclosure of a password D. Changes to access rights

1 Answers  

---

52. Which of the following tests confirm that the new system can operate in its target environment?

1 Answers  

---

The use of residual biometric information to gain unauthorized access is an example of which of the following attacks? A. Replay B. Brute force C. Cryptographic D. Mimic

1 Answers  

---

The objective of IT governance is to ensure that the IT strategy is aligned with the objectives of (the): A. enterprise. B. IT. C. audit. D. finance.

1 Answers  

---

Which of the following offsite information processing facility conditions would cause an IS auditor the GREATEST concern? The facility A. is identified clearly on the outside with the company name. B. is located more than an hour driving distance from the originating site. C. does not have any windows to let in natural sunlight. D. entrance is located in the back of the building rather than the front.

1 Answers  

---

Prices are charged on the basis of a standard master file rate that changes as volume increases. Any exceptions must be manually approved. What is the MOST effective automated control to help ensure that all price exceptions are approved? A. All amounts are displayed back to the data entry clerk, who must verify them visually. B. Prices outside the normal range should be entered twice to verify data entry accuracy. C. The system beeps when price exceptions are entered and prints such occurrences on a report. D. A second-level password must be entered before a price exception can be processed.

1 Answers  

---

An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the: A. maintenance of access logs of usage of various system resources. B. authorization and authentication of the user prior to granting access to system resources. C. adequate protection of stored data on servers by encryption or other means. D. accountability system and the ability to identify any terminal accessing system resources.

2 Answers  

---

Which of the following development methods uses a prototype that can be updated continually to meet changing user or business requirements? A. Data-oriented development (DOD) B. Object-oriented development (OOD) C. Business process reengineering (BPR) D. Rapid application development (RAD)

1 Answers  

---

Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code

1 Answers  

---

Which of the following is the MOST effective control procedure for security of a stand-alone small business computer environment? A. Supervision of computer usage B. Daily management review of the trouble log C. Storage of computer media in a locked cabinet D. Independent review of an application system design

1 Answers  

---

The planning and monitoring of computer resources to ensure that they are being used efficiently and effectively is: A. hardware monitoring. B. capacity management. C. network management. D. job scheduling.

1 Answers  

---