Analysis of which of the following would MOST likely enable
the IS auditor to determine if a non-approved program
attempted to access sensitive data?
A. Abnormal job termination reports
B. Operator problem reports
C. System logs
D. Operator work schedules
- 1 Answers
- 4457 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
System logs are automated reports that identify most of the
activities performed on the computer. Many programs have
been developed which analyze the system log to report on
specifically defined items. Abnormal job termination reports
identify application jobs that were terminated before
successful completion. Operator problem reports are used by
operators to log computer operations problems and their
solutions. Operator work schedules are maintained by IS
management to assist in human resource planning.
| Is This Answer Correct ? | 9 Yes | 0 No |
The window of time recovery of information processing capabilities is based on the: A. criticality of the processes affected. B. quality of the data to be processed. C. nature of the disaster. D. applications that are mainframe based.
Which of the following is a benefit of using callback devices? A. Provide an audit trail B. Can be used in a switchboard environment C. Permit unlimited user mobility D. Allow call forwarding
Change control procedures to prevent scope creep during an application development project should be defined during: A. design. B. feasibility. C. implementation. D. requirements definition.
Which audit technique provides the BEST evidence of the segregation of duties in an IS department? A. Discussion with management B. Review of the organization chart C. Observation and interviews D. Testing of user access rights
In a risk-based audit approach, an IS auditor, in addition to risk, would be influenced by: A. the availability of CAATs. B. management's representation. C. organizational structure and job responsibilities. D. the existence of internal and operational controls
An IS auditor is reviewing a project that is using an agile software development approach. Which of the following should the IS auditor expect to find? A. Use of a capability maturity model (CMM) B. Regular monitoring of task-level progress against schedule C. Extensive use of software development tools to maximize team productivity D. Postiteration reviews that identify lessons learned for future use in the project
The act that describes a computer intruder capturing a stream of data packets and inserting these packets into the network as if it were another genuine message stream is called: A. eavesdropping. B. message modification. C. a brute-force attack. D. packet replay.
Disaster recovery planning for a company's computer system usually focuses on: A. operations turnover procedures. B. strategic long-range planning. C. the probability that a disaster will occur. D. alternative procedures to process transactions.
An IS auditor conducting an access controls review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that: A. exposure is greater since information is available to unauthorized users. B. operating efficiency is enhanced since anyone can print any report, any time. C. operating procedures are more effective since information is easily available. D. user friendliness and flexibility is facilitated since there is a smooth flow of information among users.
Which of the following manages the digital certificate life cycle to ensure adequate security and controls exist in digital signature applications related to e-commerce? A. Registration authority B. Certification authority C. Certification relocation list D. Certification practice statement
Which of the following applet intrusion issues poses the GREATEST risk of disruption to an organization? A. A program that deposits a virus on a client machine B. Applets recording keystrokes and, therefore, passwords C. Downloaded code that reads files on a client's hard drive D. Applets opening connections from the client machine
The MAJOR concern for an IS auditor when reviewing an organization's business process reengineering (BRP) efforts is: A. cost overrun of the project. B. employees resistance to change. C. key controls may be removed from a business process. D. lack of documentation of new processes.
Cisco Certifications 
