Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is the PRIMARY reason for involving
an IS auditor in the definition of a system's requirements?
A. Post-application reviews do not need to be performed.
B. Total budgeted system development costs can be reduced.
C. It is costly to institute controls after a system becomes
operational.
D. The extent of user involvement in design activities is
reduced.
- 1 Answers
- 5000 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The assurance of adequate controls is the primary reason for
an IS auditor's involvement in the requirements definition
process. The fact that these controls can be designed into
the system as opposed to being retrofitted brings cost
savings to the overall cost of the system. Therefore, this
is a basic justification for involving the IS auditor in the
system development process.
| Is This Answer Correct ? | 8 Yes | 0 No |
A hub is a device that connects: A. two LANs using different protocols. B. a LAN with a WAN. C. a LAN with a metropolitan area network (MAN). D. two segments of a single LAN.
Neural networks are effective in detecting fraud because they can: A. discover new trends since they are inherently linear. B. solve problems where large and general sets of training data are not obtainable. C. attack problems that require consideration of a large number of input variables. D. make assumptions about the shape of any curve relating variables to the output.
Digital signatures require the: A. signer to have a public key and the receiver to have a private key. B. signer to have a private key and the receiver to have a public key. C. signer and receiver to have a public key. D. signer and receiver to have a private key.
An IS auditor discovers that programmers have update access to the live environment. In this situation, the IS auditor is LEAST likely to be concerned that programmers can: A. authorize transactions. B. add transactions directly to the database. C. make modifications to programs directly. D. access data from live environment and provide faster maintenance.
As a result of a business process reengineering (BPR) project: A. an IS auditor would be concerned with the key controls that existed in the prior business process and not those in the new process. B. system processes are automated in such a way that there are more manual interventions and manual controls. C. the newly designed business processes usually do not involve changes in the way(s) of doing business. D. advantages usually are realized when the reengineering process appropriately suits the business and risk.
A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? A. Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). B. A digital signature with RSA has been implemented. C. Digital certificates with RSA are being used. D. Work is being completed in TCP services.
The use of coding standards is encouraged by IS auditors because they: A. define access control tables. B. detail program documentation. C. standardize dataflow diagram methodology. D. ensure compliance with field naming conventions.
Which of the following is the MOST secure and economical method for connecting a private network over the Internet in a small- to medium-sized organization? A. Virtual private network B. Dedicated line C. Leased line D. Integrated services digital network
An advantage of using sanitized live transactions in test data is that: A. all transaction types will be included. B. every error condition is likely to be tested. C. no special routines are required to assess the results. D. test transactions are representative of live processing.
When an information security policy has been designed, it is MOST important that the information security policy be: A. stored offsite. B. written by IS management. C. circulated to users. D. updated frequently.
Structured programming is BEST described as a technique that: A. provides knowledge of program functions to other programmers via peer reviews. B. reduces the maintenance time of programs by the use of small-scale program modules. C. makes the readable coding reflect as closely as possible the dynamic execution of the program. D. controls the coding and testing of the high-level functions of the program in the development process.
As a business process reengineering (BPR) project takes hold it is expected that: A. business priorities will remain stable. B. information technologies will not change. C. the process will improve product, service and profitability. D. input from clients and customers will no longer be necessary.
Cisco Certifications 
