Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

What is a risk associated with attempting to control
physical access to sensitive areas, such as computer rooms,
through card keys, locks, etc.?

A. Unauthorized individuals wait for controlled doors to
open and walk in behind those authorized.

B. The contingency plan for the organization cannot
effectively test controlled access practices.

C. Access cards, keys, and pads can be easily duplicated
allowing easy compromise of the control.

D. Removing access for people no longer authorized is complex.

Question Posted / guest


What is a risk associated with attempting to control physical access to sensitive areas, such as co..

Answer / guest

Answer: A

The concept of piggybacking compromises all physical control
established. Choice B would be of minimal concern in a
disaster recovery environment. Items in choice C are not
easily duplicated. Regarding choice D, technology is
constantly changing but card keys have existed for some time
and appear to be a viable option for the foreseeable future.

Is This Answer Correct ?    1 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Which of the following would not prevent the loss of an asset but would assist in recovery by transferring part of the risk to a third party? A. Full system backups B. Insurance C. Testing D. Business impact analysis

1 Answers  

Which of the following exposures associated with the spooling of sensitive reports for offline printing would an IS auditor consider to be the MOST serious? A. Sensitive data can be read by operators. B. Data can be amended without authorization. C. Unauthorized report copies can be printed. D. Output can be lost in the event of system failure.

1 Answers  

The application test plans are developed in which of the following systems development life cycle (SDLC) phases? A. Design B. Testing C. Requirement D. Development

1 Answers  

The most common problem in the operation of an intrusion detection system (IDS) is: A. the detection of false positives. B. receiving trap messages. C. reject error rates. D. denial-of-service attacks.

1 Answers   ABC,

To determine which users can gain access to the privileged supervisory state, which of the following should an IS auditor review? A. System access log files B. Enabled access control software parameters C. Logs of access control violations D. System configuration files for control options used

1 Answers  

An IS auditor performing a review of the IS department discovers that formal project approval procedures do not exist. In the absence of these procedures the IS manager has been arbitrarily approving projects that can be completed in a short duration and referring other more complicated projects to higher levels of management for approval. The IS auditor should recommend as a FIRST course of action that: A. users participate in the review and approval process. B. formal approval procedures be adopted and documented. C. projects be referred to appropriate levels of management for approval. D. the IS manager's job description be changed to include approval authority.

2 Answers  

Before reporting results of an audit to senior management, an IS auditor should: A. Confirm the findings with auditees. B. Prepare an executive summary and send it to auditee management. C. Define recommendations and present the findings to the audit committee. D. Obtain agreement from the auditee on findings and actions to be taken.

1 Answers   TPA,

An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity

1 Answers  

Which of the following is MOST effective in controlling application maintenance? A. Informing users of the status of changes B. Establishing priorities on program changes C. Obtaining user approval of program changes D. Requiring documented user specifications for changes

1 Answers  

The PRIMARY reason for replacing checks (cheques) with EFT systems in the accounts payable area is to: A. make the payment process more efficient. B. comply with international EFT banking standards. C. decrease the number of paper-based payment forms. D. reduce the risk of unauthorized changes to payment transactions.

1 Answers  

To check the performance of flow and error control, an IS auditor should focus the use of a protocol analyzer on which of the following layers? A. Network B. Transport C. Data link D. Application

2 Answers  

A control log basic to a real-time application system is a(n): A. audit log. B. console log. C. terminal log. D. transaction log.

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)