Interested to Buy Any Domain ? << Click Here >> for more details...
What is a risk associated with attempting to control
physical access to sensitive areas, such as computer rooms,
through card keys, locks, etc.?
A. Unauthorized individuals wait for controlled doors to
open and walk in behind those authorized.
B. The contingency plan for the organization cannot
effectively test controlled access practices.
C. Access cards, keys, and pads can be easily duplicated
allowing easy compromise of the control.
D. Removing access for people no longer authorized is complex.
- 1 Answers
- 6602 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
The concept of piggybacking compromises all physical control
established. Choice B would be of minimal concern in a
disaster recovery environment. Items in choice C are not
easily duplicated. Regarding choice D, technology is
constantly changing but card keys have existed for some time
and appear to be a viable option for the foreseeable future.
| Is This Answer Correct ? | 1 Yes | 0 No |
An IS auditor should be involved in: A. observing tests of the disaster recovery plan. B. developing the disaster recovery plan. C. maintaining the disaster recovery plan. D. reviewing the disaster recovery requirements of supplier contracts.
Which of the following is MOST likely to occur when a system development project is in the middle of the programming/coding phase? A. Unit tests B. Stress tests C. Regression tests D. Acceptance tests
The PRIMARY reason for using digital signatures is to ensure data: A. confidentiality. B. integrity. C. availability. D. timeliness.
A key element in a risk analysis is/are: A. audit planning. B. controls. C. vulnerabilities. D. liabilities.
Information for detecting unauthorized input from a terminal would be BEST provided by the: A. console log printout. B. transaction journal. C. automated suspense file listing. D. user error report.
Which of the following is a continuity plan test that uses actual resources to simulate a system crash to cost-effectively obtain evidence about the plan's effectiveness? A. Paper test B. Post test C. Preparedness test D. Walk-through
When auditing the requirements phase of a software acquisition, the IS auditor should: A. assess the feasibility of the project timetable. B. assess the vendor?s proposed quality processes. C. ensure that the best software package is acquired. D. review the completeness of the specifications.
Which of the following would normally be found in application run manuals? A. Details of source documents B. Error codes and their recovery actions C. Program flowcharts and file definitions D. Change records for the application source code
Which of the following should be of MOST concern to an IS auditor? A. Lack of reporting of a successful attack on the network B. Failure to notify police of an attempted intrusion C. Lack of periodic examination of access rights D. Lack of notification to the public of an intrusion
A hardware control that helps to detect errors when data are communicated from one computer to another is known as a: A. duplicate check. B. table lookup. C. validity check. D. parity check.
Which of the following should be included in an organization's IS security policy? A. A list of key IT resources to be secured B. The basis for access authorization C. Identity of sensitive security features D. Relevant software security features
When two or more systems are integrated, input/output controls must be reviewed by the IS auditor in the: A. systems receiving the output of other systems. B. systems sending output to other systems. C. systems sending and receiving data. D. interfaces between the two systems.
Cisco Certifications 
