To prevent unauthorized entry to the data maintained in a
dial-up fast response system, an IS auditor should recommend:
A. online terminals be placed in restricted areas.
B. online terminals be equipped with key locks.
C. ID cards be required to gain access to online terminals.
D. online access be terminated after three unsuccessful
attempts.
Answer / guest
Answer: D
The most appropriate control to prevent unauthorized entry
is to terminate connection after a specified number of
attempts. This will deter access through the guessing of ids
and passwords. The other choices are physical controls,
which are not effective in deterring unauthorized accesses
via the telephone lines.
Is This Answer Correct ? | 5 Yes | 0 No |
If a database is restored using before-image dumps, where should the process be restarted following an interruption? A. Before the last transaction B. After the last transaction C. The first transaction after the latest checkpoint D. The last transaction before the latest checkpoint
An IS auditor reviewing an organization's IT strategic plan should FIRST review: A. the existing IT environment. B. the business plan. C. the present IT budget. D. current technology trends.
Which of the following physical access controls would provide the highest degree of security over unauthorized access? A. Bolting door lock B. Cipher lock C. Electronic door lock D. Fingerprint scanner
While planning an audit, an assessment of risk should be made to provide: A. reasonable assurance that the audit will cover material items. B. definite assurance that material items will be covered during the audit work. C. reasonable assurance that all items will be covered by the audit. D. sufficient assurance that all items will be covered during the audit work.
Which of the following is the MOST effective means of determining which controls are functioning properly in an operating system? A. Consulting with the vendor B. Reviewing the vendor installation guide C. Consulting with the system programmer D. Reviewing the system generation parameters
Which of the following fire suppressant systems would an IS auditor expect to find when conducting an audit of an unmanned computer center? A. Carbon dioxide B. Halon C. Dry-pipe sprinkler D. Wet-pipe sprinkler
Which tests is an IS auditor performing when certain program is selected to determine if the source and object versions are the same?
The planning and monitoring of computer resources to ensure that they are being used efficiently and effectively is: A. hardware monitoring. B. capacity management. C. network management. D. job scheduling.
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the: A. hardware is protected against power surges. B. integrity is maintained if the main power is interrupted. C. immediate power will be available if the main power is lost. D. hardware is protected against long-term power fluctuations.
One of the purposes of library control software is to allow: A. programmers access to production source and object libraries. B. batch program updating. C. operators to update the control library with the production version before testing is completed. D. read-only access to source code.
To share data in a multivendor network environment, it is essential to implement program-to-program communication. With respect to program-to-program communication features that can be implemented in this environment, which of the following makes implementation and maintenance difficult? A. User isolation B. Controlled remote access C. Transparent remote access D. The network environments
Which of the following can identify attacks and penetration attempts to a network? A. Firewall B. Packet filters C. Stateful inspection D. Intrusion detection system (IDs)