An IS auditor reviewing database controls discovered that
changes to the database during normal working hours were
handled through a standard set of procedures. However,
changes made after normal hours required only an abbreviated
number of steps. In this situation, which of the following
would be considered an adequate set of compensating controls?
A. Allow changes to be made only with the DBA user account.
B. Make changes to the database after granting access to a
normal user account
C. Use the DBA user account to make changes, log the changes
and review the change log the following day.
D. Use the normal user account to make changes, log the
changes and review the change log the following day.
Answer / guest
Answer: C
The use of a database administrator (DBA) user account
normally is (should be) set up to log all changes made and
is most appropriate for changes made outside of normal
hours. The use of a log, which records the changes, allows
changes to be reviewed. The use of the DBA user account
without logging would permit uncontrolled changes to be made
to databases once access to the account was obtained. The
use of a normal user account with no restrictions would
allow uncontrolled changes to any of the databases. Logging
would only provide information on changes made, but would
not limit changes to only those that were authorized. Hence,
logging coupled with review form an appropriate set of
compensating controls.
Is This Answer Correct ? | 4 Yes | 1 No |
Linux is an __________ operating system
Neural networks are effective in detecting fraud because they can: A. discover new trends since they are inherently linear. B. solve problems where large and general sets of training data are not obtainable. C. attack problems that require consideration of a large number of input variables. D. make assumptions about the shape of any curve relating variables to the output.
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as: A. critical. B. vital. C. sensitive. D. noncritical.
Which of the following is the MOST effective control over visitor access to a data center? A. Visitors are escorted. B. Visitor badges are required. C. Visitors sign in. D. Visitors are spot-checked by operators.
Which of the following is a form of an Internet attack? A. Searching for software design errors B. Guessing user passwords based on their personal information C. Breaking the deadman's door to gain entry D. Planting a trojan horse
Which of the following reports is a measure of telecommunication transmissions and determines whether transmissions are completed accurately? A. Online monitor reports B. Downtime reports C. Help desk reports D. Response time reports
Which of the following is a substantive audit test? A. Verifying that a management check has been performed regularly B. Observing that user IDs and passwords are required to sign on the computer C. Reviewing reports listing short shipments of goods received D. Reviewing an aged trial balance of accounts receivable
An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.
Detection risk refers to: A. concluding that material errors do not exist, when in fact they do. B. controls that fail to detect an error. C. controls that detect high-risk errors. D. detecting an error but failing to report it.
LANs: A. protect against virus infection. B. protect against improper disclosure of data. C. provide program integrity from unauthorized changes. D. provide central storage for a group of users.
An advantage of the use of hot sites as a backup alternative is that: A. the costs associated with hot sites are low. B. hot sites can be used for an extended amount of time. C. hot sites can be made ready for operation within a short period of time. D. they do not require that equipment and systems software be compatible with the primary site.
The method of routing traffic through split cable facilities or duplicate cable facilities is called: A. alternative routing. B. diverse routing. C. redundancy. D. circular routing.