Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following BEST describes an IT department?s
strategic planning process?
A. The IT department will have either short-range or
long-range plans depending on the organization?s broader
plans and objectives.
B. The IT department?s strategic plan must be time and
project oriented, but not so detailed as to address and help
determine priorities to meet business needs.
C. Long-range planning for the IT department should
recognize organizational goals, technological advances and
regulatory requirements.
D. Short-range planning for the IT department does not need
to be integrated into the short-range plans of the
organization since technological advances will drive the IT
department plans much quicker than organizational plans.
- 1 Answers
- 9712 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Long-range planning for the IT department should recognize
organizational goals, technological advances and regulatory
requirements. Typically, the IT department will have both
long-range and short-range plans that are consistent and
integrated with the organization?s plans. These plans must
be time- and project-oriented, as well as addressing the
organization?s broader plans for attaining the
organization?s goals.
| Is This Answer Correct ? | 6 Yes | 0 No |
Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.
Which of the following provisions in a contract for external information systems services would an IS auditor consider to be LEAST significant? A. Ownership of program and files B. Statement of due care and confidentiality C. Continued service of outsourcer in the event of a disaster D. Detailed description of computer hardware used by the vendor
A utility is available to update critical tables in case of data inconsistency. This utility can be executed at the OS prompt or as one of menu options in an application. The BEST control to mitigate the risk of unauthorized manipulation of data is to: A. delete the utility software and install it as and when required. B. provide access to utility on a need-to-use basis. C. provide access to utility to user management D. define access so that the utility can be only executed in menu option.
Which of the following issues should be included in the business continuity plan? A. The staff required to maintain critical business functions in the short, medium and long term B. The potential for a natural disaster to occur, such as an earthquake C. Disastrous events impacting information systems processing and end-user functions D. A risk analysis that considers systems malfunctions, accidental file deletions or other failures
Which of the following types of firewalls would BEST protect a network from an Internet attack? A. Screened subnet firewall B. Application filtering gateway C. Packet filtering router D. Circuit-level gateway
A company disposing of personal computers that once were used to store confidential data should first: A. demagnetize the hard disk. B. low-level format the hard disk. C. delete all data contained on the hard disk. D. defragment the data contained on the hard disk.
When reviewing a system development project at the project initiation stage, an IS auditor finds that the project team is following the organization's quality manual. To meet critical deadlines the project team proposes to fast track the validation and verification processes, commencing some elements before the previous deliverable is signed off. Under these circumstances, the IS auditor would MOST likely: A. report this as a critical finding to senior management. B. accept that different quality processes can be adopted for each project. C. report to IS management the team's failure to follow quality procedures. D. report the risks associated with fast tracking to the project steering committee.
Utilizing audit software to compare the object code of two programs is an audit technique used to test program: A. logic. B. changes. C. efficiency. D. computations.
An IS auditor evaluating data integrity in a transaction driven system environment should review atomicity, to determine whether: A. the database survives failures (hardware or software). B. each transaction is separated from other transactions. C. integrity conditions are maintained. D. a transaction is completed or not, or a database is updated or not.
A single digitally signed instruction was given to a financial institution to credit a customer's account. The financial institution received the instruction three times and credited the account three times. Which of the following would be the MOST appropriate control against such multiple credits? A. Encrypting the hash of the payment instruction with the public key of the financial institution. B. Affixing a time stamp to the instruction and using it to check for duplicate payments. C. Encrypting the hash of the payment instruction with the private key of the instructor. D. Affixing a time stamp to the hash of the instruction before being digitally signed by the instructor.
Which of the following functions, if performed by scheduling and operations personnel, would be in conflict with a policy requiring a proper segregation of duties? A. Job submission B. Resource management C. Code correction D. Output distribution
Which of the following is the PRIMARY reason for involving an IS auditor in the definition of a system's requirements? A. Post-application reviews do not need to be performed. B. Total budgeted system development costs can be reduced. C. It is costly to institute controls after a system becomes operational. D. The extent of user involvement in design activities is reduced.
Cisco Certifications 
