Answer / guest

Answer: A

The normalization means the elimination of redundant data.
Hence, the objective of normalization in relational
databases is to minimize the quantum of information by
eliminating redundant data in tables, quickly processing
users? requests and maintaining data integrity. Maximizing
the quantum of information is against the rules of
normalization. If particular information is provided in
difference tables, the objective of data integrity may be
violated because one table may be updated and not others.
Normalization rules advocate storing data in only one table,
hence, minimizing the response time through faster
processing of information.

Answer / annmarie williams

D. minimization of response time through faster processing of information.

The phases and deliverables of a systems development life cycle (SDLC) project should be determined: A. during the initial planning stages of the project. B. after early planning has been completed, but before work has begun. C. through out the work stages based on risks and exposures. D. only after all risks and exposures have been identified and the IS auditor has recommended appropriate controls.

2 Answers  

---

Which of the following is the initial step in creating a firewall policy? A. A cost-benefits analysis of methods for securing the applications B. Identification of network applications to be externally accessed C. Identification of vulnerabilities associated with network applications to be externally accessed D. Creation of an applications traffic matrix showing protection methods

1 Answers  

---

Which of the following information valuation methods is LEAST likely to be used during a security review? A. Processing cost B. Replacement cost C. Unavailability cost D. Disclosure cost

1 Answers  

---

Which of the following reports should an IS auditor use to check compliance with a service level agreement (SLA) requirement for uptime? A. Utilization reports B. Hardware error reports C. System logs D. Availability reports

2 Answers  

---

During an audit of a telecommunications system the IS auditor finds that the risk of intercepting data transmitted to and from remote sites is very high. The MOST effective control for reducing this exposure is: A. encryption. B. callback modems. C. message authentication. D. dedicated leased lines.

2 Answers  

---

Which of the following represents the GREATEST potential risk in an EDI environment? A. Transaction authorization B. Loss or duplication of EDI transmissions C. Transmission delay D. Deletion or manipulation of transactions prior to or after establishment of application controls

1 Answers   CTS,

---

Which of the following types of transmission media provide the BEST security against unauthorized access? A. Copper wire B. Twisted pair C. Fiber-optic cables D. Coaxial cables

1 Answers  

---

Electronic signatures can prevent messages from being: A. suppressed. B. repudiated. C. disclosed. D. copied.

1 Answers  

---

The responsibility for designing, implementing and maintaining a system of internal control lies with: A. the IS auditor. B. management. C. the external auditor. D. the programming staff.

2 Answers  

---

Which of the following controls would provide the GREATEST assurance of database integrity? A. Audit log procedures B. Table link/reference checks C. Query/table access time checks D. Rollback and rollforward database features

1 Answers  

---

Which of the following forms of evidence for the auditor would be considered the MOST reliable? A. An oral statement from the auditee B. The results of a test performed by an IS auditor C. An internally generated computer accounting report D. A confirmation letter received from an outside source

2 Answers  

---

Which of the following exposures could be caused by a line-grabbing technique? A. Unauthorized data access B. Excessive CPU cycle usage C. Lockout of terminal polling D. Multiplexor control dysfunction

1 Answers   Samsung,

---