Answer / guest

Answer: D

A digital signature includes an encrypted hash total of the
size of the message as it was transmitted by its originator.
This hash would no longer be accurate if the message was
subsequently altered, thus indicating that the alteration
had occurred. Digital signatures will not identify or
prevent any of the other options. The signature would
neither prevent nor deter unauthorized reading, copying or
theft.

An IS auditor attempting to determine whether access to program documentation is restricted to authorized persons would MOST likely: A. evaluate the record retention plans for off-premises storage. B. interview programmers about the procedures currently being followed. C. compare utilization records to operations schedules. D. review data file access records to test the librarian function.

1 Answers  

---

Which of the following is intended to detect the loss or duplication of input? A. Hash totals B. Check digits C. Echo checks D. Transaction codes

1 Answers  

---

To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.

1 Answers  

---

Assumptions while planning an IS project involve a high degree of risk because they are: A. based on known constraints. B. based on objective past data. C. a result of lack of information. D. often made by unqualified people.

1 Answers  

---

The use of coding standards is encouraged by IS auditors because they: A. define access control tables. B. detail program documentation. C. standardize dataflow diagram methodology. D. ensure compliance with field naming conventions.

1 Answers  

---

The BEST method of proving the accuracy of a system tax calculation is by: A. detailed visual review and analysis of the source code of the calculation programs. B. recreating program logic using generalized audit software to calculate monthly totals. C. preparing simulated transactions for processing and comparing the results to predetermined results. D. automatic flowcharting and analysis of the source code of the calculation programs.

2 Answers  

---

To share data in a multivendor network environment, it is essential to implement program-to-program communication. With respect to program-to-program communication features that can be implemented in this environment, which of the following makes implementation and maintenance difficult? A. User isolation B. Controlled remote access C. Transparent remote access D. The network environments

1 Answers  

---

Which of these has the potential to improve security incident response processes? A. Review the incident response procedures. B. Post-mortem or post-event reviews by the security team. C. Getting the hot-site ready. D. Reviw the BCP plan every six months

1 Answers  

---

Connection-oriented protocols in the TCP/IP suite are implemented in the: A. transport layer. B. application layer. C. physical layer. D. network layer.

1 Answers  

---

Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.

1 Answers  

---

Disaster recovery planning for a company's computer system usually focuses on: A. operations turnover procedures. B. strategic long-range planning. C. the probability that a disaster will occur. D. alternative procedures to process transactions.

1 Answers  

---

Which of the following is the FIRST step in a business process reengineering (BPR) project? A. Defining the areas to be reviewed B. Developing a project plan C. Understanding the process under review D. Reengineering and streamlining the process under review

1 Answers  

---