The risk of an IS auditor using an inadequate test procedure
and concluding that material errors do not exist when, in
fact, they exist is:
- 6 Answers
- 11678 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / bbb
A. neglect risk.
B. control risk.
C. detection risk.
D. audit risk.
| Is This Answer Correct ? | 4 Yes | 2 No |
Connection-oriented protocols in the TCP/IP suite are implemented in the: A. transport layer. B. application layer. C. physical layer. D. network layer.
While copying files from a floppy disk a user introduced a virus into the network. Which of the following would MOST effectively detect the existence of the virus? A: A. scan of all floppy disks before use B. virus monitor on the network file server C. scheduled daily scan of all network drives D. virus monitor on the user's personal computer
Electronic signatures can prevent messages from being: A. suppressed. B. repudiated. C. disclosed. D. copied.
Which of the following is a control over database administration activities? A. A database checkpoint to restart processing after a system failure B. Database compression to reduce unused space C. Supervisory review of access logs D. Backup and recovery procedures to ensure database availability
The purpose for requiring source code escrow in a contractual agreement is to: A. ensure the source code is available if the vendor ceases to exist. B. permit customization of the software to meet specified business requirements. C. review the source code for adequacy of controls. D. ensure the vendor has complied with legal requirements.
Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code
An organization having a number of offices across a wide geographical area has developed a disaster recovery plan (DRP). Using actual resources, which of the following is the MOST cost-effective test of the DRP? A. Full operational test B. Preparedness test C. Paper test D. Regression test
Which of the following is MOST directly affected by network performance monitoring tools? A. Integrity B. Availability C. Completeness D. Confidentiality
When using public key encryption to secure data being transmitted across a network: A. both the key used to encrypt and decrypt the data are public. B. the key used to encrypt is private, but the key used to decrypt the data is public. C. the key used to encrypt is public, but the key used to decrypt the data is private. D. both the key used to encrypt and decrypt the data are private.
A PING command is used to measure: A. attenuation. B. throughput. C. delay distortion. D. latency.
Which of the following exposures associated with the spooling of sensitive reports for offline printing would an IS auditor consider to be the MOST serious? A. Sensitive data can be read by operators. B. Data can be amended without authorization. C. Unauthorized report copies can be printed. D. Output can be lost in the event of system failure.
When reviewing an organization's logical access security, which of the following would be of the MOST concern to an IS auditor? A. Passwords are not shared. B. Password files are encrypted. C. Redundant logon IDs are deleted. D. The allocation of logon IDs is controlled.
Cisco Certifications 
