Question1: Which of the following represents the GREATEST risk created by a reciprocal agreement for disaster recovery made between two companies?
Question2: Why is a clause for requiring source code escrow in an application vendor agreement important?
Question3: A virus typically consists of what major parts (choose all that apply):
Question4: The MOST likely effect of the lack of senior management commitment to IT strategic planning is:
Question5: Using the OSI reference model, what layer(s) is/are used to encrypt data?
Question6: During an implementation review of a multiuser distributed application, an IS auditor finds minor weaknesses in three areas-the initial setting of parameters is improperly installed, weak passwords are being used and some vital reports are not being checked properly. While preparing the audit report, the IS auditor should:
Question7: In an online transaction processing system, data integrity is maintained by ensuring that a transaction is either completed in its entirety or not at all. This principle of data integrity is known as:
Question8: An integrated test facility is not considered a useful audit tool because it cannot compare processing output with independently calculated datA. True or false?
Question9: In the process of evaluating program change controls, an IS auditor would use source code comparison software to:
Question10: When reviewing input controls, an IS auditor observes that, in accordance with corporate policy, procedures allow supervisory override of data validation edits. The IS auditor should:
Question11: Validated digital signatures in an e-mail software application will:
Question12: What is often the most difficult part of initial efforts in application development? Choose the BEST answer.
Question13: An IS auditor reviewing an organization's IS disaster recovery plan should verify that it is:
Question14: What should an IS auditor do if he or she observes that project-approval procedures do not exist?
Question15: What should be the GREATEST concern to an IS auditor when employees use portable media (MP3 players, flash drives)?
Question16: When participating in a systems-development project, an IS auditor should focus on system controls rather than ensuring that adequate and complete documentation exists for all projects. True or false?
Question17: At the completion of a system development project, a postproject review should include which of the following?
Question18: Which of the following is the MOST critical and contributes the greatest to the quality of data in a data warehouse?
Question19: Which of the following is a data validation edit and control?
Question20: Which of the following is a network diagnostic tool that monitors and records network information?
Question21: Naming conventions for system resources are important for access control because they:
Question22: An organization is migrating from a legacy system to an enterprise resource planning (ERP) system. While reviewing the data migration activity, the MOST important concern for the IS auditor is to determine that there is a:
Question23: ________________ (fill in the blank) is/are are ultimately accountable for the functionality, reliability, and security within IT governance. Choose the BEST answer.
Question24: Which of the following is a distinctive feature of the Secure Electronic Transactions (SET) protocol when used for electronic credit card payments?
Question25: The FIRST step in data classification is to:
Question26: Sophisticated database systems provide many layers and types of security, including (choose all that apply):
Question27: The purpose of code signing is to provide assurance that:
Question28: In a client-server architecture, a domain name service (DNS) is MOST important because it provides the:
Question29: Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with an organization's change control procedures?
Question30: What type of fire-suppression system suppresses fire via water that is released from a main valve to be delivered via a system of dry pipes installed throughout the facilities?
Question31: Obtaining user approval of program changes is very effective for controlling application changes and maintenance. True or false?
Question32: Which of the following is the BEST way to satisfy a two-factor user authentication?
Question33: Under the concept of ""defense in depth"", subsystems should be designed to:
Question34: An advantage in using a bottom-up vs. a top-down approach to software testing is that:
Question35: How does the SSL network protocol provide confidentiality?
Question36: Confidentiality of the data transmitted in a wireless LAN is BEST protected if the session is:
Question37: What are used as a countermeasure for potential database corruption when two processes attempt to simultaneously edit or update the same information? Choose the BEST answer.
Question38: Before implementing controls, management should FIRST ensure that the controls:
Question39: Proper segregation of duties prevents a computer operator (user) from performing security administration duties. True or false?
Question40: Function Point Analysis (FPA) provides an estimate of the size of an information system based only on the number and complexity of a system's inputs and outputs. True or false?
Question41: An IS auditor reviewing the implementation of an intrusion detection system (IDS) should be MOST concerned if:
Question42: Which of the following system and data conversion strategies provides the GREATEST redundancy?
Question43: An intentional or unintentional disclosure of a password is likely to be evident within control logs. True or false?
Question44: When performing a computer forensic investigation, in regard to the evidence gathered, an IS auditor should be MOST concerned with:
Question45: The use of statistical sampling procedures helps minimize:
Question46: In which of the following situations is it MOST appropriate to implement data mirroring as the recovery strategy?
Question47: The FIRST step in a successful attack to a system would be:
Question48: From a control perspective, the key element in job descriptions is that they:
Question49: A data administrator is responsible for:
Question50: Which of the following is the most fundamental step in preventing virus attacks?
Question51: An organization has contracted with a vendor for a turnkey solution for their electronic toll collection system (ETCS). The vendor has provided its proprietary application software as part of the solution. The contract should require that:
Question52: What process uses test data as part of a comprehensive test of program controls in a continuous online manner?
Question53: Which of the following is a prevalent risk in the development of end-user computing (EUC) applications?
Question54: To minimize costs and improve service levels an outsourcer should seek which of the following contract clauses?
Question55: Which of the following should be seen as one of the most significant factors considered when determining the frequency of IS audits within your organization?
Question56: Which of the following correctly describe the potential problem of deploying Wi-Fi Protected Access to secure your wireless network?
Question57: An IS auditor evaluates the test results of a modification to a system that deals with payment computation.
The auditor finds that 50 percent of the calculations do not match predetermined totals. Which of the following would MOST likely be the next step in the audit?
Question58: The extent to which data will be collected during an IS audit should be determined based on the:
Question59: The cost of ongoing operations when a disaster recovery plan is in place, compared to not having a disaster recovery plan, will MOST likely:
Question60: Which of the following should an IS auditor recommend to BEST enforce alignment of an IT project portfolio with strategic organizational priorities?
Question61: Which of the following is an oft-cited cause of vulnerability of networks?
Question62: Information for detecting unauthorized input from a terminal would be BEST provided by the:
Question63: Processing controls ensure that data is accurate and complete, and is processed only through which of the following? Choose the BEST answer.
Question64: The PRIMARY purpose for meeting with auditees prior to formally closing a review is to:
Question65: A proposed transaction processing application will have many data capture sources and outputs in paper and electronic form. To ensure that transactions are not lost during processing, an IS auditor should recommend the inclusion of:
Question66: During a security audit of IT processes, an IS auditor found that there were no documented security procedures. The IS auditor should:
Question67: An offsite information processing facility having electrical wiring, air conditioning and flooring, but no computer or communications equipment is a:
Question68: Which of the following best characterizes "worms"?
Question69: Run-to-run totals can verify data through which stage(s) of application processing?
Question70: What is used as a control to detect loss, corruption, or duplication of data?
Question71: An IS auditor issues an audit report pointing out the lack of firewall protection features at the perimeter network gateway and recommends a vendor product to address this vulnerability. The IS auditor has failed to exercise:
Question72: The BEST overall quantitative measure of the performance of biometric control devices is:
Question73: An installed Ethernet cable run in an unshielded twisted pair (UTP) network is more than 100 meters long.
Which of the following could be caused by the length of the cable?
Question74: During the collection of forensic evidence, which of the following actions would MOST likely result in the destruction or corruption of evidence on a compromised system?
Question75: Software is considered malware based on:
Question76: With respect to the outsourcing of IT services, which of the following conditions should be of GREATEST concern to an IS auditor?
Question77: Which of the following would MOST effectively control the usage of universal storage bus (USB) storage devices?
Question78: The role of the certificate authority (CA) as a third party is to:
Question79: Performance of a biometric measure is usually referred to in terms of (choose all that apply):
Question80: Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster?
Question81: What kind of protocols does the OSI Transport Layer of the TCP/IP protocol suite provide to ensure reliable communication?
Question82: Which of the following refers to the proving of mathematical theorems by a computer program?
Question83: An IS auditor noted that an organization had adequate business continuity plans (BCPs) for each individual process, but no comprehensive BCP. Which would be the BEST course of action for the IS auditor?
Question84: The PRIMARY purpose of audit trails is to:
Question85: Which of the following is widely accepted as one of the critical components in networking management?
Question86: An organization's disaster recovery plan should address early recovery of:
Question87: By evaluating application development projects against the capability maturity model (CMM), an IS auditor should be able to verify that:
Question88: The PRIMARY objective of service-level management (SLM) is to:
Question89: A hard disk containing confidential data was damaged beyond repair. What should be done to the hard disk to prevent access to the data residing on it?
Question90: What is the first step in a business process re-engineering project?
Question91: Which of the following provides the BEST single-factor authentication?
Question92: The PRIMARY goal of a web site certificate is:
Question93: If an IS auditor finds evidence of risk involved in not implementing proper segregation of duties, such as having the security administrator perform an operations function, what is the auditor's primary responsibility?
Question94: Which of the following is a good control for protecting confidential data residing on a PC?
Question95: The technique used to ensure security in virtual private networks (VPNs) is:
Question96: When reviewing the configuration of network devices, an IS auditor should FIRST identify:
Question97: The PRIMARY advantage of a continuous audit approach is that it:
Question98: How can minimizing single points of failure or vulnerabilities of a common disaster best be controlled?
Question99: What are intrusion-detection systems (IDS) primarily used for?
Question100: IS management recently replaced its existing wired local area network (LAN) with a wireless infrastructure to accommodate the increased use of mobile devices within the organization. This will increase the risk of which of the following attacks?
Question101: What method might an IS auditor utilize to test wireless security at branch office locations?
Question102: Which of the following encryption techniques will BEST protect a wireless network from a man-in-the- middle attack?
Question103: The success of control self-assessment (CSA) highly depends on:
Question104: Which of the following would provide the BEST protection against the hacking of a computer connected to the Internet?
Question105: E-mail traffic from the Internet is routed via firewall-1 to the mail gateway. Mail is routed from the mail gateway, via firewall-2, to the mail recipients in the internal network. Other traffic is not allowed. For example, the firewalls do not allow direct traffic from the Internet to the internal network.

The intrusion detection system (IDS) detects traffic for the internal network that did not originate from the mail gateway. The FIRST action triggered by the IDS should be to:
Question106: The Federal Information Processing Standards (FIPS) are primarily for use by (choose all that apply):
Question107: Which of the following are the characteristics of a good password?
Question108: What is wrong with a Black Box type of intrusion detection system?
Question109: During a change control audit of a production system, an IS auditor finds that the change management process is not formally documented and that some migration procedures failed. What should the IS auditor do next?
Question110: What should be done to determine the appropriate level of audit coverage for an organization's IT environment?
Question111: When developing a risk-based audit strategy, an IS auditor should conduct a risk assessment to ensure that:
Question112: An organization has a mix of access points that cannot be upgraded to stronger security and newer access points having advanced wireless security. An IS auditor recommends replacing the nonupgradeabie access points. Which of the following would BEST justify the IS auditor's recommendation?
Question113: After reviewing its business processes, a large organization is deploying a new web application based on a VoIP technology. Which of the following is the MOST appropriate approach for implementing access control that will facilitate security management of the VoIP web application?
Question114: Establishing data ownership is an important first step for which of the following processes? Choose the BEST answer.
Question115: How does the process of systems auditing benefit from using a risk-based approach to audit planning?
Question116: A trojan horse simply cannot operate autonomously.
Question117: When reviewing an intrusion detection system (IDS), an IS auditor should be MOST concerned about which of the following?
Question118: An organization has created a policy that defines the types of web sites that users are forbidden to access.
What is the MOST effective technology to enforce this policy?
Question119: Which of the following terms refers to systems designed to detect and prevent the unauthorized transmission of information from the computer systems of an organization to outsiders?
Question120: Wi-Fi Protected Access implements the majority of which IEEE standard?
Question121: The final decision to include a material finding in an audit report should be made by the:
Question122: The Secure Sockets Layer (SSL) protocol addresses the confidentiality of a message through:
Question123: An IS auditor attempting to determine whether access to program documentation is restricted to authorized persons would MOST likely:
Question124: Rather than simply reviewing the adequacy of access control, appropriateness of access policies, and effectiveness of safeguards and procedures, the IS auditor is more concerned with effectiveness and utilization of assets. True or false?
Question125: When evaluating the controls of an EDI application, an IS auditor should PRIMARILY be concerned with the risk of:
Question126: The optimum business continuity strategy for an entity is determined by the:
Question127: Which of the following would prevent accountability for an action performed, thus allowing nonrepudiation?
Question128: Normally, it would be essential to involve which of the following stakeholders in the initiation stage of a project?
Question129: The reliability of an application system's audit trail may be questionable if:
Question130: Which of the following fire suppression systems is MOST appropriate to use in a data center environment?
Question131: An organization having a number of offices across a wide geographical area has developed a disaster recovery plan (DRP). Using actual resources, which of the following is the MOST costeffective test of the DRP?
Question132: An organization can ensure that the recipients of e-mails from its employees can authenticate the identity of the sender by:
Question133: Although BCP and DRP are often implemented and tested by middle management and end users, the ultimate responsibility and accountability for the plans remain with executive management, such as the _______________. (fill-in-the-blank)
Question134: The frequent updating of which of the following is key to the continued effectiveness of a disaster recovery plan (DRP)?
Question135: Which of the following types of spyware was originally designed for determining the sources of error or for measuring staff productivity?
Question136: In regard to moving an application program from the test environment to the production environment, the BEST control would be to have the:
Question137: What are used as the framework for developing logical access controls?
Question138: An IS auditor interviewing a payroll clerk finds that the answers do not support job descriptions and documented procedures. Under these circumstances, the IS auditor should:
Question139: The network of an organization has been the victim of several intruders' attacks. Which of the following measures would allow for the early detection of such incidents?
Question140: Which of the following can help detect transmission errors by appending specially calculated bits onto the end of each segment of data?
Question141: Which of the following is the BEST method for preventing the leakage of confidential information in a laptop computer?
Question142: An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely:
Question143: Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization's security policy?
Question144: An IS auditor is reviewing a software-based firewall configuration. Which of the following represents the GREATEST vulnerability? The firewall software:
Question145: Why is the WAP gateway a component warranting critical concern and review for the IS auditor when auditing and testing controls enforcing message confidentiality?
Question146: The computer security incident response team (CSIRT) of an organization disseminates detailed descriptions of recent threats. An IS auditor's GREATEST concern should be that the users might:
Question147: Which of the following is the MOST effective control over visitor access to a data center?
Question148: Which of the following acts as a decoy to detect active internet attacks?
Question149: When performing an audit of a client relationship management (CRM) system migration project, which of the following should be of GREATEST concern to an IS auditor?
Question150: IT operations for a large organization have been outsourced. An IS auditor reviewing the outsourced operation should be MOST concerned about which of the following findings?
Question151: An IS auditor should be concerned when a telecommunication analyst:
Question152: An organization is using an enterprise resource management (ERP) application. Which of the following would be an effective access control?
Question153: Which of the following is of greatest concern when performing an IS audit?
Question154: An organization has outsourced its help desk. Which of the following indicators would be the best to include in the SLA?
Question155: An IS auditor who has discovered unauthorized transactions during a review of EDI transactions is likely to recommend improving the:
Question156: Effective IT governance will ensure that the IT plan is consistent with the organization's:
Question157: Which of the following results in a denial-of-service attack?
Question158: Whenever an application is modified, what should be tested to determine the full impact of the change?
Choose the BEST answer.
Question159: Which of the following is a good tool to use to help enforcing the deployment of good passwords?
Question160: In an audit of an inventory application, which approach would provide the BEST evidence that purchase orders are valid?
Question161: While conducting an audit, an IS auditor detects the presence of a virus. What should be the IS auditor's next step?
Question162: Which of the following would prevent unauthorized changes to information stored in a server's log?
Question163: Which of the following do digital signatures provide?
Question164: Which of the following is the MOST important action in recovering from a cyberattack?
Question165: Which of the following attacks targets the Secure Sockets Layer (SSL)?
Question166: An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following:
* The existing disaster recovery plan was compiled two years earlier by a systems analyst in the organization's IT department using transaction flow projections from the operations department.
* The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting their attention.
* The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for its area in the event of a disruptive incident.
The IS auditor's report should recommend that:
Question167: TEMPEST is a hardware for which of the following purposes?
Question168: An investment advisor e-mails periodic newsletters to clients and wants reasonable assurance that no one has modified the newsletter. This objective can be achieved by:
Question169: The PRIMARY reason for using digital signatures is to ensure data:
Question170: During an audit of an enterprise that is dedicated to e-commerce, the IS manager states that digital signatures are used when receiving communications from customers. To substantiate this, an IS auditor must prove that which of the following is used?
Question171: An organization with extremely high security requirements is evaluating the effectiveness of biometric systems. Which of the following performance indicators is MOST important?
Question172: Which of the following should be the MOST important criterion in evaluating a backup solution for sensitive data that must be retained for a long period of time due to regulatory requirements?
Question173: There are several methods of providing telecommunications continuity. The method of routing traffic through split cable or duplicate cable facilities is called:
Question174: A top-down approach to the development of operational policies will help ensure:
Question175: Integrating business continuity planning (BCP) into an IT project aids in:
Question176: The application systems of an organization using open-source software have no single recognized developer producing patches. Which of the following would be the MOST secure way of updating open- source software?
Question177: To determine how data are accessed across different platforms in a heterogeneous environment, an IS auditor should FIRST review:
Question178: To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is:
Question179: In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems?
Question180: Online banking transactions are being posted to the database when processing suddenly comes to a halt.
The integrity of the transaction processing is BEST ensured by:
Question181: Which of the following is the initial step in creating a firewall policy?
Question182: The MAIN purpose of a transaction audit trail is to:
Question183: An IS auditor has identified the lack of an authorization process for users of an application. The IS auditor's main concern should be that:
Question184: Which of the following is of greatest concern to the IS auditor?
Question185: After implementation of a disaster recovery plan, pre-disaster and post-disaster operational costs for an organization will:
Question186: Which of the following is the MOST robust method for disposing of magnetic media that contains confidential information?
Question187: When using an integrated test facility (ITF), an IS auditor should ensure that:
Question188: A long-term IS employee with a strong technical background and broad managerial experience has applied for a vacant position in the IS audit department. Determining whether to hire this individual for this position should be based on the individual's experience and:
Question189: After initial investigation, an IS auditor has reasons to believe that fraud may be present. The IS auditor should:
Question190: An audit charter should:
Question191: Why does the IS auditor often review the system logs?
Question192: Which of the following is the MOST reasonable option for recovering a noncritical system?
Question193: As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following is necessary to restore these files?
Question194: If an IS auditor observes that an IS department fails to use formal documented methodologies, policies, and standards, what should the auditor do? Choose the BEST answer.
Question195: An IS auditor is performing an audit of a network operating system. Which of the following is a user feature the IS auditor should review?
Question196: Disabling which of the following would make wireless local area networks more secure against unauthorized access?
Question197: Which of the following antivirus software implementation strategies would be the MOST effective in an interconnected corporate network?
Question198: The responsibility for authorizing access to application data should be with the:
Question199: Iptables is based on which of the following frameworks?
Question200: Which of the following is the MOST effective method for dealing with the spreading of a network worm that exploits vulnerability in a protocol?
Question201: The directory system of a database-management system describes:
Question202: The use of a GANTT chart can:
Question203: The most common reason for the failure of information systems to meet the needs of users is that:
Question204: Regarding a disaster recovery plan, the role of an IS auditor should include:
Question205: Which of the following BEST characterizes a mantrap or deadman door, which is used as a deterrent control for the vulnerability of piggybacking?
Question206: Which of the following is a general operating system access control function?
Question207: The initial step in establishing an information security program is the:
Question208: Which of the following represents the GREATEST potential risk in an EDI environment?
Question209: A transaction journal provides the information necessary for detecting unauthorized
_____________ (fill in the blank) from a terminal.
Question210: ALL computer programming languages are vulnerable to command injection attack.
Question211: While reviewing sensitive electronic work papers, the IS auditor noticed that they were not encrypted. This could compromise the:
Question212: As an outcome of information security governance, strategic alignment provides:
Question213: Which of the following should be a concern to an IS auditor reviewing a wireless network?
Question214: Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)?
Question215: In what way is a common gateway interface (CGI) MOST often used on a webserver?
Question216: Mitigating the risk and impact of a disaster or business interruption usually takes priority over transference of risk to a third party such as an insurer. True or false?
Question217: What is an acceptable recovery mechanism for extremely time-sensitive transaction processing?
Question218: Which of the following provides the BEST evidence of an organization's disaster recovery readiness?
Question219: An IS auditor is reviewing a project to implement a payment system between a parent bank and a subsidiary. The IS auditor should FIRST verify that the:
Question220: In the event of a disruption or disaster, which of the following technologies provides for continuous operations?
Question221: Which of the following provides the MOST relevant information for proactively strengthening security settings?
Question222: If inadequate, which of the following would be the MOST likely contributor to a denial-of-service attack?
Question223: The traditional role of an IS auditor in a control self-assessment (CSA) should be that of a(n):
Question224: Which of the following BEST describes the concept of ""defense in depth""?
Question225: Which of the following is the MOST important consideration when defining recovery point objectives (RPOs)?
Question226: During what process should router access control lists be reviewed?
Question227: Which of the following recovery strategies is MOST appropriate for a business having multiple offices within a region and a limited recovery budget?
Question228: IT control objectives are useful to IS auditors, as they provide the basis for understanding the:
Question229: Which of the following is the MOST reliable sender authentication method?
Question230: Which of the following would be of MOST concern to an IS auditor reviewing a virtual private network (VPN) implementation? Computers on the network that are located:
Question231: What is used to provide authentication of the website and can also be used to successfully authenticate keys used for data encryption?
Question232: What process is used to validate a subject's identity?
Question233: When using a universal storage bus (USB) flash drive to transport confidential corporate data to an offsite location, an effective control would be to:
Question234: How is the time required for transaction processing review usually affected by properly implemented Electronic Data Interface (EDI)?
Question235: The PRIMARY objective of testing a business continuity plan is to:
Question236: Which of the following is a substantive test?
Question237: Which of the following cryptography options would increase overhead/cost?
Question238: After an IS auditor has identified threats and potential impacts, the auditor should:
Question239: An organization has a recovery time objective (RTO) equal to zero and a recovery point objective (RPO) close to 1 minute for a critical system. This implies that the system can tolerate:
Question240: Which of the following should an IS auditor recommend to BEST enforce alignment of an IT project portfolio with strategic organizational priorities?
Question241: Doing which of the following during peak production hours could result in unexpected downtime?
Question242: A digital signature contains a message digest to:
Question243: Reverse proxy technology for web servers should be deployed if:
Question244: Which of the following would be considered an essential feature of a network management system?
Question245: While observing a full simulation of the business continuity plan, an IS auditor notices that the notification systems within the organizational facilities could be severely impacted by infra structural damage. The BEST recommendation the IS auditor can provide to the organization is to ensure:
Question246: The advantage of a bottom-up approach to the development of organizational policies is that the policies:
Question247: The Trojan.Linux.JBellz Trojan horse runs as a malformed file of what format?
Question248: What increases encryption overhead and cost the most?
Question249: What is a reliable technique for estimating the scope and cost of a software-development project?
Question250: An IS auditor performing a review of an application's controls would evaluate the:
Question251: Which of the following should be included in an organization's IS security policy?
Question252: Which of the following types of firewalls provide the GREATEST degree and granularity of control?
Question253: Which of the following is the MOST important function to be performed by IS management when a service has been outsourced?
Question254: In a relational database with referential integrity, the use of which of the following keys would prevent deletion of a row from a customer table as long as the customer number of that row is stored with live orders on the orders table?
Question255: During an exit interview, in cases where there is disagreement regarding the impact of a finding, an IS auditor should:
Question256: Which of the following user profiles should be of MOST concern to an IS auditor when performing an audit of an EFT system?
Question257: When reviewing a digital certificate verification process, which of the following findings represents the MOST significant risk?
Question258: Network ILD&P are typically installed:
Question259: A disaster recovery plan for an organization's financial system specifies that the recovery point objective (RPO) is no data loss and the recovery time objective (RTO) is 72 hours. Which of the following is the MOST cost-effective solution?
Question260: The GREATEST advantage of using web services for the exchange of information between two systems is:
Question261: Test and development environments should be separated. True or false?
Question262: Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?
Question263: Which of the following is the MOST important IS audit consideration when an organization outsources a customer credit review system to a third-party service provider? The provider:
Question264: Over the long term, which of the following has the greatest potential to improve the security incident response process?
Question265: In a public key infrastructure (PKI), the authority responsible for the identification and authentication of an applicant for a digital certificate (i.e., certificate subjects) is the:
Question266: Security should ALWAYS be an all or nothing issue.
Question267: While copying files from a floppy disk, a user introduced a virus into the network. Which of the following would MOST effectively detect the existence of the virus?
Question268: An IS auditor is reviewing a project that is using an Agile software development approach. Which of the following should the IS auditor expect to find?
Question269: When storing data archives off-site, what must be done with the data to ensure data completeness?
Question270: What is an initial step in creating a proper firewall policy?
Question271: Which of the following programs would a sound information security policy MOST likely include to handle suspected intrusions?
Question272: An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following:
* The existing disaster recovery plan was compiled two years earlier by a systems analyst in the organization's IT department using transaction flow projections from the operations department.
* The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his/her attention.
* The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for its area in the event of a disruptive incident.
The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical, hardware configuration is already established. An IS auditor should:
Question273: Host Based ILD&P primarily addresses the issue of:
Question274: When installing an intrusion detection system (IDS), which of the following is MOST important?
Question275: While reviewing the IT infrastructure, an IS auditor notices that storage resources are continuously being added. The IS auditor should:
Question276: The PRIMARY objective of Secure Sockets Layer (SSL) is to ensure:
Question277: Which of the following is the MOST important objective of data protection?
Question278: Which of the following is a benefit of using callback devices?
Question279: A company has recently upgraded its purchase system to incorporate EDI transmissions. Which of the following controls should be implemented in the EDI interface to provide for efficient data mapping?
Question280: Proper segregation of duties does not prohibit a quality control administrator from also being responsible for change control and problem management. True or false?
Question281: Which of the following should an IS auditor use to detect duplicate invoice records within an invoice master file?
Question282: Which of the following is the GREATEST risk when implementing a data warehouse?
Question283: An IS auditor is reviewing the physical security measures of an organization. Regarding the access card system, the IS auditor should be MOST concerned that:
Question284: Screening router inspects traffic through examining:
Question285: Which of the following is a feature of Wi-Fi Protected Access (WPA) in wireless networks?
Question286: Which of the following procedures would MOST effectively detect the loading of illegal software packages onto a network?
Question287: When developing a formal enterprise security program, the MOST critical success factor (CSF) would be the:
Question288: An organization has just completed their annual risk assessment. Regarding the business continuity plan, what should an IS auditor recommend as the next step for the organization?
Question289: The use of risk assessment tools for classifying risk factors should be formalized in your IT audit effort through:
Question290: IS auditors are MOST likely to perform compliance tests of internal controls if, after their initial evaluation of the controls, they conclude that control risks are within the acceptable limits. True or false?
Question291: Which of the following is the dominating objective of BCP and DRP?
Question292: When performing a database review, an IS auditor notices that some tables in the database are not normalized. The IS auditor should next:
Question293: Which of the following is the GREATEST advantage of elliptic curve encryption over RSA encryption?
Question294: Which of the following goals would you expect to find in an organization's strategic plan?
Question295: Which of the following virus prevention techniques can be implemented through hardware?
Question296: When planning to add personnel to tasks imposing time constraints on the duration of a project, which of the following should be revalidated FIRST?
Question297: While evaluating software development practices in an organization, an IS auditor notes that the quality assurance (QA) function reports to project management. The MOST important concern for an IS auditor is the:
Question298: An IS auditor has been asked to participate in project initiation meetings for a critical project. The IS auditor's MAIN concern should be that the:
Question299: Introducing inhomogeneity to your network for the sake of robustness would have which of the following drawbacks?
Question300: What are trojan horse programs? Choose the BEST answer.
Question301: Which of the following uses a prototype that can be updated continually to meet changing user or business requirements?
Question302: Which of the following reduces the potential impact of social engineering attacks?
Question303: An IS auditor should be MOST concerned with what aspect of an authorized honeypot?
Question304: The phases and deliverables of a system development life cycle (SDLC) project should be determined:
Question305: The use of object-oriented design and development techniques would MOST likely:
Question306: Which of the following will prevent dangling tuples in a database?
Question307: Input/output controls should be implemented for which applications in an integrated systems environment?
Question308: Which of the following will BEST ensure the successful offshore development of business applications?
Question309: A hot site should be implemented as a recovery strategy when the:
Question310: An existing system is being extensively enhanced by extracting and reusing design and program components. This is an example of:
Question311: Proper segregation of duties prohibits a system analyst from performing quality-assurance functions.
True or false?
Question312: When reviewing an active project, an IS auditor observed that, because of a reduction in anticipated benefits and increased costs, the business case was no longer valid. The IS auditor should recommend that the:
Question313: Which of the following database controls would ensure that the integrity of transactions is maintained in an online transaction processing system's database?
Question314: Which of the following forms of evidence for the auditor would be considered the MOST reliable?
Question315: What can be implemented to provide the highest level of protection from external attack?
Question316: A company has decided to implement an electronic signature scheme based on public key infrastructure.
The user's private key will be stored on the computer's hard drive and protected by a password. The MOST significant risk of this approach is:
Question317: When performing an IS strategy audit, an IS auditor should review both short-term (one-year) and long- term (three-to five-year) IS strategies, interview appropriate corporate management personnel, and ensure that the external environment has been considered. The auditor should especially focus on procedures in an audit of IS strategy. True or false?
Question318: When auditing the proposed acquisition of a new computer system, an IS auditor should FIRST establish that:
Question319: Facilitating telecommunications continuity by providing redundant combinations of local carrier T-1 lines, microwaves and/or coaxial cables to access the local communication loop:
Question320: Which of the following tasks should be performed FIRST when preparing a disaster recovery plan?
Question321: Which of the following provides the strongest authentication for physical access control?
Question322: During the design of a business continuity plan, the business impact analysis (BIA) identifies critical processes and supporting applications. This will PRIMARILY influence the:
Question323: Which of the following provide(s) near-immediate recoverability for time-sensitive systems and transaction processing?
Question324: Due to changes in IT, the disaster recovery plan of a large organization has been changed. What is the PRIMARY risk if the new plan is not tested?
Question325: The MAIN purpose for periodically testing offsite facilities is to:
Question326: Effective transactional controls are often capable of offering which of the following benefits (choose all that apply):
Question327: In the context of effective information security governance, the primary objective of value delivery is to:
Question328: The most common problem in the operation of an intrusion detection system (IDS) is:
Question329: A company has implemented a new client-server enterprise resource planning (ERP) system. Local branches transmit customer orders to a central manufacturing facility. Which of the following would BEST ensure that the orders are entered accurately and the corresponding products are produced?
Question330: The quality of the metadata produced from a data warehouse is _______________ in the warehouse's design. Choose the BEST answer.
Question331: During the review of a web-based software development project, an IS auditor realizes that coding standards are not enforced and code reviews are rarely carried out. This will MOST likely increase the likelihood of a successful:
Question332: Which of the following is the BEST practice to ensure that access authorizations are still valid?
Question333: An organization has recently installed a security patch, which crashed the production server. To minimize the probability of this occurring again, an IS auditor should:
Question334: Though management has stated otherwise, an IS auditor has reasons to believe that the organization is using software that is not licensed. In this situation, the IS auditor should:
Question335: An IS auditor discovers that developers have operator access to the command line of a production environment operating system. Which of the following controls wou Id BEST mitigate the risk of undetected and unauthorized program changes to the production environment?
Question336: What would be the major purpose of rootkit?
Question337: A business application system accesses a corporate database using a single ID and password embedded in a program. Which of the following would provide efficient access control over the organization's data?
Question338: The MOST effective control for reducing the risk related to phishing is:
Question339: Which of the following must exist to ensure the viability of a duplicate information processing facility?
Question340: What type of risk is associated with authorized program exits (trap doors)? Choose the BEST answer.
Question341: To determine if unauthorized changes have been made to production code the BEST audit procedure is to:
Question342: When preparing an audit report the IS auditor should ensure that the results are supported by:
Question343: In a small organization, an employee performs computer operations and, when the situation demands, program modifications. Which of the following should the IS auditor recommend?
Question344: The MAIN reason for requiring that all computer clocks across an organization be synchronized is to:
Question345: An IS auditor can verify that an organization's business continuity plan (BCP) is effective by reviewing the:
Question346: A lower recovery time objective (RTO) results in:
Question347: Depending on the complexity of an organization's business continuity plan (BCP), the plan may be developed as a set of more than one plan to address various aspects of business continuity and disaster recovery, in such an environment, it is essential that:
Question348: Creating which of the following is how a hacker can insure his ability to return to the hacked system at will?
Question349: A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it can:
Question350: What influences decisions regarding criticality of assets?
Question351: Which of the following would be an indicator of the effectiveness of a computer security incident response team?
Question352: Which of the following is the PRIMARY purpose for conducting parallel testing?
Question353: What can be used to help identify and investigate unauthorized transactions? Choose the BEST answer.
Question354: Which of the following would BEST support 24/7 availability?
Question355: An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking?
Question356: You may reduce a cracker's chances of success by (choose all that apply):
Question357: The vice president of human resources has requested an audit to identify payroll overpayments for the previous year. Which would be the BEST audit technique to use in this situation?
Question358: Which of the following is MOST critical when creating data for testing the logic in a new or modified application system?
Question359: You should know the difference between an exploit and a vulnerability. Which of the following refers to a weakness in the system?
Question360: A company is implementing a dynamic host configuration protocol (DHCP). Given that the following conditions exist, which represents the GREATEST concern?
Question361: A database administrator is responsible for:
Question362: Distributed denial-of-service (DDOS) attacks on Internet sites are typically evoked by hackers using which of the following?
Question363: During a business continuity audit an IS auditor found that the business continuity plan (BCP) covered only critical processes. The IS auditor should:
Question364: Which of the following hardware devices relieves the central computer from performing network control, format conversion and message handling tasks?
Question365: After completing the business impact analysis (BIA), what is the next step in the business continuity planning process?
Question366: Which of the following would impair the independence of a quality assurance team?
Question367: Which of the following would BEST maintain the integrity of a firewall log?
Question368: An IS auditor finds that a system under development has 12 linked modules and each item of data can carry up to 10 definable attribute fields. The system handles several million transactions a year. Which of these techniques could an IS auditor use to estimate the size of the development effort?
Question369: Regarding digital signature implementation, which of the following answers is correct?
Question370: Which of the following is an attribute of the control self-assessment (CSA) approach?
Question371: An IS auditor invited to a development project meeting notes that no project risks have been documented.
When the IS auditor raises this issue, the project manager responds that it is too early to identify risks and that, if risks do start impactingthe project, a risk manager will be hired. The appropriate response of the IS auditor would be to:
Question372: What must an IS auditor understand before performing an application audit? Choose the BEST answer.
Question373: To verify that the correct version of a data file was used for a production run, an IS auditor should review:
Question374: While conducting an audit of a service provider, an IS auditor observes that the service provider has outsourced a part of the work to another provider. Since the work involves confidential information, the IS auditor's PRIMARY concern shouldbe that the:
Question375: Which of the following would be the BEST overall control for an Internet business looking for confidentiality, reliability and integrity of data?
Question376: The IT balanced scorecard is a business governance tool intended to monitor IT performance evaluation indicators other than:
Question377: A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted?
Question378: A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it:
Question379: Which of the following systems or tools can recognize that a credit card transaction is more likely to have resulted from a stolen credit card than from the holder of the credit card?
Question380: When using public key encryption to secure data being transmitted across a network:
Question381: What often results in project scope creep when functional requirements are not defined as well as they could be?
Question382: What type of cryptosystem is characterized by data being encrypted by the sender using the recipient's public key, and the data then being decrypted using the recipient's private key?
Question383: An IS auditor notes that IDS log entries related to port scanning are not being analyzed. This lack of analysis will MOST likely increase the risk of success of which of the following attacks?
Question384: An IT steering committee should review information systems PRIMARILY to assess:
Question385: Relatively speaking, firewalls operated at the application level of the sevenlayer OSI model are:
Question386: The MAJOR advantage of a component-based development approach is the:
Question387: Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks?
Question388: Which of the following should an IS auditor recommend to BEST enforce alignment of an IT project portfolio with strategic organizational priorities?
Question389: Which of the following is a benefit of using a callback device?
Question390: In large corporate networks having supply partners across the globe, network traffic may continue to rise.
The infrastructure components in such environments should be scalable. Which of the following firewall architectures limits future scalability?
Question391: Which of the following would be the MOST cost-effective recommendation for reducing the number of defects encountered during software development projects?
Question392: Which of the following is a feature of an intrusion detection system (IDS)?
Question393: To ensure compliance with a security policy requiring that passwords be a combination of letters and numbers, an IS auditor should recommend that:
Question394: In a public key infrastructure, a registration authority:
Question395: As part of the business continuity planning process, which of the following should be identified FIRST in the business impact analysis?
Question396: Which of the following network components is PRIMARILY set up to serve as a security measure by preventing unauthorized traffic between different segments of the network?
Question397: A medium-sized organization, whose IT disaster recovery measures have been in place and regularly tested for years, has just developed a formal business continuity plan (BCP). A basic BCP tabletop exercise has been performed successfully. Which testing should an IS auditor recommend be performed NEXT to verify the adequacy of the new BCP?
Question398: A certificate authority (CA) can delegate the processes of:
Question399: An appropriate control for ensuring the authenticity of orders received in an EDI application is to:
Question400: Which of the following is an example of the defense in-depth security principle?
Question401: The most common problem in the operation of an intrusion detection system (IDS) is:
Question402: IS management has decided to rewrite a legacy customer relations system using fourth generation languages (4GLs). Which of the following risks is MOST often associated with system development using
4GLs?
Question403: Passwords should be:
Question404: Which of the following is not a good tactic to use against hackers?
Question405: Which of the following is the key benefit of control self-assessment (CSA)?
Question406: The potential for unauthorized system access by way of terminals or workstations within an organization's facility is increased when:
Question407: Which of the following controls would BEST detect intrusion?
Question408: The BEST way to minimize the risk of communication failures in an e-commerce environment would be to use:
Question409: What is a risk associated with attempting to control physical access to sensitive areas such as computer rooms using card keys or locks?
Question410: To develop a successful business continuity plan, end user involvement is critical during which of the following phases?
Question411: Which of the following controls will MOST effectively detect the presence of bursts of errors in network transmissions?
Question412: If an IS auditor observes that individual modules of a system perform correctly in development project tests, the auditor should inform management of the positive results and recommend further:
Question413: A legacy payroll application is migrated to a new application. Which of the following stakeholders should be PRIMARILY responsible for reviewing and signing-off on the accuracy and completeness of the data before going live?
Question414: A large chain of shops with electronic funds transfer (EFT) at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor?
Question415: Which of the following is the BEST performance criterion for evaluating the adequacy of an organization's security awareness training?
Question416: An IS auditor has imported data from the client's database. The next step-confirming whether the imported data are complete-is performed by:
Question417: The MOST effective biometric control system is the one:
Question418: A core tenant of an IS strategy is that it must:
Question419: Which of the following would MOST effectively reduce social engineering incidents?
Question420: The initial step in establishing an information security program is the:
Question421: When is regression testing used to determine whether new application changes have introduced any errors in the remaining unchanged code?
Question422: Which of the following should an IS auditor review to determine user permissions that have been granted for a particular resource? Choose the BEST answer.
Question423: A structured walk-through test of a disaster recovery plan involves:
Question424: The PRIMARY reason an IS auditor performs a functional walkthrough during the preliminary phase of an audit assignment is to:
Question425: The most likely error to occur when implementing a firewall is:
Question426: Which of the following is the BEST type of program for an organization to implement to aggregate, correlate and store different log and event files, and then produce weekly and monthly reports for IS auditors?
Question427: A company undertakes a business process reengineering (BPR) project in support of a new and direct marketing approach to its customers. Which of the following would be an IS auditor's main concern about the new process?
Question428: What is the lowest level of the IT governance maturity model where an IT balanced scorecard exists?
Question429: When should systems administrators first assess the impact of applications or systems patches?
Question430: What are often the primary safeguards for systems software and data?
Question431: An IS auditor's PRIMARY concern when application developers wish to use a copy of yesterday's production transaction file for volume tests is that:
Question432: Two-factor authentication can be circumvented through which of the following attacks?
Question433: When reviewing an organization's strategic IT plan an IS auditor should expect to find:
Question434: The PRIMARY objective of performing a postincident review is that it presents an opportunity to:
Question435: Is it appropriate for an IS auditor from a company that is considering outsourcing its IS processing to request and review a copy of each vendor's business continuity plan?
Question436: Which of the following are effective in detecting fraud because they have the capability to consider a large number of variables when trying to resolve a problem? Choose the BEST answer.
Question437: Fourth-Generation Languages (4GLs) are most appropriate for designing the application's graphical user interface (GUI). They are inappropriate for designing any intensive data-calculation procedures. True or false?
Question438: Which of the following reports should an IS auditor use to check compliance with a service level agreement's (SLA) requirement for uptime?
Question439: To optimize an organization's business contingency plan (BCP), an IS auditor should recommend conducting a business impact analysis (BlA) in order to determine:
Question440: An IS auditor has been assigned to review IT structures and activities recently outsourced to various providers. Which of the following should the IS auditor determine FIRST?
Question441: Which of the following is the MOST important element for the successful implementation of IT governance?
Question442: Which of the following would be the GREATEST cause for concern when data are sent over the Internet using HTTPS protocol?
Question443: Neural networks are effective in detecting fraud because they can:
Question444: Back Orifice is an example of:
Question445: Which of the following refers to a symmetric key cipher which operates on fixedlength groups of bits with an unvarying transformation?
Question446: While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/backup at an offsite location would be:
Question447: Which of the following is an implementation risk within the process of decision support systems?
Question448: A hub is a device that connects:
Question449: Which of the following is the GREATEST risk of an inadequate policy definition for ownership of data and systems?
Question450: Which of the following provides the framework for designing and developing logical access controls?
Question451: Which of the following would provide the highest degree of server access control?
Question452: Which of the following is the MOST important criterion when selecting a location for an offsite storage facility for IS backup files? The offsite facility must be:
Question453: Time constraints and expanded needs have been found by an IS auditor to be the root causes for recent violations of corporate data definition standards in a new business intelligence project. Which of the following is the MOST appropriate suggestion for an auditor to make?
Question454: Which of the following is a mechanism for mitigating risks?
Question455: Change control for business application systems being developed using prototyping could be complicated by the:
Question456: Which of the following would help to ensure the portability of an application connected to a database?
Question457: What benefit does using capacity-monitoring software to monitor usage patterns and trends provide to management? Choose the BEST answer.
Question458: An organization has implemented a disaster recovery plan. Which of the following steps should be carried out next?
Question459: What is the BEST backup strategy for a large database with data supporting online sales?
Question460: A company has contracted with an external consulting firm to implement a commercial financial system to replace its existing system developed in-house. in reviewing the proposed development approach, which of the following would be of GREATESTconcern?
Question461: Which of the following implementation modes would provide the GREATEST amount of security for outbound data connecting to the internet?
Question462: Which of the following should be considered FIRST when implementing a risk management program?
Question463: To address the risk of operations staff's failure to perform the daily backup, management requires that the systems administrator sign off on the daily backup. This is an example of risk:
Question464: The knowledge base of an expert system that uses questionnaires to lead the user through a series of choices before a conclusion is reached is known as:
Question465: An IS auditor is assigned to audit a software development project which is more than 80 percent complete, but has already overrun time by 10 percent and costs by 25 percent. Which of the following actions should the IS auditor take?
Question466: Which of the following is MOST is critical during the business impact assessment phase of business continuity planning?
Question467: An IS auditor reviewing a database application discovers that the current configuration does not match the originally designed structure. Which of the following should be the IS auditor's next action?
Question468: Which of the following provides the GREATEST assurance of message authenticity?
Question469: Which of the following penetration tests would MOST effectively evaluate incident handling and response capabilities of an organization?
Question470: When segregation of duties concerns exist between IT support staff and end users, what would be a suitable compensating control?
Question471: Which of the following line media would provide the BEST security for a telecommunication network?
Question472: The PRIMARY benefit of implementing a security program as part of a security governance framework is the:
Question473: A control that detects transmission errors by appending calculated bits onto the end of each segment of data is known as a:
Question474: Which of the following should an IS auditor recommend to BEST enforce alignment of an IT project portfolio with strategic organizational priorities?
Question475: Who is accountable for maintaining appropriate security measures over information assets?
Question476: When reviewing procedures for emergency changes to programs, the IS auditor should verify that the procedures:
Question477: The objective of concurrency control in a database system is to:
Question478: In the course of performing a risk analysis, an IS auditor has identified threats and potential impacts. Next, the IS auditor should:
Question479: When an employee is terminated from service, the MOST important action is to:
Question480: Which of the following would be BEST prevented by a raised floor in the computer machine room?
Question481: Functionality is a characteristic associated with evaluating the quality of software products throughout their life cycle, and is BEST described as the set of attributes that bear on the:
Question482: Which of the following is a tool you can use to simulate a big network structure on a single computer?
Question483: Which of the following correctly describes the purpose of an Electronic data processing audit?
Question484: Batch control reconciliation is a _____________________ (fill in the blank) control for mitigating risk of inadequate segregation of duties.
Question485: Applying a digital signature to data traveling in a network provides:
Question486: In an organization where an IT security baseline has been defined, an IS auditor should FIRST ensure:
Question487: An IS auditor reviewing an organization's IS disaster recovery plan should verify that it is:
Question488: Which of the following would MOST likely indicate that a customer data warehouse should remain in-house rather than be outsourced to an offshore operation?
Question489: In determining the acceptable time period for the resumption of critical business processes:
Question490: An IS auditor is performing an audit of a remotely managed server backup. The IS auditor reviews the logs for one day and finds one case where logging on a server has failed with the result that backup restarts cannot be confirmed. What should the auditor do?
Question491: Which of the following is an advantage of an integrated test facility (ITF)?
Question492: When are benchmarking partners identified within the benchmarking process?
Question493: Nowadays, computer security comprises mainly "preventive"" measures.
Question494: Which of the following types of testing would determine whether a new or modified system can operate in its target environment without adversely impacting other existing systems?
Question495: Which of the following is a function of an IS steering committee?
Question496: Which of the following types of attack works by taking advantage of the unenforced and unchecked assumptions the system makes about its inputs?
Question497: Which of the following is a technique that could be used to capture network user passwords?
Question498: Transmitting redundant information with each character or frame to facilitate detection and correction of errors is called a:
Question499: What type of risk results when an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when errors actually exist?
Question500: Active radio frequency ID (RFID) tags are subject to which of the following exposures?
Question501: Which of the following ensures a sender's authenticity and an e-mail's confidentiality?
Question502: A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not adequately performing which of the following types of testing?
Question503: After a full operational contingency test, an IS auditor performs a review of the recovery steps. The auditor concludes that the time it took for the technological environment and systems to return to full-functioning exceeded the required critical recovery time. Which of the following should the auditor recommend?
Question504: What would be the MOST effective control for enforcing accountability among database users accessing sensitive information?
Question505: During an audit of the logical access control of an ERP financial system an IS auditor found some user accounts shared by multiple individuals. The user IDs were based on roles rather than individual identities.
These accounts allow access to financial transactions on the ERP. What should the IS auditor do next?
Question506: If the recovery time objective (RTO) increases:
Question507: Why does an IS auditor review an organization chart?
Question508: What can ISPs use to implement inbound traffic filtering as a control to identify IP packets transmitted from unauthorized sources? Choose the BEST answer.
Question509: Digital signatures require the:
Question510: Which of the following is the BEST way to handle obsolete magnetic tapes before disposing of them?
Question511: Which of the following is MOST directly affected by network performance monitoring tools?
Question512: A hardware control that helps to detect errors when data are communicated from one computer to another is known as a:
Question513: What is the BEST action to prevent loss of data integrity or confidentiality in the case of an e-commerce application running on a LAN, processing electronic fund transfers (EFT) and orders?
Question514: After discovering a security vulnerability in a third-party application that interfaces with several external systems, a patch is applied to a significant number of modules. Which of the following tests should an IS auditor recommend?
Question515: Of the following alternatives, the FIRST approach to developing a disaster recovery strategy would be to assess whether:
Question516: To provide protection for media backup stored at an offsite location, the storage site should be:
Question517: Which of the following sampling methods is MOST useful when testing for compliance?
Question518: An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as:
Question519: Who should be responsible for network security operations?
Question520: Which of the following should concern an IS auditor when reviewing security in a client-server environment?
Question521: Many organizations require an employee to take a mandatory vacation (holiday) of a week or more to:
Question522: To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:

Question523: To minimize the cost of a software project, quality management techniques should be applied:
Question524: A perpetrator looking to gain access to and gather information about encrypted data being transmitted over the network would use:
Question525: An organization has outsourced its wide area network (WAN) to a third-party service provider. Under these circumstances, which of the following is the PRIMARY task the IS auditor should perform during an audit of business continuity (BCP) and disaster recovery planning (DRP)?
Question526: Which of the following would an IS auditor consider to be the MOST important when evaluating an organization's IS strategy? That it:
Question527: The MOST likely effect of the lack of senior management commitment to IT strategic planning is:
Question528: Off-site data storage should be kept synchronized when preparing for recovery of time-sensitive data such as that resulting from which of the following? Choose the BEST answer.
Question529: An efficient use of public key infrastructure (PKI) should encrypt the:
Question530: Which of the following would effectively verify the originator of a transaction?
Question531: Minimum password length and password complexity verification are examples of:
Question532: Overall business risk for a particular threat can be expressed as:
Question533: What type of approach to the development of organizational policies is often driven by risk assessment?
Question534: An IS auditor performing a review of the backup processing facilities should be MOST concerned that:
Question535: In wireless communication, which of the following controls allows the device receiving the communications to verify that the received communications have not been altered in transit?
Question536: To address an organization's disaster recovery requirements, backup intervals should not exceed the:
Question537: If a database is restored using before-image dumps, where should the process begin following an interruption?
Question538: What process allows IS management to determine whether the activities of the organization differ from the planned or expected levels? Choose the BEST answer.
Question539: An IS auditor reviewing the risk assessment process of an organization should FIRST:
Question540: Which of the following physical access controls effectively reduces the risk of piggybacking?
Question541: When reviewing the implementation of a LAN, an IS auditor should FIRST review the:
Question542: During the development of an application, the quality assurance testing and user acceptance testing were combined. The MAJOR concern for an IS auditor reviewing the project is that there will be:
Question543: For application acquisitions with significant impacts, participation of your IS audit team should be encouraged:
Question544: Change management procedures are established by IS management to:
Question545: A critical function of a firewall is to act as a:
Question546: A company uses a bank to process its weekly payroll. Time sheets and payroll adjustment forms (e.g., hourly rate changes, terminations) are completed and delivered to the bank, which prepares checks (cheques) and reports for distribution. To BEST ensure payroll data accuracy:
Question547: For a discretionary access control to be effective, it must:
Question548: An offsite information processing facility with electrical wiring, air conditioning and flooring, but no computer or communications equipment, is a:
Question549: What is a callback system?
Question550: Many WEP systems require a key in a relatively insecure format. What format is this?
Question551: An organization provides information to its supply chain partners and customers through an extranet infrastructure. Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture?
Question552: If a programmer has update access to a live system, IS auditors are more concerned with the programmer's ability to initiate or modify transactions and the ability to access production than with the programmer's ability to authorize transactions. True or false?
Question553: Which of the following is a good time frame for making changes to passwords?
Question554: From a risk management point of view, the BEST approach when implementing a large and complex IT infrastructure is:
Question555: The IS management of a multinational company is considering upgrading its existing virtual private network (VPN) to support voice-over IP (VoIP) communications via tunneling. Which of the following considerations should be PRIMARILY addressed?
Question556: Which of the following would be MOST important for an IS auditor to verify when conducting a business continuity audit?
Question557: Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users?
Question558: Database snapshots can provide an excellent audit trail for an IS auditor. True or false?
Question559: An IS auditor performing an application maintenance audit would review the log of program changes for the:
Question560: When reviewing a hardware maintenance program, an IS auditor should assess whether:
Question561: Which of the following network configuration options contains a direct link between any two host machines?
Question562: An IS auditor is told by IS management that the organization has recently reached the highest level of the software capability maturity model (CMM). The software quality process MOST recently added by the organization is:
Question563: An organization is implementing a new system to replace a legacy system. Which of the following conversion practices creates the GREATEST risk?
Question564: Which of the following should an IS auditor recommend for the protection of specific sensitive information stored in the data warehouse?
Question565: Which of the following BEST supports the prioritization of new IT projects?
Question566: If a database is restored from information backed up before the last system image, which of the following is recommended?
Question567: An organization is disposing of a number of laptop computers. Which of the following data destruction methods would be the MOST effective?
Question568: Which of the following is often used as a detection and deterrent control against Internet attacks?
Question569: An IS auditor finds that not all employees are aware of the enterprise's information security policy. The IS auditor should conclude that:
Question570: Fault-tolerance is a feature particularly sought-after in which of the following kinds of computer systems (choose all that apply):
Question571: With respect to business continuity strategies, an IS auditor interviews key stakeholders in an organization to determine whether they understand their roles and responsibilities. The IS auditor is attempting to evaluate the:
Question572: Business process re-engineering often results in ______________ automation, which results in
_____________ number of people using technology. Fill in the blanks.
Question573: What is the BEST approach to mitigate the risk of a phishing attack?
Question574: Relatively speaking, firewalls operated at the physical level of the seven-layer OSI model are:
Question575: After installing a network, an organization installed a vulnerability assessment tool or security scanner to identify possible weaknesses. Which is the MOST serious risk associated with such tools?
Question576: What is a data validation edit control that matches input data to an occurrence rate? Choose the BEST answer.
Question577: Which of the following is the PRIMARY advantage of using computer forensic software for investigations?
Question578: What is the key distinction between encryption and hashing algorithms?
Question579: Before implementing an IT balanced scorecard, an organization must:
Question580: When implementing an application software package, which of the following presents the GREATEST risk?
Question581: The waterfall life cycle model of software development is most appropriately used when:
Question582: Which of the following manages the digital certificate life cycle to ensure adequate security and controls exist in digital signature applications related to e-commerce?
Question583: A financial services organization is developing and documenting business continuity measures. In which of the following cases would an IS auditor MOST likely raise an issue?
Question584: For which of the following applications would rapid recovery be MOST crucial?
Question585: A manufacturing firm wants to automate its invoice payment system. Objectives state that the system should require considerably less time for review and authorization and the system should be capable of identifying errors that require follow up. Which of the following would BEST meet these objectives?
Question586: An IS auditor is using a statistical sample to inventory the tape library. What type of test would this be considered?
Question587: Failure in which of the following testing stages would have the GREATEST impact on the implementation of new application software?
Question588: In a public key infrastructure (PKI), which of the following may be relied upon to prove that an online transaction was authorized by a specific customer?
Question589: During a review of a business continuity plan, an IS auditor noticed that the point at which a situation is declared to be a crisis has not been defined. The MAJOR risk associated with this is that:
Question590: During an audit, an IS auditor notes that an organization's business continuity plan (BCP) does not adequately address information confidentiality during a recovery process. The IS auditor should recommend that the plan be modified to include:
Question591: Which of the following is a continuity plan test that uses actual resources to simulate a system crash to cost-effectively obtain evidence about the plan's effectiveness?
Question592: Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation?
Question593: Which of the following are examples of tools for launching Distributed DoS Attack (choose all that apply):
Question594: Which of the following is MOST critical for the successful implementation and maintenance of a security policy?
Question595: Which of the following measures can effectively minimize the possibility of buffer overflows?
Question596: An IS auditor reviewing an organization's IT strategic plan should FIRST review:
Question597: An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls?
Question598: Who is responsible for the overall direction, costs, and timetables for systems-development projects?
Question599: An IS auditor should use statistical sampling and not judgment (nonstatistical) sampling, when:
Question600: Which of the following should be of MOST concern to an IS auditor?
Question601: Responsibility and reporting lines cannot always be established when auditing automated systems since:
Question602: Which of the following refers to an important procedure when evaluating database security (choose the BEST answer)?
Question603: Which of the following append themselves to files as a protection against viruses?
Question604: The management of an organization has decided to establish a security awareness program. Which of the following would MOST likely be a part of the program?
Question605: Which of the following is a risk of cross-training?
Question606: Involvement of senior management is MOST important in the development of:
Question607: Which of the following types of transmission media provide the BEST security against unauthorized access?
Question608: Which of the following are effective controls for detecting duplicate transactions such as payments made or received?
Question609: Which of the following would MOST effectively enhance the security of a challenge-response based authentication system?
Question610: Which of the following techniques would BEST help an IS auditor gain reasonable assurance that a project can meet its target date?
Question611: When two or more systems are integrated, input/output controls must be reviewed by an IS auditor in the:
Question612: An information security policy stating that 'the display of passwords must be masked or suppressed' addresses which of the following attack methods?
Question613: Which of the following would contribute MOST to an effective business continuity plan (BCP)?
Question614: When reviewing system parameters, an IS auditor's PRIMARY concern should be that:
Question615: Which of the following are valid examples of Malware (choose all that apply):
Question616: When auditing a proxy-based firewall, an IS auditor should:
Question617: A virtual private network (VPN) provides data confidentiality by using:
Question618: To prevent IP spoofing attacks, a firewall should be configured to drop a packet if:
Question619: An IS auditor should recommend the use of library control software to provide reasonable assurance that:
Question620: Which of the following are designed to detect network attacks in progress and assist in post-attack forensics?
Question621: The BEST method of proving the accuracy of a system tax calculation is by:
Question622: Which of the following would BEST ensure continuity of a wide area network (WAN) across the organization?
Question623: In reviewing the IS short-range (tactical) plan, an IS auditor should determine whether:
Question624: Which of the following refers to the act of creating and using an invented scenario to persuade a target to perform an action?
Question625: To properly evaluate the collective effect of preventative, detective, or corrective controls within a process, an IS auditor should be aware of which of the following? Choose the BEST answer.
Question626: An IS auditor reviewing an organization that uses cross-training practices should assess the risk of:
Question627: Which of the following is BEST characterized by unauthorized modification of data before or during systems data entry?
Question628: During a review of a customer master file, an IS auditor discovered numerous customer name duplications arising from variations in customer first names. To determine the extent of the duplication, the IS auditor would use:
Question629: A web server is attacked and compromised. Which of the following should be performed FIRST to handle the incident?
Question630: Authentication techniques for sending and receiving data between EDI systems is crucial to prevent which of the following? Choose the BEST answer.
Question631: A decision support system (DSS):
Question632: The development of an IS security policy is ultimately the responsibility of the:
Question633: Digital signatures require the sender to "sign" the data by encrypting the data with the sender's public key, to then be decrypted by the recipient using the recipient's private key. True or false?
Question634: A hacker could obtain passwords without the use of computer tools or programs through the technique of:
Question635: IS management has decided to install a level 1 Redundant Array of Inexpensive Disks (RAID) system in all servers to compensate for the elimination of offsite backups. The IS auditor should recommend:
Question636: Which of the following is the BEST information source for management to use as an aid in the identification of assets that are subject to laws and regulations?
Question637: Which of the following devices extends the network and has the capacity to store frames and act as a storage and forward device?
Question638: The database administrator (DBA) suggests that DB efficiency can be improved by denormalizing some tables. This would result in:
Question639: An IS auditor identifies that reports on product profitability produced by an organization's finance and marketing departments give different results. Further investigation reveals that the product definition being used by the two departments is different. What should the IS auditor recommend?
Question640: The sender of a public key would be authenticated by a:
Question641: Which of the following is a passive attack to a network?
Question642: An IS steering committee should:
Question643: Which of the following is the GREATEST risk to the effectiveness of application system controls?
Question644: Which of the following insurance types provide for a loss arising from fraudulent acts by employees?
Question645: When reviewing an organization's approved software product list, which of the following is the MOST important thing to verify?
Question646: An IS auditor finds that conference rooms have active network ports. Which of the following is MOST important to ensure?
Question647: An IS auditor observes a weakness in the tape management system at a data center in that some parameters are set to bypass or ignore tape header records. Which of the following is the MOST effective compensating control for this weakness?
Question648: The responsibility for authorizing access to a business application system belongs to the:
Question649: An IS auditor reviewing wireless network security determines that the Dynamic Host Configuration Protocol is disabled at all wireless access points. This practice:
Question650: An IS auditor reviewing a proposed application software acquisition should ensure that the:
Question651: When auditing third-party service providers, an IS auditor should be concerned with which of the following?
Choose the BEST answer.
Question652: An IS auditor is reviewing access to an application to determine whether the 10 most recent "new user" forms were correctly authorized. This is an example of:
Question653: An IS auditor reviewing digital rights management (DRM) applications should expect to find an extensive use for which of the following technologies?
Question654: After observing suspicious activities in a server, a manager requests a forensic analysis. Which of the following findings should be of MOST concern to the investigator?
Question655: Which of the following refers to an anomalous condition where a process attempts to store data beyond the boundaries of a fixed length buffer?
Question656: The rate of change in technology increases the importance of:
Question657: An IS auditor analyzing the audit log of a database management system (DBMS) finds that some transactions were partially executed as a result of an error, and are not rolled back. Which of the following transaction processing features has been violated?
Question658: To ensure authentication, confidentiality and integrity of a message, the sender should encrypt the hash of the message with the sender's:
Question659: A penetration test performed as part of evaluating network security:
Question660: Which of the following would be the MOST effective audit technique for identifying segregation of duties violations in a new enterprise resource planning (ERP) implementation?
Question661: The human resources (HR) department has developed a system to allow employees to enroll in benefits via a web site on the corporate Intranet. Which of the following would protect the confidentiality of the data?
Question662: An IS auditor who was involved in designing an organization's business continuity plan (BCP) has been assigned to audit the plan. The IS auditor should:
Question663: An organization has an integrated development environment (IDE) on which the program libraries reside on the server, but modification/development and testing are done from PC workstations. Which of the following would be a strength of an IDE?
Question664: Which of the following cryptographic systems is MOST appropriate for bulk data encryption and small devices such as smart cards?
Question665: During which of the following phases in system development would user acceptance test plans normally be prepared?
Question666: What is essential for the IS auditor to obtain a clear understanding of network management?
Question667: While reviewing the business continuity plan of an organization, an IS auditor observed that the organization's data and software files are backed up on a periodic basis. Which characteristic of an effective plan does this demonstrate?
Question668: An accuracy measure for a biometric system is:
Question669: What should an organization do before providing an external agency physical access to its information processing facilities (IPFs)?
Question670: A project manager of a project that is scheduled to take 18 months to complete announces that the project is in a healthy financial position because, after 6 months, only one-sixth of the budget has been spent. The IS auditor should FIRST determine:
Question671: Network environments often add to the complexity of program-to-program communication, making the implementation and maintenance of application systems more difficult. True or false?
Question672: To ensure an organization is complying with privacy requirements, an IS auditor should FIRST review:
Question673: Which of the following would be the BEST access control procedure?
Question674: Which of the following public key infrastructure (PKI) elements provides detailed descriptions for dealing with a compromised private key?
Question675: The responsibilities of a disaster recovery relocation team include:
Question676: Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization's security policy?
Question677: What can be used to gather evidence of network attacks?
Question678: Proper segregation of duties normally does not prohibit a LAN administrator from also having programming responsibilities. True or false?
Question679: Responsibility for the governance of IT should rest with the:
Question680: Above almost all other concerns, what often results in the greatest negative impact on the implementation of new application software?
Question681: To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against:
Question682: When using a digital signature, the message digest is computed:
Question683: With the objective of mitigating the risk and impact of a major business interruption, a disasterrecovery plan should endeavor to reduce the length of recovery time necessary, as well as costs associated with recovery. Although DRP results in an increase of pre-and post-incident operational costs, the extra costs are more than offset by reduced recovery and business impact costs. True or false?
Question684: Which of the following is an appropriate test method to apply to a business continuity plan (BCP)?
Question685: Web and e-mail filtering tools are PRIMARILY valuable to an organization because they:
Question686: Which of the following should be included in a feasibility study for a project to implement an EDI process?
Question687: Which of the following should an IS auditor recommend to BEST enforce alignment of an IT project portfolio with strategic organizational priorities?
Question688: Which of the following is a dynamic analysis tool for the purpose of testing software modules?
Question689: Which of the following is an object-oriented technology characteristic that permits an enhanced degree of security over data?
Question690: The use of digital signatures:
Question691: What would an IS auditor expect to find in the console log? Choose the BEST answer.
Question692: What is the primary objective of a control self-assessment (CSA) program?
Question693: Applying a retention date on a file will ensure that:
Question694: Which of the following BEST limits the impact of server failures in a distributed environment?
Question695: What is/are used to measure and ensure proper network capacity management and availability of services? Choose the BEST answer.
Question696: What is an edit check to determine whether a field contains valid data?
Question697: Key verification is one of the best controls for ensuring that:
Question698: Which of the following would be the BEST population to take a sample from when testing program changes?
Question699: How do modems (modulation/demodulation) function to facilitate analog transmissions to enter a digital network?
Question700: The difference between a vulnerability assessment and a penetration test is that a vulnerability assessment:
Question701: When reviewing an organization's logical access security, which of the following should be of MOST concern to an IS auditor?
Question702: An IS auditor performing detailed network assessments and access control reviews should FIRST:
Question703: An IS auditor reviews an organizational chart PRIMARILY for:
Question704: Which of the following BEST reduces the ability of one device to capture the packets that are meant for another device?
Question705: The decisions and actions of an IS auditor are MOST likely to affect which of the following risks?
Question706: Which of the following satisfies a two-factor user authentication?
Question707: Accountability for the maintenance of appropriate security measures over information assets resides with the:
Question708: At a hospital, medical personal carry handheld computers which contain patient health data. These handheld computers are synchronized with PCs which transfer data from a hospital database. Which of the following would be of the most importance?
Question709: Which testing approach is MOST appropriate to ensure that internal application interface errors are identified as soon as possible?
Question710: An IS auditor is assigned to perform a postimplementation review of an application system. Which of the following situations may have impaired the independence of the IS auditor? The IS auditor:
Question711: Which of the following is a characteristic of timebox management?
Question712: Which of the following risks could result from inadequate software baselining?
Question713: Which of the following is MOST likely to result from a business process reengineering (BPR) project?
Question714: Allowing application programmers to directly patch or change code in production programs increases risk of fraud. True or false?
Question715: During an audit of a business continuity plan (BCP), an IS auditor found that, although all departments were housed in the same building, each department had a separate BCP. The IS auditor recommended that the BCPs be reconciled. Which of the following areas should be reconciled FIRST?
Question716: Which of the following would have the HIGHEST priority in a business continuity plan (BCP)?
Question717: Which of the following will help detect changes made by an intruder to the system log of a server?
Question718: Network Data Management Protocol (NDMP) technology should be used for backup if:
Question719: To gain an understanding of the effectiveness of an organization's planning and management of investments in IT assets, an IS auditor should review the:
Question720: Which of the following is a rewrite of ipfwadm?
Question721: An example of a direct benefit to be derived from a proposed IT-related business investment is:
Question722: To aid management in achieving IT and business alignment, an IS auditor should recommend the use of:
Question723: Which of the following would an IS auditor consider to be the MOST important to review when conducting a business continuity audit?
Question724: At the end of the testing phase of software development, an IS auditor observes that an intermittent software error has not been corrected. No action has been taken to resolve the error. The IS auditor should:
Question725: What is the MOST prevalent security risk when an organization implements remote virtual private network (VPN) access to its network?
Question726: Which audit technique provides the BEST evidence of the segregation of duties in an IS department?
Question727: An organization has been recently downsized, in light of this, an IS auditor decides to test logical access controls. The IS auditor's PRIMARY concern should be that:
Question728: A local area network (LAN) administrator normally would be restricted from:
Question729: Which of the following is the MOST likely reason why e-mail systems have become a useful source of evidence for litigation?
Question730: An IS auditor finds that user acceptance testing of a new system is being repeatedly interrupted as defect fixes are implemented by developers. Which of the following would be the BEST recommendation for an IS auditor to make?
Question731: Which of the following would BEST provide assurance of the integrity of new staff?
Question732: Which of the following BEST restricts users to those functions needed to perform their duties?
Question733: A programmer maliciously modified a production program to change data and then restored the original code. Which of the following would MOST effectively detect the malicious activity?
Question734: An IS auditor was hired to review e-business security. The IS auditor's first task was to examine each existing e-business application looking for vulnerabilities. What would be the next task?
Question735: Which of the following is a program evaluation review technique that considers different scenarios for planning and control projects?
Question736: Assuming this diagram represents an internal facility and the organization is implementing a firewall protection program, where should firewalls be installed?

Question737: Which of the following is a passive attack method used by intruders to determine potential network vulnerabilities?
Question738: An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions should the IS auditor take?
Question739: To address a maintenance problem, a vendor needs remote access to a critical network. The MOST secure and effective solution is to provide the vendor with a:
Question740: An IS auditor doing penetration testing during an audit of internet connections would:
Question741: Broadly speaking, a Trojan horse is any program that invites the user to run it, but conceals a harmful or malicious payload. The payload may take effect immediately and can lead to immediate yet undesirable effects, or more commonly it may install further harmful software into the user's system to serve the creator's longer-term goals.
A Trojan horse's payload would almost always take damaging effect immediately.
Question742: During the audit of a database server, which of the following would be considered the GREATEST exposure?
Question743: An IS auditor is evaluating a corporate network for a possible penetration by employees. Which of the following findings should give the IS auditor the GREATEST concern?
Question744: When auditing a disaster recovery plan for a critical business area, an IS auditor finds that it does not cover all the systems. Which of the following is the MOST appropriate action for the IS auditor?
Question745: Which of the following should be the MOST important consideration when deciding areas of priority for IT governance implementation?
Question746: During a human resources (HR) audit, an IS auditor is informed that there is a verbal agreement between the IT and HR departments as to the level of IT services expected. In this situation, what should the IS auditor do FIRST?
Question747: The MOST important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to:
Question748: When should application controls be considered within the system-development process?
Question749: Which of the following processes are performed during the design phase of the systemsdevelopment life cycle (SDLC) model?
Question750: The security level of a private key system depends on the number of:
Question751: An organization is using symmetric encryption. Which of the following would be a valid reason for moving to asymmetric encryption? Symmetric encryption:
Question752: Which of the following is an effective method for controlling downloading of files via FTP? Choose the BEST answer.
Question753: An IS auditor is assigned to perform a postimplementation review of an application system. Which of the following situations may have impaired the independence of the IS auditor? The IS auditor:
Question754: In the event of a data center disaster, which of the following would be the MOST appropriate strategy to enable a complete recovery of a critical database?
Question755: What is often assured through table link verification and reference checks?
Question756: When developing a risk management program, what is the FIRST activity to be performed?
Question757: When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected on the network?
Question758: Who is ultimately responsible for providing requirement specifications to the software-development team?
Question759: Which of the following message services provides the strongest evidence that a specific action has occurred?
Question760: Which of the following are often considered as the first defensive line in protecting a typical data and information environment?
Question761: In an IS audit of several critical servers, the IS auditor wants to analyze audit trails to discover potential anomalies in user or system behavior. Which of the following tools are MOST suitable for performing that task?
Question762: Business units are concerned about the performance of a newly implemented system. Which of the following should an IS auditor recommend?
Question763: What type(s) of firewalls provide(s) the greatest degree of protection and control because both firewall technologies inspect all seven OSI layers of network traffic?
Question764: Talking about the different approaches to security in computing, the principle of regarding the computer system itself as largely an untrusted system emphasizes:
Question765: The PRIMARY objective of an audit of IT security policies is to ensure that:
Question766: Electromagnetic emissions from a terminal represent an exposure because they:
Question767: The purpose of a deadman door controlling access to a computer facility is primarily to:
Question768: An integrated test facility is considered a useful audit tool because it:
Question769: What control detects transmission errors by appending calculated bits onto the end of each segment of data?
Question770: In planning an audit, the MOST critical step is the identification of the:
Question771: The MOST important difference between hashing and encryption is that hashing:
Question772: Atomicity enforces data integrity by ensuring that a transaction is either completed in its entirely or not at all. Atomicity is part of the ACID test reference for transaction processing. True or false?
Question773: An IS auditor reviewing an organization's IS disaster recovery plan should verify that it is:
Question774: Which of the following would be the MOST significant audit finding when reviewing a point-of-sale (POS) system?
Question775: The MAIN criterion for determining the severity level of a service disruption incident is:
Question776: When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the:
Question777: The PRIMARY objective of business continuity and disaster recovery plans should be to:
Question778: Most trojan horse programs are spread through:
Question779: Buffer overflow aims primarily at corrupting:
Question780: What is the recommended initial step for an IS auditor to implement continuous-monitoring systems?
Question781: To install backdoors, hackers generally prefer to use:
Question782: The output of the risk management process is an input for making:
Question783: An organization currently using tape backups takes one full backup weekly and incremental backups daily.
They recently augmented their tape backup procedures with a backup-to-disk solution. This is appropriate because:
Question784: During the audit of an acquired software package, an IS auditor learned that the software purchase was based on information obtained through the Internet, rather than from responses to a request for proposal (RFP). The IS auditor should FIRST:
Question785: Which of the following is a benefit of a risk-based approach to audit planning? Audit:
Question786: Library control software restricts source code to:
Question787: Which of the following is a concern when data are transmitted through Secure Sockets Layer (SSL) encryption, implemented on a trading partner's server?
Question788: During the review of a biometrics system operation, an IS auditor should FIRST review the stage of:
Question789: Users are issued security tokens to be used in combination with a PIN to access the corporate virtual private network (VPN). Regarding the PIN, what is the MOST important rule to be included in a security policy?
Question790: A major portion of what is required to address nonrepudiation is accomplished through the use of:
Question791: The activation of an enterprise's business continuity plan should be based on predetermined criteria that address the:
Question792: To prevent unauthorized entry to the data maintained in a dial-up, fast response system, an IS auditor should recommend:
Question793: Everything not explicitly permitted is forbidden has which of the following kinds of tradeoff?
Question794: Which of the following intrusion detection systems (IDSs) will MOST likely generate false alarms resulting from normal network activity?
Question795: Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly?
Question796: A sender of an e-mail message applies a digital signature to the digest of the message. This action provides assurance of the:
Question797: ______________ risk analysis is not always possible because the IS auditor is attempting to calculate risk using nonquantifiable threats and potential losses. In this event, a ______________ risk assessment is more appropriate. Fill in the blanks.
Question798: Functional acknowledgements are used:
Question799: Which of the following ensures the availability of transactions in the event of a disaster?
Question800: After the merger of two organizations, multiple self-developed legacy applications from both companies are to be replaced by a new common platform. Which of the following would be the GREATEST risk?
Question801: What uses questionnaires to lead the user through a series of choices to reach a conclusion? Choose the BEST answer.
Question802: Who assumes ownership of a systems-development project and the resulting system?
Question803: An advantage of a continuous audit approach is that it can improve system security when used in time- sharing environments that process a large number of transactions. True or false?
Question804: An IS auditor reviewing an organization's IS disaster recovery plan should verify that it is:
Question805: What can be very helpful to an IS auditor when determining the efficacy of a systems maintenance program? Choose the BEST answer.
Question806: An IS auditor reviewing an accounts payable system discovers that audit logs are not being reviewed.
When this issue is raised with management the response is that additional controls are not necessary because effective system access controls are in place. The BEST response the auditor can make is to:
Question807: For locations 3a, 1d and 3d, the diagram indicates hubs with lines that appear to be open and active.
Assuming that is true, what control, if any, should be recommended to mitigate this weakness?

Question808: Talking about biometric authentication, which of the following is often considered as a mix of both physical and behavioral characteristics?
Question809: When should plans for testing for user acceptance be prepared? Choose the BEST answer.
Question810: What is the most common purpose of a virtual private network implementation?
Question811: While planning an audit, an assessment of risk should be made to provide:
Question812: The information security policy that states 'each individual must have their badge read at every controlled door' addresses which of the following attack methods?
Question813: Which of the following is best suited for searching for address field duplications?
Question814: Whenever business processes have been re-engineered, the IS auditor attempts to identify and quantify the impact of any controls that might have been removed, or controls that might not work as effectively after business process changes. True or false?
Question815: An IS auditor performing detailed network assessments and access control reviews should FIRST:
Question816: To determine who has been given permission to use a particular system resource, an IS auditor should review:
Question817: An organization is implementing an enterprise resource planning (ERP) application to meet its business objectives. Of the following, who is PRIMARILY responsible for overseeing the project in order to ensure that it is progressing in accordance with the project plan and that it will deliver the expected results?
Question818: Sign-on procedures include the creation of a unique user ID and password. However, an IS auditor discovers that in many cases the username and password are the same. The BEST control to mitigate this risk is to:
Question819: An internet-based attack using password sniffing can:
Question820: Who is ultimately responsible and accountable for reviewing user access to systems?
Question821: In a client-server system, which of the following control techniques is used to inspect activity from known or unknown users?
Question822: The FIRST step in managing the risk of a cyber attack is to:
Question823: A benefit of open system architecture is that it:
Question824: Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized?
Question825: Which of the following would an IS auditor use to determine if unauthorized modifications were made to production programs?
Question826: When reviewing IS strategies, an IS auditor can BEST assess whether IS strategy supports the organizations' business objectives by determining if IS:
Question827: A review of wide area network (WAN) usage discovers that traffic on one communication line between sites, synchronously linking the master and standby database, peaks at 96 percent of the line capacity. An IS auditor should conclude that:
Question828: Which of the following fire-suppression methods is considered to be the most environmentally friendly?
Question829: A clerk changed the interest rate for a loan on a master file. The rate entered is outside the normal range for such a loan. Which of the following controls is MOST effective in providing reasonable assurance that the change was authorized?
Question830: Which of the following should be of MOST concern to an IS auditor reviewing the BCP?
Question831: Which of the following controls would be the MOST comprehensive in a remote access network with multiple and diverse subsystems?
Question832: When reviewing the IT strategic planning process, an IS auditor should ensure that the plan:
Question833: When protecting an organization's IT systems, which of the following is normally the next line of defense after the network firewall has been compromised?
Question834: An IS auditor selects a server for a penetration test that will be carried out by a technical specialist. Which of the following is MOST important?
Question835: Many IT projects experience problems because the development time and/or resource requirements are underestimated. Which of the following techniques would provide the GREATEST assistance in developing an estimate of project duration?
Question836: Which of the following backup techniques is the MOST appropriate when an organization requires extremely granular data restore points, as defined in the recovery point objective (RPO)?
Question837: An IS auditor examining the configuration of an operating system to verify the controls should review the:
Question838: Which of the following functions is performed by a virtual private network (VPN)?
Question839: An IS auditor conducting an access control review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that:
Question840: Which of the following activities should the business continuity manager perform FIRST after the replacement of hardware at the primary information processing facility?
Question841: Use of asymmetric encryption in an internet e-commerce site, where there is one private key for the hosting server and the public key is widely distributed to the customers, is MOST likely to provide comfort to the:
Question842: What topology provides the greatest redundancy of routes and the greatest network fault tolerance?
Question843: Data flow diagrams are used by IS auditors to:
Question844: Which of the following intrusion detection systems (IDSs) monitors the general patterns of activity and traffic on a network and creates a database?
Question845: Which of the following would normally be the MOST reliable evidence for an auditor?
Question846: The MAJOR advantage of the risk assessment approach over the baseline approach to information security management is that it ensures:
Question847: When performing an audit of access rights, an IS auditor should be suspicious of which of the following if allocated to a computer operator?
Question848: Which of the following data validation edits is effective in detecting transposition and transcription errors?
Question849: Reconfiguring which of the following firewall types will prevent inward downloading of files through the File Transfer Protocol (FTP)?
Question850: An IS auditor inspected a windowless room containing phone switching and networking equipment and documentation binders. The room was equipped with two handheld fire extinguishers-one filled with CO2, the other filled with halon. Which ofthe following should be given the HIGHEST priority in the auditor's report?
Question851: What is a common vulnerability, allowing denial-of-service attacks?
Question852: A LAN administrator normally would be restricted from:
Question853: The BEST method for assessing the effectiveness of a business continuity plan is to review the:
Question854: Which of the following could lead to an unintentional loss of confidentiality? Choose the BEST answer.
Question855: What determines the strength of a secret key within a symmetric key cryptosystem?
Question856: During a disaster recovery test, an IS auditor observes that the performance of the disaster recovery site's server is slow. To find the root cause of this, the IS auditor should FIRST review the:
Question857: Which of the following data validation edits is effective in detecting transposition and transcription errors?
Question858: Which of the following can be thought of as the simplest and almost cheapest type of firewall?
Question859: A technical lead who was working on a major project has left the organization. The project manager reports suspicious system activities on one of the servers that is accessible to the whole team. What would be of GREATEST concern if discoveredduring a forensic investigation?
Question860: The specific advantage of white box testing is that it:
Question861: During the planning stage of an IS audit, the PRIMARY goal of an IS auditor is to:
Question862: A substantive test to verify that tape library inventory records are accurate is:
Question863: Which of the following would an IS auditor consider the MOST relevant to short-term planning for an IS department?
Question864: Which of the following is the most important element in the design of a data warehouse?
Question865: An IS auditor reviewing an organization's IS disaster recovery plan should verify that it is:
Question866: The PRIMARY purpose of an IT forensic audit is:
Question867: Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist?
Question868: During an application audit, an IS auditor finds several problems related to corrupted data in the database.
Which of the following is a corrective control that the IS auditor should recommend?
Question869: An IS auditor performing detailed network assessments and access control reviews should FIRST:
Question870: Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks?
Question871: The GREATEST benefit in implementing an expert system is the:
Question872: Who is ultimately accountable for the development of an IS security policy?
Question873: What is the PRIMARY purpose of audit trails?
Question874: Which of the following is BEST suited for secure communications within a small group?
Question875: Which of the following types of firewalls would BEST protect a network from an internet attack?
Question876: Which type of major BCP test only requires representatives from each operational area to meet to review the plan?
Question877: Which of the following biometrics has the highest reliability and lowest false-acceptance rate (FAR)?
Question878: An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses Wireless Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their customer's payment information. The IS auditor should be MOST concerned if a hacker:
Question879: What is the primary security concern for EDI environments? Choose the BEST answer.
Question880: Which of the following types of attack involves a program that creates an infinite loop, makes lots of copies of itself, and continues to open lots of files?
Question881: Talking about biometric measurement, which of the following measures the percent of invalid users who are incorrectly accepted in?
Question882: The feature of a digital signature that ensures the sender cannot later deny generating and sending the message is called:
Question883: A check digit is an effective edit check to:
Question884: Which of the following applet intrusion issues poses the GREATEST risk of disruption to an organization?
Question885: Which of the following controls would an IS auditor look for in an environment where duties cannot be appropriately segregated?
Question886: An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the:
Question887: Which of the following IT governance best practices improves strategic alignment?
Question888: Which of the following should an IS auditor recommend to BEST enforce alignment of an IT project portfolio with strategic organizational priorities?
Question889: With the help of a security officer, granting access to data is the responsibility of:
Question890: An IS auditor should carefully review the functional requirements in a systems-development project to ensure that the project is designed to:
Question891: Which of the following online auditing techniques is most effective for the early detection of errors or irregularities?
Question892: Which of the following should be of PRIMARY concern to an IS auditor reviewing the management of external IT service providers?
Question893: The reason a certification and accreditation process is performed on critical systems is to ensure that:
Question894: Organizations should use off-site storage facilities to maintain _________________ (fill in the blank) of current and critical information within backup files. Choose the BEST answer.
Question895: Which of the following is the MOST reliable form of single factor personal identification?
Question896: An IS auditor reviewing access controls for a client-server environment should FIRST:
Question897: Which of the following can degrade network performance? Choose the BEST answer.
Question898: In a contract with a hot, warm or cold site, contractual provisions should cover which of the following considerations?
Question899: Which of the following is a continuity plan test that uses actual resources to simulate a system crash to cost-effectively obtain evidence about the plan's effectiveness?
Question900: A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not performing adequately which of the following types of testing?
Question901: The reason for establishing a stop or freezing point on the design of a new system is to:
Question902: Which of the following provides nonrepudiation services for e-commerce transactions?
Question903: When transmitting a payment instruction, which of the following will help verify that the instruction was not duplicated?
Question904: An IS auditor reviewing an organization's data file control procedures finds that transactions are applied to the most current files, while restart procedures use earlier versions. The IS auditor should recommend the implementation of:
Question905: Which of the following is the MOST effective control when granting temporary access to vendors?
Question906: Which of the following is the GREATEST risk when storage growth in a critical file server is not managed properly?
Question907: In the 2c area of the diagram, there are three hubs connected to each other. What potential risk might this indicate?

Question908: Which of the following exposures could be caused by a line grabbing technique?
Question909: An IS auditor finds that, at certain times of the day, the data warehouse query performance decreases significantly. Which of the following controls would it be relevant for the IS auditor to review?
Question910: Which of the following issues should be the GREATEST concern to the IS auditor when reviewing an IT disaster recovery test?
Question911: IT governance is PRIMARILY the responsibility of the:
Question912: Which of the following will replace system binaries and/or hook into the function calls of the operating system to hide the presence of other programs (choose the most precise answer)?
Question913: Which of the following is used to evaluate biometric access controls?
Question914: Which of the following exposures associated with the spooling of sensitive reports for offline printing should an IS auditor consider to be the MOST serious?
Question915: The BEST filter rule for protecting a network from being used as an amplifier in a denial of service (DoS) attack is to deny all:
Question916: The MAJOR consideration for an IS auditor reviewing an organization's IT project portfolio is the:
Question917: A malicious code that changes itself with each file it infects is called a:
Question918: During a logical access controls review, an IS auditor observes that user accounts are shared. The GREATEST risk resulting from this situation is that:
Question919: A comprehensive and effective e-mail policy should address the issues of e-mail structure, policy enforcement, monitoring and:
Question920: Well-written risk assessment guidelines for IS auditing should specify which of the following elements at the least (choose all that apply):
Question921: Which of the following components is responsible for the collection of data in an intrusion detection system (IDS)?
Question922: Documentation of a business case used in an IT development project should be retained until:
Question923: As a driver of IT governance, transparency of IT's cost, value and risks is primarily achieved through:
Question924: What should regression testing use to obtain accurate conclusions regarding the effects of changes or corrections to a program, and ensuring that those changes and corrections have not introduced new errors?
Question925: An organization having a number of offices across a wide geographical area has developed a disaster recovery plan. Using actual resources, which of the following is the MOST cost-effective test of the disaster recovery plan?
Question926: The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure:
Question927: Which of the following is the MOST effective type of antivirus software?
Question928: The MOST significant level of effort for business continuity planning (BCP) generally is required during the:
Question929: Which of the following methods of suppressing a fire in a data center is the MOST effective and environmentally friendly?
Question930: An IS auditor finds out-of-range data in some tables of a database. Which of the following controls should the IS auditor recommend to avoid this situation?
Question931: An IS auditor examining a biometric user authentication system establishes the existence of a control weakness that would allow an unauthorized individual to update the centralized database on the server that is used to store biometric templates. Ofthe following, which is the BEST control against this risk?
Question932: What type of BCP test uses actual resources to simulate a system crash and validate the plan's effectiveness?
Question933: The use of residual biometric information to gain unauthorized access is an example of which of the following attacks?
Question934: Company.com has contracted with an external consulting firm to implement a commercial financial system to replace its existing in-house developed system. In reviewing the proposed development approach, which of the following would be of GREATEST concern?
Question935: An IS auditor performing detailed network assessments and access control reviews should FIRST:
Question936: Which of the following is a control over component communication failure/errors?
Question937: An IS auditor usually places more reliance on evidence directly collected. What is an example of such evidence?
Question938: If senior management is not committed to strategic planning, how likely is it that a company's implementation of IT will be successful?
Question939: Corrective action has been taken by an auditee immediately after the identification of a reportable finding.
The auditor should:
Question940: An IS auditor finds that a DBA has read and write access to production data. The IS auditor should:
Question941: Ideally, stress testing should be carried out in a:
Question942: Which of the following is the MOST critical step in planning an audit?
Question943: In order to properly protect against unauthorized disclosure of sensitive data, how should hard disks be sanitized?
Question944: IS management is considering a Voice-over Internet Protocol (VoIP) network to reduce telecommunication costs and management asked the IS auditor to comment on appropriate security controls. Which of the following security measures is MOST appropriate?
Question945: An IS auditor notes that patches for the operating system used by an organization are deployed by the IT department as advised by the vendor. The MOST significant concern an IS auditor should have with this practice is the nonconsideration bylT of:
Question946: An IS auditor finds that, in accordance with IS policy, IDs of terminated users are deactivated within 90 days of termination. The IS auditor should:
Question947: A financial institution that processes millions of transactions each day has a central communications processor (switch) for connecting to automated teller machines (ATMs). Which of the following would be the BEST contingency plan for the communications processor?
Question948: A benefit of quality of service (QoS) is that the:
Question949: The PRIMARY advantage of a continuous audit approach is that it:
Question950: An IS auditor reviewing an outsourcing contract of IT facilities would expect it to define the:
Question951: Which of the following would be the MOST secure firewall system?
Question952: When an organization is outsourcing their information security function, which of the following should be kept in the organization?
Question953: Which of the following is an advantage of the top-down approach to software testing?
Question954: Which of the following BEST ensures the integrity of a server's operating system?
Question955: How is the risk of improper file access affected upon implementing a database system?
Question956: The ability of the internal IS audit function to achieve desired objectives depends largely on:
Question957: Receiving an EDI transaction and passing it through the communication's interface stage usually requires:
Question958: Which of the following is an advantage of prototyping?
Question959: When developing a security architecture, which of the following steps should be executed FIRST?
Question960: E-mail message authenticity and confidentiality is BEST achieved by signing the message using the:
Question961: Assessing IT risks is BEST achieved by:
Question962: To determine which users can gain access to the privileged supervisory state, which of the following should an IS auditor review?
Question963: During a postimplementation review of an enterprise resource management system, an IS auditor would MOST likely:
Question964: In-house personnel performing IS audits should posses which of the following knowledge and/or skills (choose 2):
Question965: When identifying an earlier project completion time, which is to be obtained by paying a premium for early completion, the activities that should be selected are those:
Question966: An offsite information processing facility:
Question967: The implementation of access controls FIRST requires:
Question968: Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure with digital certificates for its business-to-consumer transactions via the internet?
Question969: A database administrator has detected a performance problem with some tables which could be solved through denormalization. This situation will increase the risk of:
Question970: Which of the following findings should an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault?
Question971: The GREATEST risk when end users have access to a database at its system level, instead of through the application, is that the users can:
Question972: An IS auditor is reviewing an IT security risk management program. Measures of security risk should:
Question973: When reviewing the procedures for the disposal of computers, which of the following should be the GREATEST concern for the IS auditor?
Question974: A disaster recovery plan for an organization should:
Question975: Which of the following is the GREATEST concern when an organization's backup facility is at a warm site?
Question976: Following best practices, formal plans for implementation of new information systems are developed during the:
Question977: Which of the following protocols would be involved in the implementation of a router and an interconnectivity device monitoring system?
Question978: The PRIMARY advantage of a continuous audit approach is that it:
Question979: Data edits are implemented before processing and are considered which of the following? Choose the BEST answer.
Question980: Within a virus, which component is responsible for what the virus does to the victim file?
Question981: The IS auditor learns that when equipment was brought into the data center by a vendor, the emergency power shutoff switch was accidentally pressed and the UPS was engaged. Which of the following audit recommendations should the IS auditor suggest?
Question982: Upon receipt of the initial signed digital certificate the user will decrypt the certificate with the public key of the:
Question983: In auditing a web server, an IS auditor should be concerned about the risk of individuals gaining unauthorized access to confidential information through:
Question984: Which of the following is a dynamic analysis tool for the purpose of testing software modules?
Question985: During the requirements definition phase for a database application, performance is listed as a top priority.
To access the DBMS files, which of the following technologies should be recommended for optimal I/O performance?
Question986: As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the CRC- 32 checksum for:
Question987: When developing a disaster recovery plan, the criteria for determining the acceptable downtime should be the:
Question988: When assessing the design of network monitoring controls, an IS auditor should FIRST review network:
Question989: To ensure that audit resources deliver the best value to the organization, the FIRST step would be to:
Question990: When reviewing a project where quality is a major concern, an IS auditor should use the project management triangle to explain that:
Question991: After identifying potential security vulnerabilities, what should be the IS auditor's next step?
Question992: A call-back system requires that a user with an id and password call a remote server through a dial-up line, then the server disconnects and:
Question993: The PRIMARY objective of implementing corporate governance by an organization's management is to:
Question994: Which of the following is an example of a passive attack initiated through the Internet?
Question995: The ultimate purpose of IT governance is to:
Question996: An organization's IS audit charter should specify the:
Question997: To protect a VoIP infrastructure against a denial-of-service (DoS) attack, it is MOST important to secure the:
Question998: Inadequate programming and coding practices introduce the risk of:
Question999: Which of the following provides the best evidence of the adequacy of a security awareness program?
Question1000: Which of the following systems-based approaches would a financial processing company employ to monitor spending patterns to identify abnormal patterns and report them?
Question1001: Which of the following encrypt/decrypt steps provides the GREATEST assurance of achieving confidentiality, message integrity and nonrepudiation by either sender or recipient?
Question1002: What should IS auditors always check when auditing password files?
Question1003: What is a primary high-level goal for an auditor who is reviewing a system development project?
Question1004: Which of the following is the MOST secure and economical method for connecting a private network over the Internet in a small- to medium-sized organization?
Question1005: Which of the following is a telecommunication device that translates data from digital form to analog form and back to digital?
Question1006: A manager of a project was not able to implement all audit recommendations by the target date. The IS auditor should:
Question1007: Which of the following situations would increase the likelihood of fraud?
Question1008: Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization's security policy?
Question1009: What supports data transmission through split cable facilities or duplicate cable facilities?
Question1010: Of the three major types of off-site processing facilities, what type is characterized by at least providing for electricity and HVAC?
Question1011: IT best practices for the availability and continuity of IT services should:
Question1012: The MOST effective control for addressing the risk of piggybacking is:
Question1013: Which of the following activities performed by a database administrator (DBA) should be performed by a different person?
Question1014: When a new system is to be implemented within a short time frame, it is MOST important to: