Question1: If an IS auditor observes that individual modules of a system perform correctly in development project tests, the auditor should inform management of the positive results and recommend further:
Question2: Which of the following systems-based approaches would a financial processing company employ to monitor spending patterns to identify abnormal patterns and report them?
Question3: Which of the following methods of providing telecommunications continuity involves the use of an alternative media?
Question4: Which of the following layer of an OSI model transmits and receives the bit stream as electrical, optical or radio signals over an appropriate medium or carrier?
Question5: Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with an organization's change control procedures?
Question6: Which of the following is a control over component communication failure/errors?
Question7: When should systems administrators first assess the impact of applications or systems patches?
Question8: Naming conventions for system resources are important for access control because they:
Question9: Which of the following is a data validation edit and control?
Question10: Which of the following type of honey pot essentially gives a hacker a real environment to attack?
Question11: Which of the following layer of an OSI model controls dialog between computers?
Question12: The BEST filter rule for protecting a network from being used as an amplifier in a denial of service (DoS) attack is to deny all:
Question13: Which of the following is a ITU-T standard protocol suite for packet switched wide area network communication?
Question14: A core tenant of an IS strategy is that it must:
Question15: The waterfall life cycle model of software development is most appropriately used when:
Question16: Which of the following Confidentiality, Integrity, Availability (CIA) attribute supports the principle of least privilege by providing access to information only to authorized and intended users?
Question17: Atomicity enforces data integrity by ensuring that a transaction is either completed in its entirely or not at all. Atomicity is part of the ACID test reference for transaction processing.
True or false?
Question18: Key verification is one of the best controls for ensuring that:
Question19: What uses questionnaires to lead the user through a series of choices to reach a conclusion?
Question20: Two-factor authentication can be circumvented through which of the following attacks?
Question21: What is an acceptable mechanism for extremely time-sensitive transaction processing?
Question22: When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected on the network?
Question23: Which of the following term in business continuity determines the maximum acceptable amount of data loss measured in time?
Question24: What does PKI use to provide some of the strongest overall control over data confidentiality, reliability, and integrity for Internet transactions?
Question25: Which of the following statement is NOT true about smoke detector?
Question26: Private Branch Exchange(PBX) environment involves many security risks, one of which is the people both internal and external to an organization. Which of the following risks are NOT associated with Private Branch Exchange?
1. Theft of service
2. Disclosure of information
3. Data Modifications
4. Denial of service
5. Traffic Analysis
Question27: As an IS auditor it is very important to understand software release management process. Which of the following software release normally contains small enhancements and fixes?
Question28: Test and development environments should be separated. True or false?
Question29: The PRIMARY advantage of a continuous audit approach is that it:
Question30: During the audit of a database server, which of the following would be considered the GREATEST exposure?
Question31: IT best practices for the availability and continuity of IT services should:
Question32: Applying a retention date on a file will ensure that:
Question33: When reviewing an intrusion detection system (IDS), an IS auditor should be MOST concerned about which of the following?
Question34: What should an IS auditor do if he or she observes that project-approval procedures do not exist?
Question35: Who is responsible for restricting and monitoring access of a data user?
Question36: How does the digital envelop work? What are the correct steps to follow?
Question37: Which of the following type of computer has highest processing speed?
Question38: Identify the correct sequence of Business Process Reengineering (BPR) application steps from the given choices below?
Question39: A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not adequately performing which of the following types of testing?
Question40: To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:

Question41: Which of the following concerns associated with the World Wide Web would be addressed by a firewall?
Question42: An IS auditor should review the configuration of which of the following protocols to detect unauthorized mappings between the IP address and the media access control (MAC) address?
Question43: Which of the following should be included in a feasibility study for a project to implement an EDI process?
Question44: What should IS auditors always check when auditing password files?
Question45: A sender of an e-mail message applies a digital signature to the digest of the message. This action provides assurance of the:
Question46: What are intrusion-detection systems (IDS) primarily used for?
Question47: When transmitting a payment instruction, which of the following will help verify that the instruction was not duplicated?
Question48: Which of the following is a network diagnostic tool that monitors and records network information?
Question49: How is the risk of improper file access affected upon implementing a database system?
Question50: Which of the following layer of the OSI model provides a standard interface for applications to communicate with devices on a network?
Question51: An IS auditor is told by IS management that the organization has recently reached the highest level of the software capability maturity model (CMM). The software quality process MOST recently added by the organization is:
Question52: The most likely error to occur when implementing a firewall is:
Question53: Which of the following public key infrastructure (PKI) elements provides detailed descriptions for dealing with a compromised private key?
Question54: Which of the following is an environmental issue caused by electric storms or noisy electric equipment and may also cause computer system to hang or crash?
Question55: Which of the following protocol does NOT work at the Application layer of the TCP/IP Models?
Question56: Which of the following help(s) prevent an organization's systems from participating in a distributed denial- of-service (DDoS) attack?
Question57: An IS auditor should know information about different network transmission media. Which of the following transmission media is used for short distance transmission?
Question58: Which of the following type of a computer network is a WAN that are limited to a city?
Question59: Which policy helps an auditor to gain a better understanding of biometrics system in an organization?
Question60: Electromagnetic emissions from a terminal represent an exposure because they:
Question61: Which of the following would be the BEST population to take a sample from when testing program changes?
Question62: Which of the following is an object-oriented technology characteristic that permits an enhanced degree of security over data?
Question63: What type of approach to the development of organizational policies is often driven by risk assessment?
Question64: Why is a clause for requiring source code escrow in an application vendor agreement important?
Question65: Which of the following cryptography is based on practical application of the characteristics of the smallest
"grains" of light, the photon, the physical laws governing their generation and propagation and detection?
Question66: Identify the correct sequence of Business Process Reengineering (BPR) benchmarking process from the given choices below?
Question67: When installing an intrusion detection system (IDS), which of the following is MOST important?
Question68: As an IS auditor it is very important to understand software release management process. Which of the following software release normally contains a significant change or addition of new functionality?
Question69: Processing controls ensure that data is accurate and complete, and is processed only through which of the following?
Question70: Which of the following is an example of the defense in-depth security principle?
Question71: Which of the following term related to network performance refers to the actual rate that information is transferred over a network?
Question72: Which of the following term related to network performance refers to the maximum rate that information can be transferred over a network?
Question73: Authentication techniques for sending and receiving data between EDI systems is crucial to prevent which of the following?
Question74: What type of risk results when an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when errors actually exist?
Question75: Which of the following exposures could be caused by a line grabbing technique?
Question76: Time constraints and expanded needs have been found by an IS auditor to be the root causes for recent violations of corporate data definition standards in a new business intelligence project.
Which of the following is the MOST appropriate suggestion for an auditor to make?
Question77: Who is ultimately accountable for the development of an IS security policy?
Question78: Which of the following layer of an OSI model responsible for routing and forwarding of a network packets?
Question79: The initial step in establishing an information security program is the:
Question80: Which of the following is widely accepted as one of the critical components in networking management?
Question81: Network environments often add to the complexity of program-to-program communication, making the implementation and maintenance of application systems more difficult. True or false?
Question82: Which of the following malware technical fool's malware by appending section of themselves to files - somewhat in the same way that file malware append themselves?
Question83: In an IS audit of several critical servers, the IS auditor wants to analyze audit trails to discover potential anomalies in user or system behavior. Which of the following tools are MOST suitable for performing that task?
Question84: During an IS audit, auditor has observed that authentication and authorization steps are split into two functions and there is a possibility to force the authorization step to be completed before the authentication step. Which of the following technique an attacker could user to force authorization step before authentication?
Question85: Which of the following is NOT a true statement about public key infrastructure (PKI)?
Question86: A manufacturing firm wants to automate its invoice payment system. Objectives state that the system should require considerably less time for review and authorization and the system should be capable of identifying errors that require follow up. Which of the following would BEST meet these objectives?
Question87: The MAIN purpose of a transaction audit trail is to:
Question88: Data flow diagrams are used by IS auditors to:
Question89: Who assumes ownership of a systems-development project and the resulting system?
Question90: Which of the following attacks targets the Secure Sockets Layer (SSL)?
Question91: Which of the following translates e-mail formats from one network to another so that the message can travel through all the networks?
Question92: Which of the following applet intrusion issues poses the GREATEST risk of disruption to an organization?
Question93: Which of the following type of IDS has self-learning functionality and over a period of time will learned what is the expected behavior of a system?
Question94: An organization has outsourced its help desk. Which of the following indicators would be the best to include in the SLA?
Question95: Which of the following provides the MOST relevant information for proactively strengthening security settings?
Question96: How do modems (modulation/demodulation) function to facilitate analog transmissions to enter a digital network?
Question97: Which of the following is BEST suited for secure communications within a small group?
Question98: After discovering a security vulnerability in a third-party application that interfaces with several external systems, a patch is applied to a significant number of modules. Which of the following tests should an IS auditor recommend?
Question99: A digital signature contains a message digest to:
Question100: Which of the following is a continuity plan test that uses actual resources to simulate a system crash to cost-effectively obtain evidence about the plan's effectiveness?
Question101: What is the most common reason for information systems to fail to meet the needs of users?
Question102: To properly evaluate the collective effect of preventative, detective, or corrective controls within a process, an IS auditor should be aware of which of the following?
Question103: Which of the following type of a computer network are variation of LAN and are dedicated to connecting storage devices to servers and other computing devices?
Question104: During Involuntary termination of an employee, which of the following is the MOST important step to be considered?
Question105: Above almost all other concerns, what often results in the greatest negative impact on the implementation of new application software?
Question106: Which of the following is MOST likely to result from a business process reengineering (BPR) Project?
Question107: When auditing a proxy-based firewall, an IS auditor should:
Question108: Which of the following are effective controls for detecting duplicate transactions such as payments made or received?
Question109: Which of the following method is recommended by security professional to PERMANENTLY erase sensitive data on magnetic media?
Question110: Which of the following transmission media is MOST difficult to tap?
Question111: How is the time required for transaction processing review usually affected by properly implemented Electronic Data Interface (EDI)?
Question112: Java applets and ActiveX controls are distributed executable programs that execute in the background of a web browser client. This practice is considered reasonable when:
Question113: An existing system is being extensively enhanced by extracting and reusing design and program components. This is an example of:
Question114: Which of the following process consist of identification and selection of data from the imaged data set in computer forensics?
Question115: An IS auditor finds that user acceptance testing of a new system is being repeatedly interrupted as defect fixes are implemented by developers. Which of the following would be the BEST recommendation for an IS auditor to make?
Question116: Which of the following term related to network performance refers to the variation in the time of arrival of packets on the receiver of the information?
Question117: In which of the following WAN message transmission technique messages are divided into packets before they are sent and each packet is then transmitted individually and can even follow different routes to its destination?
Question118: The MAJOR advantage of the risk assessment approach over the baseline approach to information security management is that it ensures:
Question119: Which of the following would be of MOST concern to an IS auditor reviewing a virtual private network (VPN) implementation? Computers on the network that are located:
Question120: Identify the INCORRECT statement related to network performance below?
Question121: Disabling which of the following would make wireless local area networks more secure against unauthorized access?
Question122: An IS auditor reviewing the key roles and responsibilities of the database administrator (DBA) is LEAST likely to expect the job description of the DBA to include:
Question123: An IS auditor notes that IDS log entries related to port scanning are not being analyzed. This lack of analysis will MOST likely increase the risk of success of which of the following attacks?
Question124: Which of the following statements regarding an off-site information processing facility is TRUE?
Question125: Rather than simply reviewing the adequacy of access control, appropriateness of access policies, and effectiveness of safeguards and procedures, the IS auditor is more concerned with effectiveness and utilization of assets. True or false?
Question126: There are many types of audit logs analysis tools available in the market. Which of the following audit logs analysis tools will look for anomalies in user or system behavior?
Question127: A review of wide area network (WAN) usage discovers that traffic on one communication line between sites, synchronously linking the master and standby database, peaks at 96 percent of the line capacity. An IS auditor should conclude that:
Question128: The MOST likely explanation for the use of applets in an Internet application is that:
Question129: Which of the following statement INCORRECTLY describes Asynchronous Transfer Mode (ATM) technique?
Question130: Identify the network topology from below diagram presented below:

Network Topology
Question131: Once an organization has finished the business process reengineering (BPR) of all its critical operations, an IS auditor would MOST likely focus on a review of:
Question132: Over the long term, which of the following has the greatest potential to improve the security incident response process?
Question133: The MAIN criterion for determining the severity level of a service disruption incident is:
Question134: An IS auditor selects a server for a penetration test that will be carried out by a technical specialist. Which of the following is MOST important?
Question135: Any changes in systems assets, such as replacement of hardware, should be immediately recorded within the assets inventory of which of the following?
Question136: The purpose of code signing is to provide assurance that:
Question137: An IS auditor's PRIMARY concern when application developers wish to use a copy of yesterday's production transaction file for volume tests is that:
Question138: Which of the following is protocol data unit (PDU) of network interface layer in TCP/IP model?
Question139: An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely:
Question140: Which of the following term in business continuity defines the total amount of time that a business process can be disrupted without causing any unacceptable consequences?
Question141: Which of the following is a software application that pretend to be a server on the Internet and is not set up purposely to actively protect against break-ins?
Question142: An efficient use of public key infrastructure (PKI) should encrypt the:
Question143: Web and e-mail filtering tools are PRIMARILY valuable to an organization because they:
Question144: Which of the following protocol does NOT work at Network interface layer in TCP/IP model?
Question145: Which of the following system and data conversion strategies provides the GREATEST redundancy?
Question146: Batch control reconciliation is a _____________________ (fill the blank) control for mitigating risk of inadequate segregation of duties.
Question147: An IS auditor evaluating logical access controls should FIRST:
Question148: What is an edit check to determine whether a field contains valid data?
Question149: What is an effective countermeasure for the vulnerability of data entry operators potentially leaving their computers without logging off?
Question150: Which of the following layer of an OSI model encapsulates packets into frames?
Question151: What process uses test data as part of a comprehensive test of program controls in a continuous online manner?
Question152: Which of the following type of lock uses a numeric keypad or dial to gain entry?
Question153: An IS auditor reviewing a database application discovers that the current configuration does not match the originally designed structure. Which of the following should be the IS auditor's next action?
Question154: A company has implemented a new client-server enterprise resource planning (ERP) system. Local branches transmit customer orders to a central manufacturing facility. Which of the following would BEST ensure that the orders are entered accurately and the corresponding products are produced?
Question155: What is a common vulnerability, allowing denial-of-service attacks?
Question156: Following best practices, formal plans for implementation of new information systems are developed during the:
Question157: There are many firewall implementations provided by firewall manufacturers. Which of the following implementation utilize two packet filtering routers and a bastion host? This approach creates the most secure firewall system since it supports network and application level security while defining a separate DMZ.
Question158: Which of the following is best suited for searching for address field duplications?
Question159: Which of the following manages the digital certificate life cycle to ensure adequate security and controls exist in digital signature applications related to e-commerce?
Question160: Which of the following term in business continuity determines the maximum tolerable amount of time needed to bring all critical systems back online after disaster occurs?
Question161: Which of the following would help to ensure the portability of an application connected to a database?
Question162: Which of the following is the MOST effective control when granting temporary access to vendors?
Question163: Functional acknowledgements are used:
Question164: What is an initial step in creating a proper firewall policy?
Question165: When performing an IS strategy audit, an IS auditor should review both short-term (one- year) and long- term (three-to five-year) IS strategies, interview appropriate corporate management personnel, and ensure that the external environment has been considered. The auditor should especially focus on procedures in an audit of IS strategy. True or false?
Question166: Which of the following should be a concern to an IS auditor reviewing a wireless network?
Question167: Doing which of the following during peak production hours could result in unexpected downtime?
Question168: Which of the following is an effective method for controlling downloading of files via FTP?
Question169: An organization can ensure that the recipients of e-mails from its employees can authenticate the identity of the sender by:
Question170: An organization has a mix of access points that cannot be upgraded to stronger security and newer access points having advanced wireless security. An IS auditor recommends replacing the non-upgradeable access points. Which of the following would BEST justify the IS auditor's recommendation?
Question171: As described at security policy, the CSO implemented an e-mail package solution that allows for ensuring integrity of messages sent using SMIME. Which of the options below BEST describes how it implements the environment to suite policy´s requirement?
Question172: Which of the following is an advantage of the top-down approach to software testing?
Question173: Which of the following is the GREATEST risk when implementing a data warehouse?
Question174: When reviewing print systems spooling, an IS auditor is MOST concerned with which of the following vulnerabilities?
Question175: Which of the following can degrade network performance?
Question176: An IS auditor reviewing the implementation of an intrusion detection system (IDS) should be MOST concerned if:
Question177: Which of the following attack includes social engineering, link manipulation or web site forgery techniques?
Question178: A company is implementing a dynamic host configuration protocol (DHCP). Given that the following conditions exist, which represents the GREATEST concern?
Question179: When performing a database review, an IS auditor notices that some tables in the database are not normalized. The IS auditor should next:
Question180: Which of the following is NOT a component of IPSec?
Question181: During an IS audit, one of your auditor has observed that some of the critical servers in your organization can be accessed ONLY by using shared/common user name and password. What should be the auditor's PRIMARY concern be with this approach?
Question182: Which of the following is of greatest concern to the IS auditor?
Question183: What type of BCP test uses actual resources to simulate a system crash and validate the plan's effectiveness?
Question184: Which of the following statement correctly describes the difference between symmetric key encryption and asymmetric key encryption?
Question185: Fourth-Generation Languages (4GLs) are most appropriate for designing the application's graphical user interface (GUI). They are inappropriate for designing any intensive data- calculation procedures. True or false?
Question186: Library control software restricts source code to:
Question187: Digital signatures require the:
Question188: Which of the following is a guiding best practice for implementing logical access controls?
Question189: Which of the following is the INCORRECT Layer to Protocol mapping used in the DOD TCP/IP model?
Question190: Which of the following types of transmission media provide the BEST security against unauthorized access?
Question191: To determine how data are accessed across different platforms in a heterogeneous environment, an IS auditor should FIRST review:
Question192: Which of the following would an IS auditor consider to be the MOST helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program?
Question193: As an IS auditor it is very important to understand the importance of job scheduling. Which of the following statement is NOT true about job scheduler or job scheduling software?
Question194: What can be used to help identify and investigate unauthorized transactions?
Question195: Security administration procedures require read-only access to:
Question196: Which of the following type of network service maps Domain Names to network IP addresses or network IP addresses to Domain Names?
Question197: How can minimizing single points of failure or vulnerabilities of a common disaster best be controlled?
Question198: An organization has an integrated development environment (IDE) on which the program libraries reside on the server, but modification/development and testing are done from PC workstations.
Which of the following would be a strength of an IDE?
Question199: An IS auditor reviewing an organization's data file control procedures finds that transactions are applied to the most current files, while restart procedures use earlier versions. The IS auditor should recommend the implementation of:
Question200: How does the process of systems auditing benefit from using a risk-based approach to audit planning?
Question201: The knowledge base of an expert system that uses questionnaires to lead the user through a series of choices before a conclusion is reached is known as:
Question202: Which of the following technique is used for speeding up network traffic flow and making it easier to manage?
Question203: IS auditors are MOST likely to perform compliance tests of internal controls if, after their initial evaluation of the controls, they conclude that control risks are within the acceptable limits. True or false?
Question204: The GREATEST benefit in implementing an expert system is the:
Question205: With the help of a security officer, granting access to data is the responsibility of:
Question206: What kind of protocols does the OSI Transport Layer of the TCP/IP protocol suite provide to ensure reliable communication?
Question207: Which of the following components is responsible for the collection of data in an intrusion detection system (IDS)?
Question208: Whenever business processes have been re-engineered, the IS auditor attempts to identify and quantify the impact of any controls that might have been removed, or controls that might not work as effectively after business process changes. True or false?
Question209: Which of the following is a sophisticated computer based switch that can be thought of as essentially a small in-house phone company for the organization?
Question210: The FIRST step in managing the risk of a cyber-attack is to:
Question211: After an IS auditor has identified threats and potential impacts, the auditor should:
Question212: A programmer maliciously modified a production program to change data and then restored the original code. Which of the following would MOST effectively detect the malicious activity?
Question213: Which of the following BEST describes the role of a directory server in a public key infrastructure (PKI)?
Question214: In an EDI process, the device which transmits and receives electronic documents is the:
Question215: Which of the following is a substantive test?
Question216: The MAIN reason for requiring that all computer clocks across an organization be synchronized is to:
Question217: There are several types of penetration tests depending upon the scope, objective and nature of a test.
Which of the following describes a penetration test where you attack and attempt to circumvent the controls of the targeted network from the outside, usually the Internet?
Question218: Sign-on procedures include the creation of a unique user ID and password. However, an IS auditor discovers that in many cases the username and password are the same. The BEST control to mitigate this risk is to:
Question219: isk analysis is not always possible because the IS auditor is attempting to calculate risk using nonquantifiable threats and potential losses. In this event, a _________________ risk assessment is more appropriate. Fill in the blanks.
Question220: When a new system is to be implemented within a short time frame, it is MOST important to:
Question221: What type of cryptosystem is characterized by data being encrypted by the sender using the recipient's public key, and the data then being decrypted using the recipient's private key?
Question222: While conducting an audit, an IS auditor detects the presence of a virus. What should be the IS auditor's next step?
Question223: When reviewing the configuration of network devices, an IS auditor should FIRST identify:
Question224: When is regression testing used to determine whether new application changes have introduced any errors in the remaining unchanged code?
Question225: Which type of major BCP test only requires representatives from each operational area to meet to review the plan?
Question226: As an IS auditor, it is very important to make sure all storage media are well protected. Which of the following is the LEAST important factor for protecting CDs and DVDs?
Question227: What is used to develop strategically important systems faster, reduce development costs, and still maintain high quality?
Question228: Which of the following is a management technique that enables organizations to develop strategically important systems faster, while reducing development costs and maintaining quality?
Question229: What supports data transmission through split cable facilities or duplicate cable facilities?
Question230: Which of the following is the MOST critical step in planning an audit?
Question231: During a human resources (HR) audit, an IS auditor is informed that there is a verbal agreement between the IT and HR departments as to the level of IT services expected. In this situation, what should the IS auditor do FIRST?
Question232: While reviewing the IT infrastructure, an IS auditor notices that storage resources are continuously being added. The IS auditor should:
Question233: In which of the following transmission media it is MOST difficult to modify the information traveling across the network?
Question234: Identify the LAN topology from below diagram presented below:

bus topology
Question235: By evaluating application development projects against the capability maturity model (CMM), an IS auditor should be able to verify that:
Question236: Who is ultimately responsible and accountable for reviewing user access to systems?
Question237: A critical function of a firewall is to act as a:
Question238: A check digit is an effective edit check to:
Question239: Which of the following uses a prototype that can be updated continually to meet changing user or business requirements?
Question240: While planning an audit, an assessment of risk should be made to provide:
Question241: Which of the following is an advantage of asymmetric crypto system over symmetric key crypto system?
Question242: The implementation of access controls FIRST requires:
Question243: Regarding digital signature implementation, which of the following answers is correct?
Question244: Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)?
Question245: Which of the following attack is also known as Time of Check(TOC)/Time of Use(TOU)?
Question246: Which of the following would be the BEST overall control for an Internet business looking for confidentiality, reliability and integrity of data?
Question247: In a client-server architecture, a domain name service (DNS) is MOST important because it provides the:
Question248: An IS auditor is performing an audit of a remotely managed server backup. The IS auditor reviews the logs for one day and finds one case where logging on a server has failed with the result that backup restarts cannot be confirmed. What should the auditor do?
Question249: An IS auditor is reviewing a project that is using an Agile software development approach. Which of the following should the IS auditor expect to find?
Question250: An IS auditor evaluates the test results of a modification to a system that deals with payment computation.
The auditor finds that 50 percent of the calculations do not match predetermined totals. Which of the following would MOST likely be the next step in the audit?
Question251: When performing a computer forensic investigation, in regard to the evidence gathered, an IS auditor should be MOST concerned with:
Question252: During a logical access controls review, an IS auditor observes that user accounts are shared. The GREATEST risk resulting from this situation is that:
Question253: The BEST method of proving the accuracy of a system tax calculation is by:
Question254: Which of the following should be of MOST concern to an IS auditor?
Question255: Reverse proxy technology for web servers should be deployed if:
Question256: An IS auditor conducting an access control review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that:
Question257: An IS auditor reviewing wireless network security determines that the Dynamic Host Configuration Protocol is disabled at all wireless access points. This practice:
Question258: The BEST way to minimize the risk of communication failures in an e-commerce environment would be to use:
Question259: Reconfiguring which of the following firewall types will prevent inward downloading of files through the File Transfer Protocol (FTP)?
Question260: What type(s) of firewalls provide(s) the greatest degree of protection and control because both firewall technologies inspect all seven OSI layers of network traffic?
Question261: An IS auditor is evaluating a corporate network for a possible penetration by employees. Which of the following findings should give the IS auditor the GREATEST concern?
Question262: The GREATEST advantage of rapid application development (RAD) over the traditional system development life cycle (SDLC) is that it:
Question263: To ensure message integrity, confidentiality and non-repudiation between two parties, the MOST effective method would be to create a message digest by applying a cryptographic hashing algorithm against:
Question264: In which of the following database models is the data represented in terms of tulles and grouped into relations?
Question265: An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as:
Question266: An organization is migrating from a legacy system to an enterprise resource planning (ERP) system. While reviewing the data migration activity, the MOST important concern for the IS auditor is to determine that there is a:
Question267: Which of the following technique is NOT used by a preacher against a Private Branch Exchange (PBX)?
Question268: Which of the following database model allow many-to-many relationships in a tree-like structure that allows multiple parents?
Question269: Which of the following statement correctly describes difference between packet filtering firewall and stateful inspection firewall?
Question270: Which of the following type of a computer network covers a broad area such as city, region, nation or international link?
Question271: The MOST significant security concerns when using flash memory (e.g., USB removable disk) is that the:
Question272: A hub is a device that connects:
Question273: Which of the following is a prevalent risk in the development of end-user computing (EUC) applications?
Question274: Which of the following transmission media uses a transponder to send information?
Question275: Which of the following procedures would MOST effectively detect the loading of illegal software packages onto a network?
Question276: An IS auditor notes that patches for the operating system used by an organization are deployed by the IT department as advised by the vendor. The MOST significant concern an IS auditor should have with this practice is the nonconsideration bylT of:
Question277: Which of the following attack best describe "Computer is the target of a crime" and "Computer is the tool of a crime"?
Question278: Which of the following types of testing would determine whether a new or modifies system can operate in its target environment without adversely impacting other existing systems?
Question279: Diskless workstation is an example of:
Question280: Digital signatures require the sender to "sign" the data by encrypting the data with the sender's public key, to then be decrypted by the recipient using the recipient's private key.
True or false?
Question281: Which of the following types of firewalls would BEST protect a network from an internet attack?
Question282: Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized?
Question283: In what way is a common gateway interface (CGI) MOST often used on a webserver?
Question284: Off-site data storage should be kept synchronized when preparing for recovery of time- sensitive data such as that resulting from which of the following?
Question285: During the planning stage of an IS audit, the PRIMARY goal of an IS auditor is to:
Question286: The reason a certification and accreditation process is performed on critical systems is to ensure that:
Question287: If a database is restored from information backed up before the last system image, which of the following is recommended?
Question288: The MAJOR advantage of a component-based development approach is the:
Question289: Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation?
Question290: Which of the following represents the GREATEST potential risk in an EDI environment?
Question291: For which of the following applications would rapid recovery be MOST crucial?
Question292: During the testing of the business continuity plan (BCP), which of the following methods of results analysis provides the BEST assurance that the plan is workable?
Question293: To address a maintenance problem, a vendor needs remote access to a critical network. The MOST secure and effective solution is to provide the vendor with a:
Question294: Business process re-engineering often results in ___________________ automation, which results in
____________ number of people using technology. Fill in the blanks.
Question295: What protects an application purchaser's ability to fix or change an application in case the application vendor goes out of business?
Question296: An IS auditor analyzing the audit log of a database management system (DBMS) finds that some transactions were partially executed as a result of an error, and are not rolled back. Which of the following transaction processing features has been violated?
Question297: To ensure that audit resources deliver the best value to the organization, the FIRST step would be to:
Question298: Who is responsible for implementing cost-effective controls in an automated system?
Question299: Parity bits are a control used to validate:
Question300: The phases and deliverables of a system development life cycle (SDLC) project should be determined:
Question301: Which of the following can degrade network performance?
Question302: During which of the following phases in system development would user acceptance test plans normally be prepared?
Question303: Which of the following is a standard secure email protection protocol?
Question304: In the course of performing a risk analysis, an IS auditor has identified threats and potential impacts. Next, the IS auditor should:
Question305: When evaluating the controls of an EDI application, an IS auditor should PRIMARILY be concerned with the risk of:
Question306: An IS auditor performing an application maintenance audit would review the log of program changes for the:
Question307: Which of the following BEST ensures the integrity of a server's operating system?
Question308: Which of the following would normally be the MOST reliable evidence for an auditor?
Question309: During the review of a web-based software development project, an IS auditor realizes that coding standards are not enforced and code reviews are rarely carried out. This will MOST likely increase the likelihood of a successful:
Question310: The PRIMARY purpose of audit trails is to:
Question311: In the 2c area of the diagram, there are three hubs connected to each other. What potential risk might this indicate?

Question312: As an auditor it is very important to ensure confidentiality, integrity, authenticity and availability are implemented appropriately in an information system. Which of the following definitions incorrectly describes these parameters?
1. Authenticity - A third party must be able to verify that the content of a message has been sent by a specific entity and nobody else.
2. Non-repudiation - The origin or the receipt of a specific message must be verifiable by a third party. A person cannot deny having sent a message if the message is signed by the originator.
3. Accountability - The action of an entity must be uniquely traceable to different entities
4. Availability - The IT resource must be available on a timely basis to meet mission requirements or to avoid substantial losses.
Question313: During the requirements definition phase for a database application, performance is listed as a top priority.
To access the DBMS files, which of the following technologies should be recommended for optimal I/O performance?
Question314: Which of the following online auditing techniques is most effective for the early detection of errors or irregularities?
Question315: Which of the following provide(s) near-immediate recoverability for time-sensitive systems and transaction processing?
Question316: Database snapshots can provide an excellent audit trail for an IS auditor. True or false?
Question317: The goal of an information system is to achieve integrity, authenticity and non-repudiation of information's sent across the network. Which of the following statement correctly describe the steps to address all three?
Question318: What is often assured through table link verification and reference checks?
Question319: Which of the following is the BEST type of program for an organization to implement to aggregate, correlate and store different log and event files, and then produce weekly and monthly reports for IS auditors?
Question320: Which of the following BEST reduces the ability of one device to capture the packets that are meant for another device?
Question321: Which of the following term related to network performance refers to the delay that packet may experience on their way to reach the destination from the source?
Question322: Which of the following network components is PRIMARILY set up to serve as a security measure by preventing unauthorized traffic between different segments of the network?
Question323: What is/are used to measure and ensure proper network capacity management and availability of services?
Question324: The decisions and actions of an IS auditor are MOST likely to affect which of the following risks?
Question325: A database administrator is responsible for:
Question326: When evaluating the collective effect of preventive, detective or corrective controls within a process, an IS auditor should be aware of which of the following?
Question327: The feature of a digital signature that ensures the sender cannot later deny generating and sending the message is called:
Question328: Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly?
Question329: When reviewing input controls, an IS auditor observes that, in accordance with corporate policy, procedures allow supervisory override of data validation edits. The IS auditor should:
Question330: What is a reliable technique for estimating the scope and cost of a software-development project?
Question331: During a security audit of IT processes, an IS auditor found that there were no documented security procedures. The IS auditor should:
Question332: An organization has contracted with a vendor for a turnkey solution for their electronic toll collection system (ETCS). The vendor has provided its proprietary application software as part of the solution. The contract should require that:
Question333: Which are the two primary types of scanner used for protecting against Malware?
Malware mask/signatures and Heuristic Scanner
Active and passive Scanner
Behavioral Blockers and immunizer Scanner
None of the above
Question334: Which of the following antispam filtering techniques would BEST prevent a valid, variable- length e-mail message containing a heavily weighted spam keyword from being labeled as spam?
Question335: Which of the following could lead to an unintentional loss of confidentiality?
Question336: Which of the following reports should an IS auditor use to check compliance with a service level agreement's (SLA) requirement for uptime?
Question337: A substantive test to verify that tape library inventory records are accurate is:
Question338: Which of the following is the most important element in the design of a data warehouse?
Question339: An IS auditor is reviewing the remote access methods of a company used to access system remotely.
Which of the following is LEAST preferred remote access method from a security and control point of view?
Question340: Which of the following types of firewalls provide the GREATEST degree and granularity of control?
Question341: Which of the following device in Frame Relay WAN technique is a service provider device that does the actual data transmission and switching in the frame relay cloud?
Question342: The quality of the metadata produced from a data warehouse is ________________ in the warehouse's design.
Question343: Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization's security policy?
Question344: The objective of concurrency control in a database system is to:
Question345: Which of the following is the protocol data unit (PDU) of application layer in TCP/IP model?
Question346: During the development of an application, the quality assurance testing and user acceptance testing were combined. The MAJOR concern for an IS auditor reviewing the project is that there will be:
Question347: The vice president of human resources has requested an audit to identify payroll overpayments for the previous year. Which would be the BEST audit technique to use in this situation?
Question348: The FIRST step in data classification is to:
Question349: Which of the following type of an IDS resides on important systems like database, critical servers and monitors various internal resources of an operating system?
Question350: An IS auditor attempting to determine whether access to program documentation is restricted to authorized persons would MOST likely:
Question351: Distributed denial-of-service (DDOS) attacks on Internet sites are typically evoked by hackers using which of the following?
Question352: What are trojan horse programs?
Question353: When are benchmarking partners identified within the benchmarking process?
Question354: What is the most common purpose of a virtual private network implementation?
Question355: Which of the following processes should an IS auditor recommend to assist in the recording of baselines for software releases?
Question356: An appropriate control for ensuring the authenticity of orders received in an EDI application is to:
Question357: To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against:
Question358: Which of the following provides the strongest authentication for physical access control?
Question359: Who is accountable for maintaining appropriate security measures over information assets?
Question360: During what process should router access control lists be reviewed?
Question361: During an application audit, an IS auditor finds several problems related to corrupted data in the database.
Which of the following is a corrective control that the IS auditor should recommend?
Question362: During a postimplementation review of an enterprise resource management system, an IS auditor would MOST likely:
Question363: Which of the following INCORRECTLY describes the layer function of the Application Layer within the TCP/IP model?
Question364: What is used to provide authentication of the website and can also be used to successfully authenticate keys used for data encryption?
Question365: Which of the following is a dynamic analysis tool for the purpose of testing software modules?
Question366: To determine if unauthorized changes have been made to production code the BEST audit procedure is to:
Question367: Function Point Analysis (FPA) provides an estimate of the size of an information system based only on the number and complexity of a system's inputs and outputs. True or false?
Question368: Which of the following satisfies a two-factor user authentication?
Question369: Failure in which of the following testing stages would have the GREATEST impact on the implementation of new application software?
Question370: When reviewing system parameters, an IS auditor's PRIMARY concern should be that:
Question371: Which of the following term in business continuity determines the maximum tolerable amount of time that is needed to verify the system and/or data integrity?
Question372: Which of the following is MOST directly affected by network performance monitoring tools?
Question373: A decision support system (DSS):
Question374: The application systems of an organization using open-source software have no single recognized developer producing patches. Which of the following would be the MOST secure way of updating open- source software?
Question375: Which of the following is the unique identifier within and IPSec packet that enables the sending host to reference the security parameter to apply?
Question376: During the system testing phase of an application development project the IS auditor should review the:
Question377: Why does the IS auditor often review the system logs?
Question378: An IS auditor has identified the lack of an authorization process for users of an application. The IS auditor's main concern should be that:
Question379: In order to properly protect against unauthorized disclosure of sensitive data, how should hard disks be sanitized?
Question380: Which of the following service is a distributed database that translate host name to IP address to IP address to host name?
Question381: An investment advisor e-mails periodic newsletters to clients and wants reasonable assurance that no one has modified the newsletter. This objective can be achieved by:
Question382: Which of the following is protocol data unit (PDU) of data at LAN or WAN interface layer in TCP/IP model?
Question383: The BEST way to minimize the risk of communication failures in an e-commerce environment would be to use:
Question384: Which of the following is the MOST effective method for dealing with the spreading of a network worm that exploits vulnerability in a protocol?
Question385: An IS auditor should recommend the use of library control software to provide reasonable assurance that:
Question386: Which key is used by the sender of a message to create a digital signature for the message being sent?
Question387: An organization has recently installed a security patch, which crashed the production server. To minimize the probability of this occurring again, an IS auditor should:
Question388: What is essential for the IS auditor to obtain a clear understanding of network management?
Question389: IT operations for a large organization have been outsourced. An IS auditor reviewing the outsourced operation should be MOST concerned about which of the following findings?
Question390: To prevent IP spoofing attacks, a firewall should be configured to drop a packet if:
Question391: John has been hired to fill a new position in one of the well-known financial institute. The position is for IS auditor. He has been assigned to complete IS audit of one of critical financial system. Which of the following should be the first step for John to be perform during IS audit planning?
Question392: Which of the following transmission media is LEAST vulnerable to cross talk?
Question393: When storing data archives off-site, what must be done with the data to ensure data completeness?
Question394: What is the primary objective of a control self-assessment (CSA) program?
Question395: Which of the following hardware devices relieves the central computer from performing network control, format conversion and message handling tasks?
Question396: Responsibility and reporting lines cannot always be established when auditing automated systems since:
Question397: Data edits are implemented before processing and are considered which of the following?
Question398: In a small organization, developers may release emergency changes directly to production. Which of the following will BEST control the risk in this situation?
Question399: ________ (fill in the blank) is/are ultimately accountable for the functionality, reliability, and security within IT governance.
Question400: Why does an IS auditor review an organization chart?
Question401: Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users?
Question402: Why is the WAP gateway a component warranting critical concern and review for the IS auditor when auditing and testing controls enforcing message confidentiality?
Question403: To ensure compliance with a security policy requiring that passwords be a combination of letters and numbers, an IS auditor should recommend that:
Question404: A proposed transaction processing application will have many data capture sources and outputs in paper and electronic form. To ensure that transactions are not lost during processing, an IS auditor should recommend the inclusion of:
Question405: Of the three major types of off-site processing facilities, what type is characterized by at least providing for electricity and HVAC?
Question406: An IS auditor reviews an organizational chart PRIMARILY for:
Question407: Input/output controls should be implemented for which applications in an integrated systems environment?
Question408: Which of the following statement INCORRECTLY describes circuit switching technique?
Question409: Proper segregation of duties prevents a computer operator (user) from performing security administration duties. True or false?
Question410: Which of the following attack redirects outgoing message from the client back onto the client, preventing outside access as well as flooding the client with the sent packets?
Question411: Which of the following type of a computer network covers a limited area such as a home, office or campus?
Question412: Which of the following typically focuses on making alternative processes and resources available for transaction processing?
Question413: The PRIMARY purpose of an IT forensic audit is:
Question414: At the end of the testing phase of software development, an IS auditor observes that an intermittent software error has not been corrected. No action has been taken to resolve the error. The IS auditor should:
Question415: What process is used to validate a subject's identity?
Question416: What process allows IS management to determine whether the activities of the organization differ from the planned or expected levels?
Question417: What is used as a control to detect loss, corruption, or duplication of data?
Question418: Which of the following is the PRIMARY safeguard for securing software and data within an information processing facility?
Question419: The specific advantage of white box testing is that it:
Question420: What is the recommended initial step for an IS auditor to implement continuous-monitoring systems?
Question421: Which of the following line media would provide the BEST security for a telecommunication network?
Question422: An offsite information processing facility having electrical wiring, air conditioning and flooring, but no computer or communications equipment is a:
Question423: An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls?
Question424: An IS auditor examining the configuration of an operating system to verify the controls should review the:
Question425: In which of the following RFID risks competitor potentially could gain unauthorized access to RFID- generated information and use it to harm the interests of the organization implementing the RFID system?
Question426: What kind of testing should programmers perform following any changes to an application or system?
Question427: The security level of a private key system depends on the number of:
Question428: Which of the following will BEST ensure the successful offshore development of business applications?
Question429: When assessing the design of network monitoring controls, an IS auditor should FIRST review network:
Question430: An audit charter should:
Question431: Which of the following is protocol data unit (PDU) of transport layer in TCP/IP model?
Question432: Which of the following type of network service is used by network computer to obtain an IP addresses and other parameters such as default gateway, subnet mask?
Question433: An IS auditor is evaluating management's risk assessment of information systems. The IS auditor should FIRST review:
Question434: Which of the following functionality is NOT performed by the application layer of a TCP/IP model?
Question435: There are many known weaknesses within an Intrusion Detection System (IDS). Which of the following is NOT a limitation of an IDS?
Question436: Which of the following BEST limits the impact of server failures in a distributed environment?
Question437: Which of the following processes are performed during the design phase of the systems development life cycle (SDLC) model?
Question438: Which of the following would be the GREATEST cause for concern when data are sent over the Internet using HTTPS protocol?
Question439: A virtual private network (VPN) provides data confidentiality by using:
Question440: An IS auditor reviewing access controls for a client-server environment should FIRST:
Question441: In an audit of an inventory application, which approach would provide the BEST evidence that purchase orders are valid?
Question442: In a small organization, an employee performs computer operations and, when the situation demands, program modifications. Which of the following should the IS auditor recommend?
Question443: During a review of a customer master file, an IS auditor discovered numerous customer name duplications arising from variations in customer first names. To determine the extent of the duplication, the IS auditor would use:
Question444: During the audit of an acquired software package, an IS auditor learned that the software purchase was based on information obtained through the Internet, rather than from responses to a request for proposal (RFP). The IS auditor should FIRST:
Question445: An IS auditor is performing an audit of a network operating system. Which of the following is a user feature the IS auditor should review?
Question446: The MOST significant level of effort for business continuity planning (BCP) generally is required during the:
Question447: An IS auditor should use statistical sampling and not judgment (nonstatistical) sampling, when:
Question448: Which of the following can degrade network performance?
Question449: An IS auditor has imported data from the client's database. The next step-confirming whether the imported data are complete-is performed by:
Question450: In which of the following WAN message transmission technique does two network nodes establish a dedicated communications channel through the network before the nodes may communicate?
Question451: What can ISPs use to implement inbound traffic filtering as a control to identify IP packets transmitted from unauthorized sources?
Question452: In regard to moving an application program from the test environment to the production environment, the BEST control would be to have the:
Question453: Which of the following attack involves slicing small amount of money from a computerize transaction or account?
Question454: An IS auditor performing a review of an application's controls would evaluate the:
Question455: Identify the WAN message switching technique being used from the description presented below:
"Data is routed in its entirety from the source node to the destination node, one hope at a time. During message routing, every intermediate switch in the network stores the whole message. If the entire network's resources are engaged or the network becomes blocked, this WAN switching technology stores and delays the message until ample resources become available for effective transmission of the message. "
Question456: An intentional or unintentional disclosure of a password is likely to be evident within control logs. True or false?
Question457: IS management has decided to rewrite a legacy customer relations system using fourth generation languages (4GLs). Which of the following risks is MOST often associated with system development using
4GLs?
Question458: In which of the following database model is the data organized into a tree-like structure, implying a single parent for each record?
Question459: Which of the following is a benefit of using callback devices?
Question460: Which testing approach is MOST appropriate to ensure that internal application interface errors are identified as soon as possible?
Question461: Which audit technique provides the BEST evidence of the segregation of duties in an IS department?
Question462: Which of the following cryptography demands less computational power and offers more security per bit?
Question463: Validated digital signatures in an e-mail software application will:
Question464: Proper segregation of duties does not prohibit a quality control administrator from also being responsible for change control and problem management. True or false?
Question465: Overall business risk for a particular threat can be expressed as:
Question466: Which of the following do digital signatures provide?
Question467: An installed Ethernet cable run in an unshielded twisted pair (UTP) network is more than 100 meters long.
Which of the following could be caused by the length of the cable?
Question468: Which of the following would be the MOST cost-effective recommendation for reducing the number of defects encountered during software development projects?
Question469: The use of object-oriented design and development techniques would MOST likely:
Question470: Which of the following fire-suppression methods is considered to be the most environmentally friendly?
Question471: Which of the following is a benefit of a risk-based approach to audit planning? Audit:
Question472: Which of the following is the MOST important action in recovering from a cyberattack?
Question473: Which of the following is an advantage of prototyping?
Question474: Transmitting redundant information with each character or frame to facilitate detection and correction of errors is called a:
Question475: Which of the following statement correctly describes one way SSL authentication between a client (e.g.
browser) and a server (e.g. web server)?
Question476: Which of the following user profiles should be of MOST concern to an IS auditor when performing an audit of an EFT system?
Question477: Which of the following statement is NOT true about Voice-Over IP (VoIP)?
VoIP uses circuit switching technology
Lower cost per call or even free calls, especially for long distance call Lower infrastructure cost
VoIP is a technology where voice traffic is carried on top of existing data infrastructure
Question478: What is the key distinction between encryption and hashing algorithms?
Question479: Which of the following controls will MOST effectively detect the presence of bursts of errors in network transmissions?
Question480: When reviewing a hardware maintenance program, an IS auditor should assess whether:
Question481: Which of the following is often used as a detection and deterrent control against Internet attacks?
Question482: Which of the following is the GREATEST risk to the effectiveness of application system controls?
Question483: When performing an audit of access rights, an IS auditor should be suspicious of which of the following if allocated to a computer operator?
Question484: In what way is a common gateway interface (CGI) MOST often used on a webserver?
Question485: In a public key infrastructure (PKI), which of the following may be relied upon to prove that an online transaction was authorized by a specific customer?
Question486: Which of the following statement INCORRECTLY describes device and where they sit within the TCP/IP model?
Question487: When reviewing the implementation of a LAN, an IS auditor should FIRST review the:
Question488: Off-site data backup and storage should be geographically separated so as to _______________ (fill in the blank) the risk of a widespread physical disaster such as a hurricane or earthquake.
Question489: Which of the following protocol is developed jointly by VISA and Master Card to secure payment transactions among all parties involved in credit card transactions on behalf of cardholders and merchants?
Question490: Vendors have released patches fixing security flaws in their software. Which of the following should an IS auditor recommend in this situation?
Question491: What are often the primary safeguards for systems software and data?
Question492: An IS auditor is assigned to perform a post implementation review of an application system. Which pf the following situations may have impaired the independence of the IS auditor? The IS auditor:
Question493: Company.com has contracted with an external consulting firm to implement a commercial financial system to replace its existing in-house developed system. In reviewing the proposed development approach, which of the following would be of GREATEST concern?
Question494: What is an effective control for granting temporary access to vendors and external support personnel?
Question495: The use of a GANTT chart can:
Question496: Who is responsible for authorizing access level of a data user?
Question497: An IS auditor evaluating the resilience of a high-availability network should be MOST concerned if:
Question498: Which of the following would provide the BEST protection against the hacking of a computer connected to the Internet?
Question499: Which of the following will help detect changes made by an intruder to the system log of a server?
Question500: Which of the following can degrade network performance?
Question501: Which of the following exploit vulnerabilities to cause loss or damage to the organization and its assets?
Question502: An IS auditor reviewing a proposed application software acquisition should ensure that the:
Question503: Receiving an EDI transaction and passing it through the communication's interface stage usually requires:
Question504: Change management procedures are established by IS management to:
Question505: Which of the following type of computer is a large, general purpose computer that are made to share their processing power and facilities with thousands of internal or external users?
Question506: Which of the following devices extends the network and has the capacity to store frames and act as a storage and forward device?
Question507: If an IS auditor finds evidence of risk involved in not implementing proper segregation of duties, such as having the security administrator perform an operations function, what is the auditor's primary responsibility?
Question508: Which of the following would be the MOST secure firewall system?
Question509: Which of the following database controls would ensure that the integrity of transactions is maintained in an online transaction processing system's database?
Question510: Which of the following would impair the independence of a quality assurance team?
Question511: What is the primary security concern for EDI environments?
Question512: Which of the following is a feature of Wi-Fi Protected Access (WPA) in wireless networks?
Question513: Business Continuity Planning (BCP) is not defined as a preparation that facilitates:
Question514: Which of the following attack is MOSTLY performed by an attacker to steal the identity information of a user such as credit card number, passwords, etc?
Question515: A database administrator is responsible for:
Question516: Which of the following statement INCORRECTLY describes network device such as a Router?
Question517: In large corporate networks having supply partners across the globe, network traffic may continue to rise.
The infrastructure components in such environments should be scalable. Which of the following firewall architectures limits future scalability?
Question518: Which of the following is the dominating objective of BCP and DRP?
Question519: Which of the following INCORRECTLY describes the layer functions of the LAN or WAN Layer of the TCP/ IP model?
Question520: When reviewing an organization's approved software product list, which of the following is the MOST important thing to verify?
Question521: To determine who has been given permission to use a particular system resource, an IS auditor should review:
Question522: Which of the following antivirus software implementation strategies would be the MOST effective in an interconnected corporate network?
Question523: What must an IS auditor understand before performing an application audit?
Question524: Which of the following cryptographic systems is MOST appropriate for bulk data encryption and small devices such as smart cards?
Question525: To verify that the correct version of a data file was used for a production run, an IS auditor should review:
Question526: What is the BEST approach to mitigate the risk of a phishing attack?
Question527: During maintenance of a relational database, several values of the foreign key in a transaction table of a relational database have been corrupted. The consequence is that:
Question528: In a relational database with referential integrity, the use of which of the following keys would prevent deletion of a row from a customer table as long as the customer number of that row is stored with live orders on the orders table?
Question529: Which of the following protocols would be involved in the implementation of a router and an interconnectivity device monitoring system?
Question530: What determines the strength of a secret key within a symmetric key cryptosystem?
Question531: Which of the following statement correctly describes the differences between tunnel mode and transport mode of the IPSec protocol?
Question532: An advantage of a continuous audit approach is that it can improve system security when used in time- sharing environments that process a large number of transactions. True or false?
Question533: The GREATEST risk when end users have access to a database at its system level, instead of through the application, is that the users can:
Question534: The BEST way to minimize the risk of communication failures in an e-commerce environment would be to use:
Question535: The directory system of a database-management system describes:
Question536: Which of the following is the PRIMARY advantage of using computer forensic software for investigations?
Question537: After observing suspicious activities in a server, a manager requests a forensic analysis.
Which of the following findings should be of MOST concern to the investigator?
Question538: Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?
Question539: The PRIMARY objective of service-level management (SLM) is to:
Question540: Which of the following is the protocol data unit (PDU) of application layer in TCP/IP model?
Question541: When should an application-level edit check to verify that availability of funds was completed at the electronic funds transfer (EFT) interface?
Question542: Which of the following is the PRIMARY purpose for conducting parallel testing?
Question543: Which of the following controls would provide the GREATEST assurance of database integrity?
Question544: When implementing an application software package, which of the following presents the GREATEST risk?
Question545: A firewall is being deployed at a new location. Which of the following is the MOST important factor in ensuring a successful deployment?
Question546: Within IPSEC which of the following defines security parameters which should be applied between communicating parties such as encryption algorithms, key initialization vector, life span of keys, etc?
Question547: Which of the following is the protocol data unit (PDU) of application layer in TCP/IP model?
Question548: An IS auditor finds out-of-range data in some tables of a database. Which of the following controls should the IS auditor recommend to avoid this situation?
Question549: Which of the following exposures associated with the spooling of sensitive reports for offline printing should an IS auditor consider to be the MOST serious?
Question550: A company has decided to implement an electronic signature scheme based on public key infrastructure.
The user's private key will be stored on the computer's hard drive and protected by a password. The MOST significant risk of this approach is:
Question551: When selecting audit procedures, an IS auditor should use professional judgment to ensure that:
Question552: An integrated test facility is considered a useful audit tool because it:
Question553: Which of the following is a type of computer network used for data transmission among devices such as computers, telephones and personal digital assistants?
Question554: A company has recently upgraded its purchase system to incorporate EDI transmissions. Which of the following controls should be implemented in the EDI interface to provide for efficient data mapping?
Question555: If senior management is not committed to strategic planning, how likely is it that a company's implementation of IT will be successful?
Question556: Who is ultimately responsible for providing requirement specifications to the software- development team?
Question557: When performing a database review, an IS auditor notices that some tables in the database are not normalized. The IS auditor should next:
Question558: Which of the following exposures associated with the spooling of sensitive reports for offline printing should an IS auditor consider to be the MOST serious?
Question559: Which of the following statement correctly describes difference between SSL and S/HTTP?
Question560: Ensuring that security and control policies support business and IT objectives is a primary objective of:
Question561: To prevent unauthorized entry to the data maintained in a dial-up, fast response system, an IS auditor should recommend:
Question562: What is a primary high-level goal for an auditor who is reviewing a system development project?
Question563: Which of the following method should be recommended by security professional to erase the data on the magnetic media that would be reused by another employee?
Question564: Which of the following term in business continuity defines the total amount of time that a business process can be disrupted without causing any unacceptable consequences?
Question565: Which of the following network configuration options contains a direct link between any two host machines?
Question566: Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks?
Question567: Which of the following is the MOST likely reason why e-mail systems have become a useful source of evidence for litigation?
Question568: IS management recently replaced its existing wired local area network (LAN) with a wireless infrastructure to accommodate the increased use of mobile devices within the organization. This will increase the risk of which of the following attacks?
Question569: What influences decisions regarding criticality of assets?
Question570: Which of the following sampling methods is MOST useful when testing for compliance?
Question571: An auditor needs to be aware of technical controls which are used to protect computer from malware.
Which of the following technical control interrupts DoS and ROM BIOS call and look for malware like action?
Question572: Which of the following is MOST critical when creating data for testing the logic in a new or modified application system?
Question573: Which of the following should an IS auditor review to determine user permissions that have been granted for a particular resource?
Question574: An organization is using symmetric encryption. Which of the following would be a valid reason for moving to asymmetric encryption? Symmetric encryption:
Question575: In a client-server system, which of the following control techniques is used to inspect activity from known or unknown users?
Question576: Which of the following attack is against computer network and involves fragmented or invalid ICMP packets sent to the target?
Question577: What is a callback system?
Question578: An advantage in using a bottom-up vs. a top-down approach to software testing is that:
Question579: The use of statistical sampling procedures helps minimize:
Question580: Which of the following would BEST maintain the integrity of a firewall log?
Question581: A benefit of quality of service (QoS) is that the:
Question582: Which of the following attack occurs when a malicious action is performed by invoking the operating system to execute a particular system call?
Question583: Which of the following systems or tools can recognize that a credit card transaction is more likely to have resulted from a stolen credit card than from the holder of the credit card?
Question584: The IS auditor learns that when equipment was brought into the data center by a vendor, the emergency power shutoff switch was accidentally pressed and the UPS was engaged. Which of the following audit recommendations should the IS auditor suggest?
Question585: An IS auditor finds that client requests were processed multiple times when received from different independent departmental databases, which are synchronized weekly. What would be the BEST recommendation?
Question586: Whenever an application is modified, what should be tested to determine the full impact of the change?
Question587: When should plans for testing for user acceptance be prepared?
Question588: What is the first step in a business process re-engineering project?
Question589: The network of an organization has been the victim of several intruders' attacks. Which of the following measures would allow for the early detection of such incidents?
Question590: The IS management of a multinational company is considering upgrading its existing virtual private network (VPN) to support voice-over IP (VoIP) communications via tunneling. Which of the following considerations should be PRIMARILY addressed?
Question591: Assuming this diagram represents an internal facility and the organization is implementing a firewall protection program, where should firewalls be installed?

Question592: Who should be responsible for network security operations?
Question593: An organization is implementing a new system to replace a legacy system. Which of the following conversion practices creates the GREATEST risk?
Question594: Identify the correct sequence which needs to be followed as a chain of event in regards to evidence handling in computer forensics?
Question595: ________________ (fill in the blank) should be implemented as early as data preparation to support data integrity at the earliest point possible.
Question596: Which of the following attack could be avoided by creating more security awareness in the organization and provide adequate security knowledge to all employees?
Question597: In RFID technology which of the following risk could represent a threat to non-RFID networked or collocated systems, assets, and people?
Question598: Proper segregation of duties prohibits a system analyst from performing quality-assurance functions. True or false?
Question599: What control detects transmission errors by appending calculated bits onto the end of each segment of data?
Question600: When using an integrated test facility (ITF), an IS auditor should ensure that:
Question601: Neural networks are effective in detecting fraud because they can:
Question602: In computer forensics, which of the following is the process that allows bit-for-bit copy of a data to avoid damage of original data or information when multiple analysis may be performed?
Question603: What often results in project scope creep when functional requirements are not defined as well as they could be?
Question604: Which of the following is an example of a passive attack initiated through the Internet?
Question605: While evaluating logical access control the IS auditor should follow all of the steps mentioned below EXCEPT one?
1. Obtain general understanding of security risk facing information processing, through a review of relevant documentation, inquiry and observation,etc
2. Document and evaluate controls over potential access paths into the system to assess their adequacy, efficiency and effectiveness
3. Test Control over access paths to determine whether they are functioning and effective by applying appropriate audit technique
4. Evaluate the access control environment to determine if the control objective are achieved by analyzing test result and other audit evidence
5. Evaluate the security environment to assess its adequacy by reviewing written policies, observing practices and procedures, and comparing them with appropriate security standard or practice and procedures used by other organization.
6. Evaluate and deploy technical controls to mitigate all identified risks during audit.
Question606: During the requirements definition phase of a software development project, the aspects of software testing that should be addressed are developing:
Question607: An IS auditor needs to consider many factors while evaluating an encryption system. Which of the following is LEAST important factor to be considered while evaluating an encryption system?
Question608: Which of the following data validation edits is effective in detecting transposition and transcription errors?
Question609: A hacker could obtain passwords without the use of computer tools or programs through the technique of:
Question610: In a public key infrastructure (PKI), the authority responsible for the identification and authentication of an applicant for a digital certificate (i.e., certificate subjects) is the:
Question611: Which of the following is used to evaluate biometric access controls?
Question612: Which of the following statement correctly describes the difference between IPSec and SSH protocols?
Question613: Organizations should use off-site storage facilities to maintain ______________ (fill in the blank) of current and critical information within backup files.
Question614: How does the SSL network protocol provide confidentiality?
Question615: A sequence of bits appended to a digital document that is used to secure an e-mail sent through the Internet is called a:
Question616: Identify the network topology from below diagram presented below:

Network Topology
Question617: What can be very helpful to an IS auditor when determining the efficacy of a systems maintenance program?
Question618: The database administrator (DBA) suggests that DB efficiency can be improved by denormalizing some tables. This would result in:
Question619: Which of the following BEST characterizes a mantrap or deadman door, which is used as a deterrent control for the vulnerability of piggybacking?
Question620: Obtaining user approval of program changes is very effective for controlling application changes and maintenance. True or false?
Question621: Accountability for the maintenance of appropriate security measures over information assets resides with the:
Question622: As an IS auditor it is very important to understand software release management process. Which of the following software release normally contains small enhancements and fixes?
Question623: Confidentiality of the data transmitted in a wireless LAN is BEST protected if the session is:
Question624: Which of the following is the INCORRECT "layer - protocol" mapping within the TCP/IP model?
Question625: An organization provides information to its supply chain partners and customers through an extranet infrastructure. Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture?
Question626: An IS auditor is reviewing access to an application to determine whether the 10 most recent "new user" forms were correctly authorized. This is an example of:
Question627: Which of the following is BEST characterized by unauthorized modification of data before or during systems data entry?
Question628: An IS auditor should be MOST concerned with what aspect of an authorized honeypot?
Question629: A call-back system requires that a user with an id and password call a remote server through a dial-up line, then the server disconnects and:
Question630: Passwords should be:
Question631: A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted?
Question632: An IS auditor is using a statistical sample to inventory the tape library. What type of test would this be considered?
Question633: An IS auditor finds that, at certain times of the day, the data warehouse query performance decreases significantly. Which of the following controls would it be relevant for the IS auditor to review?
Question634: Which of the following is of greatest concern when performing an IS audit?
Question635: An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses Wireless Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their customer's payment information. The IS auditor should be MOST concerned if a hacker:
Question636: An integrated test facility is not considered a useful audit tool because it cannot compare processing output with independently calculated data. True or false?
Question637: Which of the following would prevent accountability for an action performed, thus allowing nonrepudiation?
Question638: What can be used to gather evidence of network attacks?
Question639: Which of the following ensures confidentiality of information sent over the internet?
Question640: Allowing application programmers to directly patch or change code in production programs increases risk of fraud. True or false?
Question641: Which of the following is a passive attack method used by intruders to determine potential network vulnerabilities?
Question642: What should regression testing use to obtain accurate conclusions regarding the effects of changes or corrections to a program, and ensuring that those changes and corrections have not introduced new errors?
Question643: For locations 3a, 1d and 3d, the diagram indicates hubs with lines that appear to be open and active.
Assuming that is true, what control, if any, should be recommended to mitigate this weakness?

Question644: Which of the following ensures a sender's authenticity and an e-mail's confidentiality?
Question645: What is a data validation edit control that matches input data to an occurrence rate? Choose the BEST answer.
Question646: A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it:
Question647: Which of the following PBX feature supports shared extensions among several devices, ensuring that only one device at a time can use an extension?
Question648: Which of the following device in Frame Relay WAN technique is generally customer owned device that provides a connectivity between company's own network and the frame relays network?
Question649: Which of the following type of network service stores information about the various resources in a central database on a network and help network devices locate services?
Question650: Which of the following potentially blocks hacking attempts?
Question651: Which of the following statement correctly describes the difference between total flooding and local application extinguishing agent?
Question652: As compared to understanding an organization's IT process from evidence directly collected, how valuable are prior audit reports as evidence?
Question653: Which of the following is penetration test where the penetration tester is provided with limited or no knowledge of the target's information systems?
Question654: When two or more systems are integrated, input/output controls must be reviewed by an IS auditor in the:
Question655: Which of the following PBX feature allows a PBX to be configured so that incoming calls are distributed to the next available agent or placed on-hold until one become available?
Question656: Sending a message and a message hash encrypted by the sender's private key will ensure:
Question657: A control that detects transmission errors by appending calculated bits onto the end of each segment of data is known as a:
Question658: A company uses a bank to process its weekly payroll. Time sheets and payroll adjustment forms (e.g., hourly rate changes, terminations) are completed and delivered to the bank, which prepares checks (cheques) and reports for distribution. To BEST ensure payroll data accuracy:
Question659: Run-to-run totals can verify data through which stage(s) of application processing?
Question660: What type of fire-suppression system suppresses fire via water that is released from a main valve to be delivered via a system of dry pipes installed throughout the facilities?
Question661: A malicious code that changes itself with each file it infects is called a:
Question662: A LAN administrator normally would be restricted from:
Question663: What would an IS auditor expect to find in the console log?
Question664: A data administrator is responsible for:
Question665: In computer forensic which of the following describe the process that converts the information extracted into a format that can be understood by investigator?
Question666: Which of the following forms of evidence for the auditor would be considered the MOST reliable?
Question667: How often should a Business Continuity Plan be reviewed?
Question668: What is the MOST effective method of preventing unauthorized use of data files?
Question669: The PRIMARY reason for using digital signatures is to ensure data:
Question670: Which of the following can degrade network performance?
Question671: If a programmer has update access to a live system, IS auditors are more concerned with the programmer's ability to initiate or modify transactions and the ability to access production than with the programmer's ability to authorize transactions. True or false?
Question672: An organization having a number of offices across a wide geographical area has developed a disaster recovery plan (DRP). Using actual resources, which of the following is the MOST cost-effective test of the DRP?
Question673: An organization's IS audit charter should specify the:
Question674: What type of risk is associated with authorized program exits (trap doors)?
Question675: In transport mode, the use of the Encapsulating Security Payload (ESP) protocol is advantageous over the Authentication Header (AH) protocol because it provides:
Question676: What method might an IS auditor utilize to test wireless security at branch office locations?
Question677: In planning an audit, the MOST critical step is the identification of the:
Question678: Which of the following functionality is NOT supported by SSL protocol?
Question679: Which of the following is a program evaluation review technique that considers different scenarios for planning and control projects?
Question680: When reviewing an implementation of a VoIP system over a corporate WAN, an IS auditor should expect to find:
Question681: A database administrator has detected a performance problem with some tables which could be solved through denormalization. This situation will increase the risk of:
Question682: What are used as a countermeasure for potential database corruption when two processes attempt to simultaneously edit or update the same information?
Question683: Using the OSI reference model, what layer(s) is/are used to encrypt data?
Question684: Which of the following best characterizes "worms"?
Question685: An off-site processing facility should be easily identifiable externally because easy identification helps ensure smoother recovery. True or false?
Question686: What topology provides the greatest redundancy of routes and the greatest network fault tolerance?
Question687: The purpose of business continuity planning and disaster-recovery planning is to:
Question688: Who is responsible for providing adequate physical and logical security for IS program, data and equipment?
Question689: Which of the following statement INCORRECTLY describes anti-malware?
Question690: When auditing third-party service providers, an IS auditor should be concerned with which of the following?
Question691: The GREATEST advantage of using web services for the exchange of information between two systems is:
Question692: After installing a network, an organization installed a vulnerability assessment tool or security scanner to identify possible weaknesses. Which is the MOST serious risk associated with such tools?
Question693: Most access violations are:
Question694: The traditional role of an IS auditor in a control self-assessment (CSA) should be that of a(n):
Question695: Which of the following would provide the highest degree of server access control?
Question696: Who is responsible for the overall direction, costs, and timetables for systems-development projects?
Question697: From a risk management point of view, the BEST approach when implementing a large and complex IT infrastructure is:
Question698: Which of the following would be the BEST access control procedure?
Question699: The PRIMARY objective of performing a postincident review is that it presents an opportunity to:
Question700: An advantage of using sanitized live transactions in test data is that:
Question701: Functionality is a characteristic associated with evaluating the quality of software products throughout their life cycle, and is BEST described as the set of attributes that bear on the:
Question702: Which of the following is the protocol data unit (PDU) of application layer in TCP/IP model?
Question703: An IS auditor observes a weakness in the tape management system at a data center in that some parameters are set to bypass or ignore tape header records. Which of the following is the MOST effective compensating control for this weakness?
Question704: Proper segregation of duties normally does not prohibit a LAN administrator from also having programming responsibilities. True or false?
Question705: Business units are concerned about the performance of a newly implemented system. Which of the following should an IS auditor recommend?
Question706: Which of the following protocol is PRIMARILY used to provide confidentiality in a web based application thus protecting data sent across a client machine and a server?
Question707: Which of the following statement INCORRECTLY describes packet switching technique?
Question708: Which of the following is a form of Hybrid Cryptography where the sender encrypts the bulk of the data using Symmetric Key cryptography and then communicates securely a copy of the session key to the receiver?
Question709: A clerk changed the interest rate for a loan on a master file. The rate entered is outside the normal range for such a loan. Which of the following controls is MOST effective in providing reasonable assurance that the change was authorized?
Question710: Establishing data ownership is an important first step for which of the following processes?
Question711: When participating in a systems-development project, an IS auditor should focus on system controls rather than ensuring that adequate and complete documentation exists for all projects. True or false?
Question712: Structured programming is BEST described as a technique that:
Question713: If an IS auditor observes that an IS department fails to use formal documented methodologies, policies, and standards, what should the auditor do?
Question714: Which of the following is NOT a disadvantage of Single Sign On (SSO)?
Question715: Which of the following protocol is used for electronic mail service?
Question716: Who is primarily responsible for storing and safeguarding the data?
Question717: When reviewing an organization's logical access security, which of the following should be of MOST concern to an IS auditor?
Question718: Which of the following would be considered an essential feature of a network management system?
Question719: Normally, it would be essential to involve which of the following stakeholders in the initiation stage of a project?
Question720: What can be implemented to provide the highest level of protection from external attack?
Question721: Which of the following protocol uses serial interface for communication between two computers in WAN technology?
Question722: Which of the following is an implementation risk within the process of decision support systems?
Question723: Which of the following can help detect transmission errors by appending specially calculated bits onto the end of each segment of data?
Question724: What are used as the framework for developing logical access controls?
Question725: The PRIMARY objective of a logical access control review is to:
Question726: The extent to which data will be collected during an IS audit should be determined based on the:
Question727: Which of the following type of lock uses a magnetic or embedded chip based plastic card key or token entered into a sensor/reader to gain access?
Question728: A transaction journal provides the information necessary for detecting unauthorized ___________ (fill in the blank) from a terminal.
Question729: When should reviewing an audit client's business plan be performed relative to reviewing an organization's IT strategic plan?
Question730: An IS auditor who has discovered unauthorized transactions during a review of EDI transactions is likely to recommend improving the:
Question731: In a public key infrastructure, a registration authority:
Question732: In auditing a web server, an IS auditor should be concerned about the risk of individuals gaining unauthorized access to confidential information through:
Question733: When performing an audit of a client relationship management (CRM) system migration project, which of the following should be of GREATEST concern to an IS auditor?
Question734: Which of the following provides the BEST single-factor authentication?
Question735: Which of the following provides the framework for designing and developing logical access controls?
Question736: Which of the following is the INCORRECT "layer - protocol data unit (PDU)" mapping within the TCP/IP model?
Question737: Which of the following attack involves sending forged ICMP Echo Request packets to the broadcast address on multiple gateways in order to illicit responses from the computers behind the gateway where they all respond back with ICMP Echo Reply packets to the source IP address of the ICMP Echo Request packets?
Question738: A company undertakes a business process reengineering (BPR) project in support of a new and direct marketing approach to its customers. Which of the following would be an IS auditor's main concern about the new process?
Question739: When should application controls be considered within the system-development process?
Question740: To protect a VoIP infrastructure against a denial-of-service (DoS) attack, it is MOST important to secure the:
Question741: When developing a risk-based audit strategy, an IS auditor conduct a risk assessment to ensure that:
Question742: When reviewing procedures for emergency changes to programs, the IS auditor should verify that the procedures:
Question743: Which of the following is a good control for protecting confidential data residing on a PC?
Question744: Active radio frequency ID (RFID) tags are subject to which of the following exposures?
Question745: Of the three major types of off-site processing facilities, what type is often an acceptable solution for preparing for recovery of noncritical systems and data?
Question746: What is often the most difficult part of initial efforts in application development?
Question747: The computer security incident response team (CSIRT) of an organization disseminates detailed descriptions of recent threats. An IS auditor's GREATEST concern should be that the users might:
Question748: What benefit does using capacity-monitoring software to monitor usage patterns and trends provide to management?
Question749: An IS auditor should carefully review the functional requirements in a system-development project to ensure that the project is designed to:
Question750: Although BCP and DRP are often implemented and tested by middle management and end users, the ultimate responsibility and accountability for the plans remain with executive management, such as the
_______________________. (fill-in-the-blank)
Question751: How is risk affected if users have direct access to a database at the system level?
Question752: Which of the following would be an indicator of the effectiveness of a computer security incident response team?
Question753: Mitigating the risk and impact of a disaster or business interruption usually takes priority over transference of risk to a third party such as an insurer. True or false?
Question754: Which of the following would MOST effectively reduce social engineering incidents?
Question755: Which of the following term related to network performance refers to the number of corrupted bits expressed as a percentage or fraction of the total sent?
Question756: Which of the following is MOST is critical during the business impact assessment phase of business continuity planning?
Question757: Which of the following are effective in detecting fraud because they have the capability to consider a large number of variables when trying to resolve a problem?
Question758: An IS auditor usually places more reliance on evidence directly collected. What is an example of such evidence?
Question759: An information security policy stating that 'the display of passwords must be masked or suppressed' addresses which of the following attack methods?
Question760: What increases encryption overhead and cost the most?
Question761: Which of the following will prevent dangling tuples in a database?
Question762: Which of the following encryption techniques will BEST protect a wireless network from a man-in-the- middle attack?
Question763: Which of the following biometrics methods provides the HIGHEST accuracy and is LEAST accepted by users?
Question764: Ideally, stress testing should be carried out in a:
Question765: The reliability of an application system's audit trail may be questionable if:
Question766: An IS auditor reviewing an accounts payable system discovers that audit logs are not being reviewed.
When this issue is raised with management the response is that additional controls are not necessary because effective system access controls are in place. The BEST response the auditor can make is to:
Question767: In an online transaction processing system, data integrity is maintained by ensuring that a transaction is either completed in its entirety or not at all. This principle of data integrity is known as:
Question768: A web server is attacked and compromised. Which of the following should be performed FIRST to handle the incident?
Question769: Which of the following should be of PRIMARY concern to an IS auditor reviewing the management of external IT service providers?
Question770: Which of the following is a passive attack to a network?