Question 1

What is an operating system? What does it do? What are operating system control objectives?

Accepted Answer

An operating system is a computer's control program.It controls user sharing of applications and resources such as processors,memory,databases,and peripherals such as printers.Common PC operating systems include Windows 2000,Windows NT,and Linux.
An operating system carries out three primary functions: translating high level languages into machine language using modules called compilers and interpreters;allocating computer resources to users,workgroups,and applications;and managing job scheduling and multiprogramming.Operating systems have five basic control objectives:
1.to protect itself from users,
2.to protect users from each other,
3.to protect users from themselves,
4.to protect it from itself,and
5.to protect itself from its environment.

Question 2

Which of the following is not an access control in a database system?

Accepted Answer

A)  antivirus software 
B)  database authorization table 
C)  passwords 
D)  voice prints 
A)  antivirus software 
B)  database authorization table 
C)  passwords 
D)  voice prints A

Question 3

A value added network can detect and reject transactions by unauthorized trading partners.

Accepted Answer

A) True 
 B)False  True

Question 4

In an electronic data interchange (EDI)environment,when the auditor compares the terms of the trading partner agreement against the access privileges stated in the database authority table,the auditor is testing which audit objective?

Accepted Answer

A)  all EDI transactions are authorized 
B)  unauthorized trading partners cannot gain access to database records 
C)  authorized trading partners have access only to approved data 
D)  a complete audit trail is maintained 
A)  all EDI transactions are authorized 
B)  unauthorized trading partners cannot gain access to database records 
C)  authorized trading partners have access only to approved data 
D)  a complete audit trail is maintained

Question 5

Operating system controls are of interest to system professionals but should not concern accountants and auditors.

Accepted Answer

A) True 
 B)False

Question 6

The audit trail for electronic data interchange transactions is stored on magnetic media.

Accepted Answer

A) True 
 B)False

Question 7

List three methods of controlling unauthorized access to telecommunication messages.

Accepted Answer

call-back devices,data encrypt

Question 8

In an electronic data interchange environment,customers routinely

Accepted Answer

A)  access the vendor's accounts receivable file with read/write authority 
B)  access the vendor's price list file with read/write authority 
C)  access the vendor's inventory file with read-only authority 
D)  access the vendor's open purchase order file with read-only authority 
A)  access the vendor's accounts receivable file with read/write authority 
B)  access the vendor's price list file with read/write authority 
C)  access the vendor's inventory file with read-only authority 
D)  access the vendor's open purchase order file with read-only authority

Question 9

Viruses rarely attach themselves to executable files.

Accepted Answer

A) True 
 B)False

Question 10

All of the following will reduce the exposure to computer viruses except

Accepted Answer

A)  install antivirus software 
B)  install factory-sealed application software 
C)  assign and control user passwords 
D)  install public-domain software from reputable bulletin boards 
A)  install antivirus software 
B)  install factory-sealed application software 
C)  assign and control user passwords 
D)  install public-domain software from reputable bulletin boards

Question 11

All of the following are objectives of operating system control except

Accepted Answer

A)  protecting the OS from users 
B)  protesting users from each other 
C)  protecting users from themselves 
D)  protecting the environment from users 
A)  protecting the OS from users 
B)  protesting users from each other 
C)  protecting users from themselves 
D)  protecting the environment from users

Question 12

Which backup technique is most appropriate for sequential batch systems?

Accepted Answer

A)  grandparent-parent-child approach 
B)  staggered backup approach 
C)  direct backup 
D)  remote site, intermittent backup 
A)  grandparent-parent-child approach 
B)  staggered backup approach 
C)  direct backup 
D)  remote site, intermittent backup

Question 13

What is a user-defined procedure?

Accepted Answer

A user-defined procedure allows the user

Question 14

Which method will render useless data captured by unauthorized receivers?

Accepted Answer

A)  echo check 
B)  parity bit 
C)  public key encryption 
D)  message sequencing 
A)  echo check 
B)  parity bit 
C)  public key encryption 
D)  message sequencing

Question 15

Passwords are secret codes that users enter to gain access to systems.Security can be compromised by all of the following except

Accepted Answer

A)  failure to change passwords on a regular basis 
B)  using obscure passwords unknown to others 
C)  recording passwords in obvious places 
D)  selecting passwords that can be easily detected by computer criminals 
A)  failure to change passwords on a regular basis 
B)  using obscure passwords unknown to others 
C)  recording passwords in obvious places 
D)  selecting passwords that can be easily detected by computer criminals

Question 16

Audit objectives in the electronic data interchange (EDI)environment include all of the following except

Accepted Answer

A)  all EDI transactions are authorized 
B)  unauthorized trading partners cannot gain access to database records 
C)  a complete audit trail of EDI transactions is maintained 
D)  backup procedures are in place and functioning properly 
A)  all EDI transactions are authorized 
B)  unauthorized trading partners cannot gain access to database records 
C)  a complete audit trail of EDI transactions is maintained 
D)  backup procedures are in place and functioning properly

Question 17

Electronic data interchange customers may be given access to the vendor's data files.

Accepted Answer

A) True 
 B)False

Question 18

Operating system integrity is not of concern to accountants because only hardware risks are involved.

Accepted Answer

A) True 
 B)False

Question 19

What are biometric devices?

Accepted Answer

Biometric devices measure various person

Question 20

All of the following tests of controls will provide evidence that access to the data files is limited except

Accepted Answer

A)  inspecting biometric controls 
B)  reconciling program version numbers 
C)  comparing job descriptions with access privileges stored in the authority table 
D)  attempting to retrieve unauthorized data via inference queries 
A)  inspecting biometric controls 
B)  reconciling program version numbers 
C)  comparing job descriptions with access privileges stored in the authority table 
D)  attempting to retrieve unauthorized data via inference queries

What is an operating system? What does it do? What are operating system control objectives?

Which of the following is not an access control in a database system?

A value added network can detect and reject transactions by unauthorized trading partners.

In an electronic data interchange (EDI)environment,when the auditor compares the terms of the trading partner agreement against the access privileges stated in the database authority table,the auditor is testing which audit objective?

Operating system controls are of interest to system professionals but should not concern accountants and auditors.

The audit trail for electronic data interchange transactions is stored on magnetic media.

List three methods of controlling unauthorized access to telecommunication messages.

In an electronic data interchange environment,customers routinely

Viruses rarely attach themselves to executable files.

All of the following will reduce the exposure to computer viruses except

All of the following are objectives of operating system control except

Which backup technique is most appropriate for sequential batch systems?

What is a user-defined procedure?

Which method will render useless data captured by unauthorized receivers?

Passwords are secret codes that users enter to gain access to systems.Security can be compromised by all of the following except

Audit objectives in the electronic data interchange (EDI)environment include all of the following except

Electronic data interchange customers may be given access to the vendor's data files.

Operating system integrity is not of concern to accountants because only hardware risks are involved.

What are biometric devices?

All of the following tests of controls will provide evidence that access to the data files is limited except

The Information System: An Accountant’s Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

General Ledger, Financial Reporting, and Management Reporting Systems

Database Management Systems

The REA Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls : Sarbanes-Oxley and IT Governance

IT Controls : Systems Development Program Changes and Application Controls

Filters

Exam 16: IT Controls : Security and Access

What is an operating system? What does it do? What are operating system control objectives?

Which of the following is not an access control in a database system?

A value added network can detect and reject transactions by unauthorized trading partners.

In an electronic data interchange (EDI)environment,when the auditor compares the terms of the trading partner agreement against the access privileges stated in the database authority table,the auditor is testing which audit objective?

Operating system controls are of interest to system professionals but should not concern accountants and auditors.

The audit trail for electronic data interchange transactions is stored on magnetic media.

List three methods of controlling unauthorized access to telecommunication messages.

In an electronic data interchange environment,customers routinely

Viruses rarely attach themselves to executable files.

All of the following will reduce the exposure to computer viruses except

All of the following are objectives of operating system control except

Which backup technique is most appropriate for sequential batch systems?

What is a user-defined procedure?

Which method will render useless data captured by unauthorized receivers?

Passwords are secret codes that users enter to gain access to systems.Security can be compromised by all of the following except

Audit objectives in the electronic data interchange (EDI)environment include all of the following except

Electronic data interchange customers may be given access to the vendor's data files.

Operating system integrity is not of concern to accountants because only hardware risks are involved.

What are biometric devices?

All of the following tests of controls will provide evidence that access to the data files is limited except

The Information System: An Accountant’s Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

General Ledger, Financial Reporting, and Management Reporting Systems

Database Management Systems

The REA Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls : Sarbanes-Oxley and IT Governance

IT Controls : Systems Development Program Changes and Application Controls

Filters