Question 1

A recovery module suspends all data processing while the system reconciles its journal files against the database.

Accepted Answer

A) True 
 B)False

Question 2

In determining whether a system is adequately protected from attacks by computer viruses,all of the following policies are relevant except

Accepted Answer

A)  the policy on the purchase of software only from reputable vendors 
B)  the policy that all software upgrades are checked for viruses before they are implemented 
C)  the policy that current versions of antivirus software should be available to all users 
D)  the policy that permits users to take files home to work on them 
A)  the policy on the purchase of software only from reputable vendors 
B)  the policy that all software upgrades are checked for viruses before they are implemented 
C)  the policy that current versions of antivirus software should be available to all users 
D)  the policy that permits users to take files home to work on them

Question 3

Discuss three techniques for breaching operating system controls.

Accepted Answer

Browsing involves searching through area

Question 4

Which of the following deal with transaction legitimacy?

Accepted Answer

A)  transaction authorization and validation 
B)  access controls 
C)  EDI audit trail 
D)  all of the above 
A)  transaction authorization and validation 
B)  access controls 
C)  EDI audit trail 
D)  all of the above

Question 5

In an electronic data interchange environment,customers routinely access

Accepted Answer

A)  the vendor's price list file 
B)  the vendor's accounts payable file 
C)  the vendor's open purchase order file 
D)  none of the above 
A)  the vendor's price list file 
B)  the vendor's accounts payable file 
C)  the vendor's open purchase order file 
D)  none of the above

Question 6

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

Accepted Answer

compare job descriptions with authority

Question 7

Disguising message packets to look as if they came from another user and to gain access to the host's network is called spooling.

Accepted Answer

A) True 
 B)False

Question 8

Audit objectives for communications controls include all of the following except

Accepted Answer

A)  detection and correction of message loss due to equipment failure 
B)  prevention and detection of illegal access to communication channels 
C)  procedures that render intercepted messages useless 
D)  all of the above 
A)  detection and correction of message loss due to equipment failure 
B)  prevention and detection of illegal access to communication channels 
C)  procedures that render intercepted messages useless 
D)  all of the above

Question 9

Transmitting numerous SYN packets to a targeted receiver,but NOT responding to an ACK,is

Accepted Answer

A)  a smurf attack. 
B)  IP Spoofing. 
C)  an ACK echo attack 
D)  a ping attack. 
E)  none of the above 
A)  a smurf attack. 
B)  IP Spoofing. 
C)  an ACK echo attack 
D)  a ping attack. 
E)  none of the above

Question 10

Describe two ways that passwords are used to authorize and validate messages in the electronic data interchange environment.

Accepted Answer

value-added networks use passwords to de

Question 11

What are the three security objectives of audit trails? Explain.

Accepted Answer

Audit trails support system security obj

Question 12

Which of the following is not a basic database backup and recovery feature?

Accepted Answer

A)  checkpoint 
B)  backup database 
C)  transaction log 
D)  database authority table 
A)  checkpoint 
B)  backup database 
C)  transaction log 
D)  database authority table

Question 13

Audit trails in computerized systems are comprised of two types of audit logs: detailed logs of individual keystrokes and event-oriented logs.

Accepted Answer

A) True 
 B)False

Question 14

In an electronic data interchange environment,the audit trail

Accepted Answer

A)  is a printout of all incoming and outgoing transactions 
B)  is an electronic log of all transactions received, translated, and processed by the system 
C)  is a computer resource authority table 
D)  consists of pointers and indexes within the database 
A)  is a printout of all incoming and outgoing transactions 
B)  is an electronic log of all transactions received, translated, and processed by the system 
C)  is a computer resource authority table 
D)  consists of pointers and indexes within the database

Question 15

A formal log-on procedure is the operating system's first line of defense.Explain how this works.

Accepted Answer

When the user logs on,he or she is prese

Question 16

What is a virus?

Accepted Answer

A virus is a program that atta

A recovery module suspends all data processing while the system reconciles its journal files against the database.

In determining whether a system is adequately protected from attacks by computer viruses,all of the following policies are relevant except

Discuss three techniques for breaching operating system controls.

Which of the following deal with transaction legitimacy?

In an electronic data interchange environment,customers routinely access

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

Disguising message packets to look as if they came from another user and to gain access to the host's network is called spooling.

Audit objectives for communications controls include all of the following except

Transmitting numerous SYN packets to a targeted receiver,but NOT responding to an ACK,is

Describe two ways that passwords are used to authorize and validate messages in the electronic data interchange environment.

What are the three security objectives of audit trails? Explain.

Which of the following is not a basic database backup and recovery feature?

Audit trails in computerized systems are comprised of two types of audit logs: detailed logs of individual keystrokes and event-oriented logs.

In an electronic data interchange environment,the audit trail

A formal log-on procedure is the operating system's first line of defense.Explain how this works.

What is a virus?

The Information System: An Accountant’s Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

General Ledger, Financial Reporting, and Management Reporting Systems

Database Management Systems

The REA Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls : Sarbanes-Oxley and IT Governance

IT Controls : Systems Development Program Changes and Application Controls

Filters

Exam 16: IT Controls : Security and Access

A recovery module suspends all data processing while the system reconciles its journal files against the database.

In determining whether a system is adequately protected from attacks by computer viruses,all of the following policies are relevant except

Discuss three techniques for breaching operating system controls.

Which of the following deal with transaction legitimacy?

In an electronic data interchange environment,customers routinely access

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

Disguising message packets to look as if they came from another user and to gain access to the host's network is called spooling.

Audit objectives for communications controls include all of the following except

Transmitting numerous SYN packets to a targeted receiver,but NOT responding to an ACK,is

Describe two ways that passwords are used to authorize and validate messages in the electronic data interchange environment.

What are the three security objectives of audit trails? Explain.

Which of the following is not a basic database backup and recovery feature?

Audit trails in computerized systems are comprised of two types of audit logs: detailed logs of individual keystrokes and event-oriented logs.

In an electronic data interchange environment,the audit trail

A formal log-on procedure is the operating system's first line of defense.Explain how this works.

What is a virus?

The Information System: An Accountant’s Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

General Ledger, Financial Reporting, and Management Reporting Systems

Database Management Systems

The REA Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls : Sarbanes-Oxley and IT Governance

IT Controls : Systems Development Program Changes and Application Controls

Filters