Question 1

HTML

Accepted Answer

A)  is the document format used to produce Web pages. 
B)  controls Web browsers that access the Web. 
C)  is used to connect to Usenet groups on the Internet. 
D)  is used to transfer text files, programs, spreadsheets, and databases across the Internet. 
E)  is a low-level encryption scheme used to secure transmissions in higher-level () format. 
A)  is the document format used to produce Web pages. 
B)  controls Web browsers that access the Web. 
C)  is used to connect to Usenet groups on the Internet. 
D)  is used to transfer text files, programs, spreadsheets, and databases across the Internet. 
E)  is a low-level encryption scheme used to secure transmissions in higher-level () format.

Question 2

List three methods of controlling unauthorized access to telecommunication messages.

Accepted Answer

call-back devices, data encryp

Question 3

Discuss three techniques for breaching operating system controls.

Accepted Answer

Browsing involves searching through area

Question 4

Packet switching

Accepted Answer

A)  combines the messages of multiple users into one packet for transmission. At the receiving end, the packet is disassembled into the individual messages and distributed to the intended users. 
B)  is a method for partitioning a database into packets for easy access where no identifiable primary user exists in the organization. 
C)  is used to establish temporary connections between network devices for the duration of a communication session. 
D)  is a denial of service technique that disassembles various incoming messages to targeted users into small packages and then reassembles them in random order to create a useless garbled message. 
A)  combines the messages of multiple users into one packet for transmission. At the receiving end, the packet is disassembled into the individual messages and distributed to the intended users. 
B)  is a method for partitioning a database into packets for easy access where no identifiable primary user exists in the organization. 
C)  is used to establish temporary connections between network devices for the duration of a communication session. 
D)  is a denial of service technique that disassembles various incoming messages to targeted users into small packages and then reassembles them in random order to create a useless garbled message.

Question 5

Electronic data interchange translation software interfaces with the sending firm and the value added network.

Accepted Answer

A) True 
 B)False

Question 6

A star topology is appropriate

Accepted Answer

A)  for a wide area network with a mainframe for a central computer 
B)  for centralized databases only 
C)  for environments where network nodes routinely communicate with each other 
D)  when the central database does not have to be concurrent with the nodes 
A)  for a wide area network with a mainframe for a central computer 
B)  for centralized databases only 
C)  for environments where network nodes routinely communicate with each other 
D)  when the central database does not have to be concurrent with the nodes

Question 7

Discuss the private key encryption technique and its shortcomings.

Accepted Answer

To encode a message, the sender provides

Question 8

Electronic data interchange customers may be given access to the vendor's data files.

Accepted Answer

A) True 
 B)False

Question 9

Which method is most likely to detect unauthorized access to the system?

Accepted Answer

A)  message transaction log 
B)  data encryption standard 
C)  vertical parity check 
D)  request-response technique 
A)  message transaction log 
B)  data encryption standard 
C)  vertical parity check 
D)  request-response technique

Question 10

To preserve audit trails in a computerized environment, transaction logs are permanent records of transactions.

Accepted Answer

A) True 
 B)False

Question 11

Which control will not reduce the likelihood of data loss due to a line error?

Accepted Answer

A)  echo check 
B)  encryption 
C)  vertical parity bit 
D)  horizontal parity bit 
A)  echo check 
B)  encryption 
C)  vertical parity bit 
D)  horizontal parity bit

Question 12

A value added network can detect and reject transactions by unauthorized trading partners.

Accepted Answer

A) True 
 B)False

Question 13

Audit objectives for communications controls include all of the following except

Accepted Answer

A)  detection and correction of message loss due to equipment failure 
B)  prevention and detection of illegal access to communication channels 
C)  procedures that render intercepted messages useless 
D)  all of the above 
A)  detection and correction of message loss due to equipment failure 
B)  prevention and detection of illegal access to communication channels 
C)  procedures that render intercepted messages useless 
D)  all of the above

Question 14

The network paradox is that networks exist to provide user access to shared resources while one of its most important objectives is to control access.

Accepted Answer

A) True 
 B)False

Question 15

In a computerized environment, the audit trail log must be printed onto paper documents.

Accepted Answer

A) True 
 B)False

Question 16

Explain a distributed denial of service attack.

Accepted Answer

A distributed denial of service (DDoS) a

Question 17

Network protocols fulfill all of the following objectives except

Accepted Answer

A)  facilitate physical connection between network devices 
B)  provide a basis for error checking and measuring network performance 
C)  promote compatibility among network devices 
D)  result in inflexible standards 
A)  facilitate physical connection between network devices 
B)  provide a basis for error checking and measuring network performance 
C)  promote compatibility among network devices 
D)  result in inflexible standards

Question 18

The more individuals that need to exchange encrypted data, the greater the chance that the key will become known to an intruder. To overcome this problem, private key encryption was devised.

Accepted Answer

A) True 
 B)False

Question 19

Contrast a LAN and a WAN. Typically, who owns and maintains a WAN?

Accepted Answer

A LAN is a local area network covering a

Question 20

What are the three security objectives of audit trails? Explain.

Accepted Answer

Audit trails support system security obj

HTML

List three methods of controlling unauthorized access to telecommunication messages.

Discuss three techniques for breaching operating system controls.

Packet switching

Electronic data interchange translation software interfaces with the sending firm and the value added network.

A star topology is appropriate

Discuss the private key encryption technique and its shortcomings.

Electronic data interchange customers may be given access to the vendor's data files.

Which method is most likely to detect unauthorized access to the system?

To preserve audit trails in a computerized environment, transaction logs are permanent records of transactions.

Which control will not reduce the likelihood of data loss due to a line error?

A value added network can detect and reject transactions by unauthorized trading partners.

Audit objectives for communications controls include all of the following except

The network paradox is that networks exist to provide user access to shared resources while one of its most important objectives is to control access.

In a computerized environment, the audit trail log must be printed onto paper documents.

Explain a distributed denial of service attack.

Network protocols fulfill all of the following objectives except

The more individuals that need to exchange encrypted data, the greater the chance that the key will become known to an intruder. To overcome this problem, private key encryption was devised.

Contrast a LAN and a WAN. Typically, who owns and maintains a WAN?

What are the three security objectives of audit trails? Explain.

Auditing and Internal Control

Auditing IT Governance Controls

Auditing Database Systems

Systems Development and Program Change Activities

Transaction Processing and Financial Reporting Systems Overview

Computer Assisted Audit Tools and Techniques

Data Structures and Caatts for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Enterprise Resource Planning Systems

Business Ethics, Fraud, and Fraud Detection

Filters

Exam 3: Auditing Operating Systems and Networks

HTML

List three methods of controlling unauthorized access to telecommunication messages.

Discuss three techniques for breaching operating system controls.

Packet switching

Electronic data interchange translation software interfaces with the sending firm and the value added network.

A star topology is appropriate

Discuss the private key encryption technique and its shortcomings.

Electronic data interchange customers may be given access to the vendor's data files.

Which method is most likely to detect unauthorized access to the system?

To preserve audit trails in a computerized environment, transaction logs are permanent records of transactions.

Which control will not reduce the likelihood of data loss due to a line error?

A value added network can detect and reject transactions by unauthorized trading partners.

Audit objectives for communications controls include all of the following except

The network paradox is that networks exist to provide user access to shared resources while one of its most important objectives is to control access.

In a computerized environment, the audit trail log must be printed onto paper documents.

Explain a distributed denial of service attack.

Network protocols fulfill all of the following objectives except

The more individuals that need to exchange encrypted data, the greater the chance that the key will become known to an intruder. To overcome this problem, private key encryption was devised.

Contrast a LAN and a WAN. Typically, who owns and maintains a WAN?

What are the three security objectives of audit trails? Explain.

Auditing and Internal Control

Auditing IT Governance Controls

Auditing Database Systems

Systems Development and Program Change Activities

Transaction Processing and Financial Reporting Systems Overview

Computer Assisted Audit Tools and Techniques

Data Structures and Caatts for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Enterprise Resource Planning Systems

Business Ethics, Fraud, and Fraud Detection

Filters