Question 1

What permissions are granted to a Creator role?

Accepted Answer

Someone assigned the role of creator has permission to make changes to the system, create files, download and upload files, and edit files.

Question 2

Which of the following statements about COBIT 2019 is TRUE?

Accepted Answer

A)  COBIT is an open-source model that has an online platform for feedback. 
B)  COBIT is a part of the COSO Internal Controls 
C)  COBIT focuses on addressing risk from a strategic perspective. 
D)  COBIT has a control scope that encompasses all internal controls. 
A)  COBIT is an open-source model that has an online platform for feedback. 
B)  COBIT is a part of the COSO Internal Controls 
C)  COBIT focuses on addressing risk from a strategic perspective. 
D)  COBIT has a control scope that encompasses all internal controls. D

Question 3

Which of the following COBIT 2019 management IT objectives includes topics that would help an organization define compliance with external requirements, performance monitoring, and a system of internal control?

Accepted Answer

A)  Align, Plan and Organize (APO) 
B)  Build, Acquire and Implement (BAI) 
C)  Deliver, Service and Support (DSS) 
D)  Monitor, Evaluate and Assess (ME
A)  
A)  Align, Plan and Organize (APO) 
B)  Build, Acquire and Implement (BAI) 
C)  Deliver, Service and Support (DSS) 
D)  Monitor, Evaluate and Assess (ME
A)  D

Question 4

In what ways do climate control systems protect computer system components in a network operations center (NOC)?

Accepted Answer

A)  Climate control systems keep NOCs cool. 
B)  Climate control systems remove humidity in the NOC to prevent moisture damage. 
C)  Climate control systems prevent NOC components from overheating. 
D)  All answer choices are correct. 
A)  Climate control systems keep NOCs cool. 
B)  Climate control systems remove humidity in the NOC to prevent moisture damage. 
C)  Climate control systems prevent NOC components from overheating. 
D)  All answer choices are correct.

Question 5

An emergency change request bypasses which stage of the change management process?

Accepted Answer

A)  Test 
B)  Sandbox 
C)  Model 
D)  Production 
A)  Test 
B)  Sandbox 
C)  Model 
D)  Production

Question 6

What kind of security method can help prevent against piggybacking?

Accepted Answer

A)  User name and password 
B)  Fingerprint scanner 
C)  Locked door 
D)  Man-in-the-middle trap 
A)  User name and password 
B)  Fingerprint scanner 
C)  Locked door 
D)  Man-in-the-middle trap

Question 7

COBIT 2019 controls are organized into five domains that are divided into what two categories based on their objectives?

Accepted Answer

A)  Internal and external 
B)  Organization and implementation 
C)  Governance and management 
D)  Management and assessment 
A)  Internal and external 
B)  Organization and implementation 
C)  Governance and management 
D)  Management and assessment

Question 8

Which of the following backup sites is the most expensive but has the fastest recovery speed?

Accepted Answer

A)  Hot backup site 
B)  Warm backup site 
C)  Cold backup site 
D)  Frozen backup site 
A)  Hot backup site 
B)  Warm backup site 
C)  Cold backup site 
D)  Frozen backup site

Question 9

The Cardinal Company is considering a backup site for their organization. Explain to Cardinal management the major differences between a hot and warm backup site.

Accepted Answer

A hot backup site is more expensive to s

Question 10

Which of the following statements about the COBIT 2019 IT governance domain, Evaluate, Direct and Monitor (EDM) is TRUE?

Accepted Answer

A)  EDM relates to the operational side of IT projects and support. 
B)  EDM focuses on whether IT projects are meeting organizational objectives. 
C)  EDM assesses IT requirements for acquiring technology. 
D)  EDM states that the board of directors must assess needs and provide oversight. 
A)  EDM relates to the operational side of IT projects and support. 
B)  EDM focuses on whether IT projects are meeting organizational objectives. 
C)  EDM assesses IT requirements for acquiring technology. 
D)  EDM states that the board of directors must assess needs and provide oversight.

Question 11

What physical location is used to recover systems and data after a disaster?

Accepted Answer

A)  Data center 
B)  Backup site 
C)  Recovery center 
D)  Strategy site 
A)  Data center 
B)  Backup site 
C)  Recovery center 
D)  Strategy site

Question 12

What elements of IT are IT general controls (ITGCs) designed to protect? Select all that apply.

Accepted Answer

A)  Structure 
B)  Components 
C)  Data 
D)  Risk 
A)  Structure 
B)  Components 
C)  Data 
D)  Risk

Question 13

Use what you have learned about how to protect the inside environment of a data center to describe how you would protect the center from fire damage.

Accepted Answer

To protect a data center from fire, it s

Question 14

Controlled access to data centers often includes multifactor authentication to mitigate the high risk to the equipment that is powering the business. An increased security measure used at very high security data centers is a man-in-the-middle trap. What kind of risk does the trap prevent?

Accepted Answer

A)  Wind damage 
B)  Piggybacking 
C)  Provisioning 
D)  Flood damage 
A)  Wind damage 
B)  Piggybacking 
C)  Provisioning 
D)  Flood damage

Question 15

The objectives of which COBIT domain include frameworks, resource optimization, and being transparent with stakeholders?

Accepted Answer

A)  Align, Plan and Organize (APO) 
B)  Build, Acquire and Implement (BAI) 
C)  Deliver, Service and Support (DSS) 
D)  Evaluate, Direct, and Monitor (EDM) 
A)  Align, Plan and Organize (APO) 
B)  Build, Acquire and Implement (BAI) 
C)  Deliver, Service and Support (DSS) 
D)  Evaluate, Direct, and Monitor (EDM)

Question 16

Unauthorized or incorrectly executed changes to a system may result in what kind of risk?

Accepted Answer

A)  Incongruency with users 
B)  Incongruency of prioritization 
C)  Internal code irregularities 
D)  Internal fraud 
A)  Incongruency with users 
B)  Incongruency of prioritization 
C)  Internal code irregularities 
D)  Internal fraud

Question 17

What determines when data is being stored during data back?

Accepted Answer

A)  Backup cycle 
B)  Backup time 
C)  Backup calendar 
D)  Backup event 
A)  Backup cycle 
B)  Backup time 
C)  Backup calendar 
D)  Backup event

Question 18

Which user has access to all three change management environments?

Accepted Answer

A)  Developer 
B)  IT Analyst 
C)  Production control 
D)  No user has access to all environments. 
A)  Developer 
B)  IT Analyst 
C)  Production control 
D)  No user has access to all environments.

Question 19

The Griffin Academy board approved a major change to the method for tuition calculation that will require a system change. A board member calls Julia, a developer in the IT department at Griffin, and requests that she make the change and implement the change immediately. If Jane does as she is told by the board member and does not put the change through the change management process, what kind of risk potential exists for Griffin?

Accepted Answer

A)  The change could contain code that miscalculates tuition and costs the company money. 
B)  The change could contain code that opens Griffin up for the potential for fraud. 
C)  The change could contain code that opens student data for inappropriate access. 
D)  All of these risk statements are correct and avoidable using a change management process. 
A)  The change could contain code that miscalculates tuition and costs the company money. 
B)  The change could contain code that opens Griffin up for the potential for fraud. 
C)  The change could contain code that opens student data for inappropriate access. 
D)  All of these risk statements are correct and avoidable using a change management process.

Question 20

Which type of authorization uses groups with pre-defined permissions to which users are assigned?

Accepted Answer

A)  Permission roles 
B)  User access roles 
C)  Creator roles 
D)  Read-only roles 
A)  Permission roles 
B)  User access roles 
C)  Creator roles 
D)  Read-only roles

What permissions are granted to a Creator role?

Which of the following statements about COBIT 2019 is TRUE?

Which of the following COBIT 2019 management IT objectives includes topics that would help an organization define compliance with external requirements, performance monitoring, and a system of internal control?

In what ways do climate control systems protect computer system components in a network operations center (NOC)?

An emergency change request bypasses which stage of the change management process?

What kind of security method can help prevent against piggybacking?

COBIT 2019 controls are organized into five domains that are divided into what two categories based on their objectives?

Which of the following backup sites is the most expensive but has the fastest recovery speed?

The Cardinal Company is considering a backup site for their organization. Explain to Cardinal management the major differences between a hot and warm backup site.

Which of the following statements about the COBIT 2019 IT governance domain, Evaluate, Direct and Monitor (EDM) is TRUE?

What physical location is used to recover systems and data after a disaster?

What elements of IT are IT general controls (ITGCs) designed to protect? Select all that apply.

Use what you have learned about how to protect the inside environment of a data center to describe how you would protect the center from fire damage.

Controlled access to data centers often includes multifactor authentication to mitigate the high risk to the equipment that is powering the business. An increased security measure used at very high security data centers is a man-in-the-middle trap. What kind of risk does the trap prevent?

The objectives of which COBIT domain include frameworks, resource optimization, and being transparent with stakeholders?

Unauthorized or incorrectly executed changes to a system may result in what kind of risk?

What determines when data is being stored during data back?

Which user has access to all three change management environments?

Which type of authorization uses groups with pre-defined permissions to which users are assigned?

Accounting As Information

Risks and Risk Assessments

Risk Management and Internal Controls

Software and Systems

Data Storage and Analysis

Systems and Database Design

Emerging and Disruptive Technologies

Documenting Systems and Processes

Human Resources and Payroll Processes

Purchasing and Payments Process

Conversion Processes

Marketing, Sales, and Collection Processes

Financial Reporting Processes

Fraud

Cybersecurity

Data Analytics

Data Visualization

Audit Assurance

Filters

Exam 14: Information Systems and Controls

What permissions are granted to a Creator role?

Which of the following statements about COBIT 2019 is TRUE?

Which of the following COBIT 2019 management IT objectives includes topics that would help an organization define compliance with external requirements, performance monitoring, and a system of internal control?

In what ways do climate control systems protect computer system components in a network operations center (NOC)?

An emergency change request bypasses which stage of the change management process?

What kind of security method can help prevent against piggybacking?

COBIT 2019 controls are organized into five domains that are divided into what two categories based on their objectives?

Which of the following backup sites is the most expensive but has the fastest recovery speed?

The Cardinal Company is considering a backup site for their organization. Explain to Cardinal management the major differences between a hot and warm backup site.

Which of the following statements about the COBIT 2019 IT governance domain, Evaluate, Direct and Monitor (EDM) is TRUE?

What physical location is used to recover systems and data after a disaster?

What elements of IT are IT general controls (ITGCs) designed to protect? Select all that apply.

Use what you have learned about how to protect the inside environment of a data center to describe how you would protect the center from fire damage.

Controlled access to data centers often includes multifactor authentication to mitigate the high risk to the equipment that is powering the business. An increased security measure used at very high security data centers is a man-in-the-middle trap. What kind of risk does the trap prevent?

The objectives of which COBIT domain include frameworks, resource optimization, and being transparent with stakeholders?

Unauthorized or incorrectly executed changes to a system may result in what kind of risk?

What determines when data is being stored during data back?

Which user has access to all three change management environments?

Which type of authorization uses groups with pre-defined permissions to which users are assigned?

Accounting As Information

Risks and Risk Assessments

Risk Management and Internal Controls

Software and Systems

Data Storage and Analysis

Systems and Database Design

Emerging and Disruptive Technologies

Documenting Systems and Processes

Human Resources and Payroll Processes

Purchasing and Payments Process

Conversion Processes

Marketing, Sales, and Collection Processes

Financial Reporting Processes

Fraud

Cybersecurity

Data Analytics

Data Visualization

Audit Assurance

Filters