Question 1

Electronic data interchange translation software interfaces with the sending firm and the value added network.

Accepted Answer

A) True 
 B)False  False

Question 2

What is a seal of assurance?

Accepted Answer

In response to consumer demand for evidence that a web-based business is trustworthy,a number of trusted third-party organizations are offering seals of assurance that businesses can display on their website home pages.To legitimately bear the seal,the company must show that it complies with certain business practices,capabilities,and controls.Examples of seal are: Better Business Bureau (BBB),TRUSTe,Veri-Sign,Inc.,International Computer Security Association (ICSA),AICPA/CICA WebTrust,and AICPA/CICA SysTrust.

Question 3

A bus topology is less costly to install than a ring topology.

Accepted Answer

A) True 
 B)False  True

Question 4

Operating system controls are of interest to system professionals but should not concern accountants and auditors.

Accepted Answer

A) True 
 B)False

Question 5

Which of the following is not a test of access controls?

Accepted Answer

A)  biometric controls 
B)  encryption controls 
C)  backup controls 
D)  inference controls 
A)  biometric controls 
B)  encryption controls 
C)  backup controls 
D)  inference controls

Question 6

Describe two ways that passwords are used to authorize and validate messages in the electronic data interchange environment.

Accepted Answer

value-added networks use passwords to de

Question 7

Audit trails in computerized systems are comprised of two types of audit logs: detailed logs of individual keystrokes and event-oriented logs.

Accepted Answer

A) True 
 B)False

Question 8

Only two types of motivation drive DoS attacks: 1)to punish an organization with which the perpetrator had a grievance; and 2)to gain bragging rights for being able to do it.

Accepted Answer

A) True 
 B)False

Question 9

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

Accepted Answer

compare job descriptions with authority

Question 10

Describe three ways in which IPS can be used to protect against DDoS Attacks?

Accepted Answer

1)IPS cam work inline with a firewall at

Question 11

List three methods of controlling unauthorized access to telecommunication messages.

Accepted Answer

call-back devices,data encrypt

Question 12

What do you call a system of computers that connects the internal users of an organization that is distributed over a wide geographic area?

Accepted Answer

A)  LAN 
B)  decentralized network 
C)  multidrop network 
D)  Intranet 
A)  LAN 
B)  decentralized network 
C)  multidrop network 
D)  Intranet

Question 13

Packet switching

Accepted Answer

A)  combines the messages of multiple users into one packet for transmission. At the receiving end, the packet is disassembled into the individual messages and distributed to the intended users. 
B)  is a method for partitioning a database into packets for easy access where no identifiable primary user exists in the organization. 
C)  is used to establish temporary connections between network devices for the duration of a communication session. 
D)  is a denial of service technique that disassembles various incoming messages to targeted users into small packages and then reassembles them in random order to create a useless garbled message. 
A)  combines the messages of multiple users into one packet for transmission. At the receiving end, the packet is disassembled into the individual messages and distributed to the intended users. 
B)  is a method for partitioning a database into packets for easy access where no identifiable primary user exists in the organization. 
C)  is used to establish temporary connections between network devices for the duration of a communication session. 
D)  is a denial of service technique that disassembles various incoming messages to targeted users into small packages and then reassembles them in random order to create a useless garbled message.

Question 14

What is a digital signature?

Accepted Answer

A digital signature is an electronic aut

Question 15

Discuss the public key encryption technique.

Accepted Answer

This approach uses two different keys: o

Question 16

Briefly define an operating system.

Accepted Answer

An integrated group of program

Question 17

What can be done to defeat a DDoS Attack?

Accepted Answer

Intrusion Prevention Systems (

Question 18

In a star topology,when the central site fails

Accepted Answer

A)  individual workstations can communicate with each other 
B)  individual workstations can function locally but cannot communicate with other workstations 
C)  individual workstations cannot function locally and cannot communicate with other workstations 
D)  the functions of the central site are taken over by a designated workstation 
A)  individual workstations can communicate with each other 
B)  individual workstations can function locally but cannot communicate with other workstations 
C)  individual workstations cannot function locally and cannot communicate with other workstations 
D)  the functions of the central site are taken over by a designated workstation

Question 19

Explain how smurf attacks can be controlled.

Accepted Answer

The targeted organization can

Question 20

Discuss the private key encryption technique and its shortcomings.

Accepted Answer

To encode a message,the sender provides

Electronic data interchange translation software interfaces with the sending firm and the value added network.

What is a seal of assurance?

A bus topology is less costly to install than a ring topology.

Operating system controls are of interest to system professionals but should not concern accountants and auditors.

Which of the following is not a test of access controls?

Describe two ways that passwords are used to authorize and validate messages in the electronic data interchange environment.

Audit trails in computerized systems are comprised of two types of audit logs: detailed logs of individual keystrokes and event-oriented logs.

Only two types of motivation drive DoS attacks: 1)to punish an organization with which the perpetrator had a grievance; and 2)to gain bragging rights for being able to do it.

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

Describe three ways in which IPS can be used to protect against DDoS Attacks?

List three methods of controlling unauthorized access to telecommunication messages.

What do you call a system of computers that connects the internal users of an organization that is distributed over a wide geographic area?

Packet switching

What is a digital signature?

Discuss the public key encryption technique.

Briefly define an operating system.

What can be done to defeat a DDoS Attack?

In a star topology,when the central site fails

Explain how smurf attacks can be controlled.

Discuss the private key encryption technique and its shortcomings.

Auditing and Internal Control

Auditing IT Governance Controls

IT Security Part II: Auditing Database Systems

Systems Development and Program Change Activities

Overview of Transaction Processing and Financial Reporting Systems

Computer-Assisted Audit Tools and Techniques

Data Structures and CAATTs for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Business Ethics, Fraud, and Fraud Detection

Enterprise Resource Planning Systems

Filters

Exam 3: Security Part I: Auditing Operating Systems and Networks

Electronic data interchange translation software interfaces with the sending firm and the value added network.

What is a seal of assurance?

A bus topology is less costly to install than a ring topology.

Operating system controls are of interest to system professionals but should not concern accountants and auditors.

Which of the following is not a test of access controls?

Describe two ways that passwords are used to authorize and validate messages in the electronic data interchange environment.

Audit trails in computerized systems are comprised of two types of audit logs: detailed logs of individual keystrokes and event-oriented logs.

Only two types of motivation drive DoS attacks: 1)to punish an organization with which the perpetrator had a grievance; and 2)to gain bragging rights for being able to do it.

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

Describe three ways in which IPS can be used to protect against DDoS Attacks?

List three methods of controlling unauthorized access to telecommunication messages.

What do you call a system of computers that connects the internal users of an organization that is distributed over a wide geographic area?

Packet switching

What is a digital signature?

Discuss the public key encryption technique.

Briefly define an operating system.

What can be done to defeat a DDoS Attack?

In a star topology,when the central site fails

Explain how smurf attacks can be controlled.

Discuss the private key encryption technique and its shortcomings.

Auditing and Internal Control

Auditing IT Governance Controls

IT Security Part II: Auditing Database Systems

Systems Development and Program Change Activities

Overview of Transaction Processing and Financial Reporting Systems

Computer-Assisted Audit Tools and Techniques

Data Structures and CAATTs for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Business Ethics, Fraud, and Fraud Detection

Enterprise Resource Planning Systems

Filters