Question 1

Describe one benefit of using a call-back device.

Accepted Answer

Access to the system is achieved when th

Question 2

An IP Address:

Accepted Answer

A)  defines the path to a facility or file on the web. 
B)  is the unique address that every computer node and host attached to the Internet must have. 
C)  is represented by a 64-bit data packet. 
D)  is the address of the protocol rules and standards that governing the design of internet hardware and software. 
E)  none of the above is true. 
A)  defines the path to a facility or file on the web. 
B)  is the unique address that every computer node and host attached to the Internet must have. 
C)  is represented by a 64-bit data packet. 
D)  is the address of the protocol rules and standards that governing the design of internet hardware and software. 
E)  none of the above is true.

Question 3

When auditors examine and test the call-back feature,they are testing which audit objective?

Accepted Answer

A)  incompatible functions have been segregated 
B)  application programs are protected from unauthorized access 
C)  physical security measures are adequate to protect the organization from natural disaster 
D)  illegal access to the system is prevented and detected 
A)  incompatible functions have been segregated 
B)  application programs are protected from unauthorized access 
C)  physical security measures are adequate to protect the organization from natural disaster 
D)  illegal access to the system is prevented and detected

Question 4

Audit objectives for communications controls include all of the following except

Accepted Answer

A)  detection and correction of message loss due to equipment failure 
B)  prevention and detection of illegal access to communication channels 
C)  procedures that render intercepted messages useless 
D)  all of the above. 
A)  detection and correction of message loss due to equipment failure 
B)  prevention and detection of illegal access to communication channels 
C)  procedures that render intercepted messages useless 
D)  all of the above.

Question 5

In a computerized environment,the audit trail log must be printed onto paper documents.

Accepted Answer

A) True 
 B)False

Question 6

All of the following tests of controls will provide evidence that adequate computer virus control techniques are in place and functioning except

Accepted Answer

A)  verifying that only authorized software is used on company computers 
B)  reviewing system maintenance records 
C)  confirming that antivirus software is in use 
D)  examining the password policy including a review of the authority table 
A)  verifying that only authorized software is used on company computers 
B)  reviewing system maintenance records 
C)  confirming that antivirus software is in use 
D)  examining the password policy including a review of the authority table

Question 7

A worm is software program that replicates itself in areas of idle memory until the system fails.

Accepted Answer

A) True 
 B)False

Question 8

Which control will not reduce the likelihood of data loss due to a line error?

Accepted Answer

A)  echo check 
B)  encryption 
C)  vertical parity bit 
D)  horizontal parity bit 
A)  echo check 
B)  encryption 
C)  vertical parity bit 
D)  horizontal parity bit

Question 9

In a telecommunications environment,line errors can be detected by using an echo check.

Accepted Answer

A) True 
 B)False

Question 10

The standard format for an e-mail address is DOMAIN NAME@USER NAME.

Accepted Answer

A) True 
 B)False

Question 11

The client-server model can only be applied to ring and star topologies.

Accepted Answer

A) True 
 B)False

Question 12

IP spoofing is a form of masquerading to gain unauthorized access to a Web server.

Accepted Answer

A) True 
 B)False

Question 13

A smurf attack involves three participants: a zombie,an intermediary,and the victim.

Accepted Answer

A) True 
 B)False

Question 14

Discuss the changing motivation behind a Denial of Service Attack

Accepted Answer

The motivation behind DoS attacks may or

Question 15

The message authentication code is calculated by the sender and the receiver of a data transmission.

Accepted Answer

A) True 
 B)False

Question 16

Advance encryption standard (AES)is

Accepted Answer

A)  a 64 -bit private key encryption technique 
B)  a 128-bit private key encryption technique 
C)  a 128-bit public key encryption technique 
D)  a 256-bit public encryption technique that has become a U.S. government standard 
A)  a 64 -bit private key encryption technique 
B)  a 128-bit private key encryption technique 
C)  a 128-bit public key encryption technique 
D)  a 256-bit public encryption technique that has become a U.S. government standard

Question 17

Which of the following statements is correct?

Accepted Answer

A)  Packet switching combines the messages of multiple users into a "packet" for transmission. At the receiving end, the packet is disassembled into the individual messages and distributed to the intended users. 
B)  The decision to partition a database assumes that no identifiable primary user exists in the organization. 
C)  Packet switching is used to establish temporary connections between network devices for the duration of a communication session. 
D)  A deadlock is a temporary phenomenon that disrupts transaction processing. It will resolve itself when the primary computer completes processing its transaction and releases the data needed by other users. 
A)  Packet switching combines the messages of multiple users into a "packet" for transmission. At the receiving end, the packet is disassembled into the individual messages and distributed to the intended users. 
B)  The decision to partition a database assumes that no identifiable primary user exists in the organization. 
C)  Packet switching is used to establish temporary connections between network devices for the duration of a communication session. 
D)  A deadlock is a temporary phenomenon that disrupts transaction processing. It will resolve itself when the primary computer completes processing its transaction and releases the data needed by other users.

Question 18

A formal log-on procedure is the operating system's first line of defense.Explain how this works.

Accepted Answer

When the user logs on,he or she is prese

Question 19

A virtual private network:

Accepted Answer

A)  is a password-controlled network for private users rather than the general public. 
B)  is a private network within a public network. 
C)  is an Internet facility that links user sites locally and around the world. 
D)  defines the path to a facility or file on the web. 
E)  none of the above is true. 
A)  is a password-controlled network for private users rather than the general public. 
B)  is a private network within a public network. 
C)  is an Internet facility that links user sites locally and around the world. 
D)  defines the path to a facility or file on the web. 
E)  none of the above is true.

Question 20

A star topology is appropriate

Accepted Answer

A)  for a wide area network with a mainframe for a central computer 
B)  for centralized databases only 
C)  for environments where network nodes routinely communicate with each other 
D)  when the central database does not have to be concurrent with the nodes 
A)  for a wide area network with a mainframe for a central computer 
B)  for centralized databases only 
C)  for environments where network nodes routinely communicate with each other 
D)  when the central database does not have to be concurrent with the nodes

Describe one benefit of using a call-back device.

An IP Address:

When auditors examine and test the call-back feature,they are testing which audit objective?

Audit objectives for communications controls include all of the following except

In a computerized environment,the audit trail log must be printed onto paper documents.

All of the following tests of controls will provide evidence that adequate computer virus control techniques are in place and functioning except

A worm is software program that replicates itself in areas of idle memory until the system fails.

Which control will not reduce the likelihood of data loss due to a line error?

In a telecommunications environment,line errors can be detected by using an echo check.

The standard format for an e-mail address is DOMAIN NAME@USER NAME.

The client-server model can only be applied to ring and star topologies.

IP spoofing is a form of masquerading to gain unauthorized access to a Web server.

A smurf attack involves three participants: a zombie,an intermediary,and the victim.

Discuss the changing motivation behind a Denial of Service Attack

The message authentication code is calculated by the sender and the receiver of a data transmission.

Advance encryption standard (AES)is

Which of the following statements is correct?

A formal log-on procedure is the operating system's first line of defense.Explain how this works.

A virtual private network:

A star topology is appropriate

Auditing and Internal Control

Auditing IT Governance Controls

IT Security Part II: Auditing Database Systems

Systems Development and Program Change Activities

Overview of Transaction Processing and Financial Reporting Systems

Computer-Assisted Audit Tools and Techniques

Data Structures and CAATTs for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Business Ethics, Fraud, and Fraud Detection

Enterprise Resource Planning Systems

Filters

Exam 3: Security Part I: Auditing Operating Systems and Networks

Describe one benefit of using a call-back device.

An IP Address:

When auditors examine and test the call-back feature,they are testing which audit objective?

Audit objectives for communications controls include all of the following except

In a computerized environment,the audit trail log must be printed onto paper documents.

All of the following tests of controls will provide evidence that adequate computer virus control techniques are in place and functioning except

A worm is software program that replicates itself in areas of idle memory until the system fails.

Which control will not reduce the likelihood of data loss due to a line error?

In a telecommunications environment,line errors can be detected by using an echo check.

The standard format for an e-mail address is DOMAIN NAME@USER NAME.

The client-server model can only be applied to ring and star topologies.

IP spoofing is a form of masquerading to gain unauthorized access to a Web server.

A smurf attack involves three participants: a zombie,an intermediary,and the victim.

Discuss the changing motivation behind a Denial of Service Attack

The message authentication code is calculated by the sender and the receiver of a data transmission.

Advance encryption standard (AES)is

Which of the following statements is correct?

A formal log-on procedure is the operating system's first line of defense.Explain how this works.

A virtual private network:

A star topology is appropriate

Auditing and Internal Control

Auditing IT Governance Controls

IT Security Part II: Auditing Database Systems

Systems Development and Program Change Activities

Overview of Transaction Processing and Financial Reporting Systems

Computer-Assisted Audit Tools and Techniques

Data Structures and CAATTs for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Business Ethics, Fraud, and Fraud Detection

Enterprise Resource Planning Systems

Filters