Question 1

All of the following techniques are used to validate electronic data interchange transactions except

Accepted Answer

A)  value added networks can compare passwords to a valid customer file before message transmission 
B)  prior to converting the message, the translation software of the receiving company can compare the password against a validation file in the firm's database 
C)  the recipient's application software can validate the password prior to processing 
D)  the recipient's application software can validate the password after the transaction has been processed 
A)  value added networks can compare passwords to a valid customer file before message transmission 
B)  prior to converting the message, the translation software of the receiving company can compare the password against a validation file in the firm's database 
C)  the recipient's application software can validate the password prior to processing 
D)  the recipient's application software can validate the password after the transaction has been processed

Question 2

Which of the following statements is correct? The client-server model

Accepted Answer

A)  is best suited to the token-ring topology because the random-access method used by this model detects data collisions. 
B)  distributes both data and processing tasks to the server's node. 
C)  is most effective used with a bus topology. 
D)  is more efficient than the bus or ring topologies. 
A)  is best suited to the token-ring topology because the random-access method used by this model detects data collisions. 
B)  distributes both data and processing tasks to the server's node. 
C)  is most effective used with a bus topology. 
D)  is more efficient than the bus or ring topologies.

Question 3

A digital signature is

Accepted Answer

A)  the encrypted mathematical value of the message sender's name 
B)  derived from the digest of a document that has been encrypted with the sender's private key 
C)  the computed digest of the sender's digital certificate 
D)  allows digital messages to be sent over analog telephone lines 
A)  the encrypted mathematical value of the message sender's name 
B)  derived from the digest of a document that has been encrypted with the sender's private key 
C)  the computed digest of the sender's digital certificate 
D)  allows digital messages to be sent over analog telephone lines

Question 4

The most frequent victims of program viruses are microcomputers.

Accepted Answer

A) True 
 B)False

Question 5

The bus topology connects the nodes in parallel.

Accepted Answer

A) True 
 B)False

Question 6

HTML

Accepted Answer

A)  is the document format used to produce Web pages. 
B)  controls Web browsers that access the Web. 
C)  is used to connect to Usenet groups on the Internet. 
D)  is used to transfer text files, programs, spreadsheets, and databases across the Internet. 
E)  is a low-level encryption scheme used to secure transmissions in higher-level () format. 
A)  is the document format used to produce Web pages. 
B)  controls Web browsers that access the Web. 
C)  is used to connect to Usenet groups on the Internet. 
D)  is used to transfer text files, programs, spreadsheets, and databases across the Internet. 
E)  is a low-level encryption scheme used to secure transmissions in higher-level () format.

Question 7

IP spoofing

Accepted Answer

A)  combines the messages of multiple users into a "spoofing packet" where the IP addresses are interchanged and the messages are then distributes randomly among the targeted users. 
B)  is a form of masquerading to gain unauthorized access to a web server. 
C)  is used to establish temporary connections between network devices with different IP addresses for the duration of a communication session. 
D)  is a temporary phenomenon that disrupts transaction processing. It will resolve itself when the primary computer completes processing its transaction and releases the IP address needed by other users. 
A)  combines the messages of multiple users into a "spoofing packet" where the IP addresses are interchanged and the messages are then distributes randomly among the targeted users. 
B)  is a form of masquerading to gain unauthorized access to a web server. 
C)  is used to establish temporary connections between network devices with different IP addresses for the duration of a communication session. 
D)  is a temporary phenomenon that disrupts transaction processing. It will resolve itself when the primary computer completes processing its transaction and releases the IP address needed by other users.

Question 8

Which of the following is considered an unintentional threat to the integrity of the operating system?

Accepted Answer

A)  a hacker gaining access to the system because of a security flaw 
B)  a hardware flaw that causes the system to crash 
C)  a virus that formats the hard drive 
D)  the systems programmer accessing individual user files 
A)  a hacker gaining access to the system because of a security flaw 
B)  a hardware flaw that causes the system to crash 
C)  a virus that formats the hard drive 
D)  the systems programmer accessing individual user files

Question 9

Which of the following is true?

Accepted Answer

A)  Deep Packet Inspection uses a variety of analytical and statistical techniques to evaluate the contents of message packets. 
B)  An Intrusion prevention system works in parallel with a firewall at the perimeter of the network to act as a filer that removes malicious packets from the flow before they can affect servers and networks. 
C)  A distributed denial of service attack is so named because it is capable of attacking many victims simultaneously who are distributed across the internet. 
D)  None of the above are true statements. 
A)  Deep Packet Inspection uses a variety of analytical and statistical techniques to evaluate the contents of message packets. 
B)  An Intrusion prevention system works in parallel with a firewall at the perimeter of the network to act as a filer that removes malicious packets from the flow before they can affect servers and networks. 
C)  A distributed denial of service attack is so named because it is capable of attacking many victims simultaneously who are distributed across the internet. 
D)  None of the above are true statements.

Question 10

Describe a denial of service (DoS)attack and identify three common forms.

Accepted Answer

A denial of service attacks (DoS)is an a

Question 11

A distributed denial of service (DDoS)attack

Accepted Answer

A)  is more intensive that a Dos attack because it emanates from single source 
B)  may take the form of either a SYN flood or smurf attack 
C)  is so named because it effects many victims simultaneously, which are distributed across the internet 
D)  turns the target victim's computers into zombies that are unable to access the Internet 
E)  none of the above is correct 
A)  is more intensive that a Dos attack because it emanates from single source 
B)  may take the form of either a SYN flood or smurf attack 
C)  is so named because it effects many victims simultaneously, which are distributed across the internet 
D)  turns the target victim's computers into zombies that are unable to access the Internet 
E)  none of the above is correct

Question 12

A ping is an Internet maintenance tool that is used to test the state of network congestion and determine whether a particular host computer is connected and available on the network.

Accepted Answer

A) True 
 B)False

Question 13

Transmitting numerous SYN packets to a targeted receiver,but NOT responding to an ACK,is

Accepted Answer

A)  a smurf attack. 
B)  IP Spoofing. 
C)  an ACK echo attack 
D)  a ping attack. 
E)  none of the above 
A)  a smurf attack. 
B)  IP Spoofing. 
C)  an ACK echo attack 
D)  a ping attack. 
E)  none of the above

Question 14

Contrast a LAN and a WAN.Typically,who owns and maintains a WAN?

Accepted Answer

A LAN is a local area network covering a

Question 15

In a ring topology

Accepted Answer

A)  the network consists of a central computer which manages all communications between nodes 
B)  has a host computer connected to several levels of subordinate computers 
C)  all nodes are of equal status; responsibility for managing communications is distributed among the nodes 
D)  information processing units rarely communicate with each other 
A)  the network consists of a central computer which manages all communications between nodes 
B)  has a host computer connected to several levels of subordinate computers 
C)  all nodes are of equal status; responsibility for managing communications is distributed among the nodes 
D)  information processing units rarely communicate with each other

Question 16

A software program that allows access to a system without going through the normal logon procedures is called a

Accepted Answer

A)  logic bomb 
B)  Trojan horse 
C)  worm 
D)  back door 
A)  logic bomb 
B)  Trojan horse 
C)  worm 
D)  back door

Question 17

To preserve audit trails in a computerized environment,transaction logs are permanent records of transactions.

Accepted Answer

A) True 
 B)False

Question 18

All of the following are designed to control exposures from subversive threats except

Accepted Answer

A)  firewalls 
B)  one-time passwords 
C)  field interrogation 
D)  data encryption 
A)  firewalls 
B)  one-time passwords 
C)  field interrogation 
D)  data encryption

Question 19

Which of the following statements is correct? TCP/IP

Accepted Answer

A)  is the basic protocol that permits communication between Internet sites. 
B)  controls Web browsers that access the WWW. 
C)  is the file format used to produce Web pages. 
D)  is a low-level encryption scheme used to secure transmissions in HTTP format. 
A)  is the basic protocol that permits communication between Internet sites. 
B)  controls Web browsers that access the WWW. 
C)  is the file format used to produce Web pages. 
D)  is a low-level encryption scheme used to secure transmissions in HTTP format.

Question 20

FTP

Accepted Answer

A)  is the document format used to produce Web pages. 
B)  controls Web browsers that access the Web. 
C)  is used to connect to Usenet groups on the Internet 
D)  is used to transfer text files, programs, spreadsheets, and databases across the Internet. 
E)  is a low-level encryption scheme used to secure transmissions in higher-level () format. 
A)  is the document format used to produce Web pages. 
B)  controls Web browsers that access the Web. 
C)  is used to connect to Usenet groups on the Internet 
D)  is used to transfer text files, programs, spreadsheets, and databases across the Internet. 
E)  is a low-level encryption scheme used to secure transmissions in higher-level () format.

All of the following techniques are used to validate electronic data interchange transactions except

Which of the following statements is correct? The client-server model

A digital signature is

The most frequent victims of program viruses are microcomputers.

The bus topology connects the nodes in parallel.

HTML

IP spoofing

Which of the following is considered an unintentional threat to the integrity of the operating system?

Which of the following is true?

Describe a denial of service (DoS)attack and identify three common forms.

A distributed denial of service (DDoS)attack

A ping is an Internet maintenance tool that is used to test the state of network congestion and determine whether a particular host computer is connected and available on the network.

Transmitting numerous SYN packets to a targeted receiver,but NOT responding to an ACK,is

Contrast a LAN and a WAN.Typically,who owns and maintains a WAN?

In a ring topology

A software program that allows access to a system without going through the normal logon procedures is called a

To preserve audit trails in a computerized environment,transaction logs are permanent records of transactions.

All of the following are designed to control exposures from subversive threats except

Which of the following statements is correct? TCP/IP

FTP

Auditing and Internal Control

Auditing IT Governance Controls

IT Security Part II: Auditing Database Systems

Systems Development and Program Change Activities

Overview of Transaction Processing and Financial Reporting Systems

Computer-Assisted Audit Tools and Techniques

Data Structures and CAATTs for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Business Ethics, Fraud, and Fraud Detection

Enterprise Resource Planning Systems

Filters

Exam 3: Security Part I: Auditing Operating Systems and Networks

All of the following techniques are used to validate electronic data interchange transactions except

Which of the following statements is correct? The client-server model

A digital signature is

The most frequent victims of program viruses are microcomputers.

The bus topology connects the nodes in parallel.

HTML

IP spoofing

Which of the following is considered an unintentional threat to the integrity of the operating system?

Which of the following is true?

Describe a denial of service (DoS)attack and identify three common forms.

A distributed denial of service (DDoS)attack

A ping is an Internet maintenance tool that is used to test the state of network congestion and determine whether a particular host computer is connected and available on the network.

Transmitting numerous SYN packets to a targeted receiver,but NOT responding to an ACK,is

Contrast a LAN and a WAN.Typically,who owns and maintains a WAN?

In a ring topology

A software program that allows access to a system without going through the normal logon procedures is called a

To preserve audit trails in a computerized environment,transaction logs are permanent records of transactions.

All of the following are designed to control exposures from subversive threats except

Which of the following statements is correct? TCP/IP

FTP

Auditing and Internal Control

Auditing IT Governance Controls

IT Security Part II: Auditing Database Systems

Systems Development and Program Change Activities

Overview of Transaction Processing and Financial Reporting Systems

Computer-Assisted Audit Tools and Techniques

Data Structures and CAATTs for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Business Ethics, Fraud, and Fraud Detection

Enterprise Resource Planning Systems

Filters