Exam 10: Computer Crime and Information Technology Security

Which of the following best pairs a COBIT enabler with a broad category of information technology controls?

COBIT's enablers include principles, policies and frameworks.Which of the following provides the best example of that enabler based on ISACA's explanation?

Ethan is an information technology security consultant.He has been asked to speak to a local professional organization about ways to strengthen internal controls against computer crime, and wants to relate his comments to the COBIT framework.Prepare a short summary of the key points Ethan should make in his presentation; ensure that each one has a clear relationship to the COBIT framework.

According to COBIT 5, an organization's information technology governance and management should separate governance from management.In that context, examples of governance include:

COBIT's enablers include services, infrastructure and applications.Which of the following best pairs one of those with an example based on ISACA's explanation of the enabler?

An information systems development company routinely creates a password that they do not disclose to their clients.In that way, the development company can bypass any security the client adds on later if the system needs maintenance.The client's information system is therefore at greatest risk for:

The difference between "error" and "information manipulation" as business risks associated with information technology is:

COBIT's enablers include people, skills and competencies.Functional competencies needed by accounting professionals include:

Business risks and threats to information systems include all of the following except:

Consider the following short case as you respond to the question: Melissa is an internal auditor for the County of Bufflufia.Her job responsibilities include providing training on information systems security and checking the work of data entry clerks.Melissa is also part of a team that responds to denial-of-service attacks on the county's information system.Her co-worker, Eugene, ensures that all the county's computers have the most up-to-date antivirus software; he also enforces the county's policy of backing up sensitive data, such as employee social security numbers and other payroll information, at least once a day.The back-ups are dated and stored in a locked filing cabinet.Which employee has responsibilities related to all three elements of the CIA triad?

According to ISACA, one of COBIT's enablers is an organized set of practices and activities to achieve certain objectives.That enabler is most closely related to:

At HCK Corporation, only employees in the information systems department can install new software on a computer.Which type of security control best describes that practice?

Malicious software, such as a logic bomb, is most closely related to which generic element of the accounting information system?

Which of the following best pairs a COBIT enabler with an element of the FASB conceptual framework of accounting?

COBIT's enablers include organizational processes.Which of the following best pairs a common process with an output of the process?

Consider the following examples of computer crime as you answer the question: i.Social Security numbers are stolen from a company's database.ii.A fraudster uses a computer to identify people over the age of 80 with annual incomes of $250,000 or more.iii.An employee receives threats from a co-worker via e-mail.iv.An unhappy customer launches a denial-of-service attack.Carter's taxonomy of computer crime comprises four categories.Which of the following pairs includes two items from the same category?

COBIT's enablers include people, skills and competencies.Personal competencies needed by accounting professionals include:

The CoBIT framework can be used to strengthen internal controls against computer crime in various ways.Indicate whether each statement below is (a) always true, (b) sometimes true or (c) never true.1.As a form of internal control, each step of the systems development life cycle focuses on one of CoBIT's enablers.2.CoBIT can be used in conjunction with the COSO internal control framework to identify appropriate control activities.3.CoBIT's principles provide detailed standards for evaluating information inputs and outputs that can help strengthen internal control.4.As defined in CoBIT, organizational stakeholders include management and employees.5.The COSO enterprise risk management framework requires the use of CoBIT to identify risks.

List the elements of Carter's taxonomy of computer crime.

Which COBIT enabler focuses on things like product demand, employee satisfaction and vendor reliability?