Question 1

In a telecommunications environment,line errors can be detected by using an echo check.

Accepted Answer

A) True 
 B)False

Question 2

Explain how the one-time password approach works.

Accepted Answer

Under this approach,the user's password

Question 3

A formal log-on procedure is the operating system's last line of defense against unauthorized access.

Accepted Answer

A) True 
 B)False

Question 4

All of the following are designed to control exposures from subversive threats except

Accepted Answer

A) firewalls 
B) one-time passwords 
C) field interrogation 
D) data encryption 
A) firewalls 
B) one-time passwords 
C) field interrogation 
D) data encryption

Question 5

A worm is software program that replicates itself in areas of idle memory until the system fails.

Accepted Answer

A) True 
 B)False

Question 6

Describe three ways in which IPS can be used to protect against DDoS attacks?

Accepted Answer

1)IPS can work in-line with a firewall a

Question 7

Subschemas are used to authorize user access privileges to specific data elements.

Accepted Answer

A) True 
 B)False

Question 8

Disguising message packets to look as if they came from another user in order to gain access to the host's network is called spooling.

Accepted Answer

A) True 
 B)False

Question 9

Discuss the key features of the one-time password technique:

Accepted Answer

The one-time password was designed to ov

Question 10

Which of the following is true?

Accepted Answer

A) Deep packet inspection uses a variety of analytical and statistical techniques to evaluate the contents of message packets. 
B) An intrusion prevention system works in parallel with a firewall at the perimeter of the network to act as a filer that removes malicious packets from the flow before they can affect servers and networks. 
C) A distributed denial of service attack is so named because it is capable of attacking many victims simultaneously who are distributed across the Internet. 
D) None of the above are true statements. 
A) Deep packet inspection uses a variety of analytical and statistical techniques to evaluate the contents of message packets. 
B) An intrusion prevention system works in parallel with a firewall at the perimeter of the network to act as a filer that removes malicious packets from the flow before they can affect servers and networks. 
C) A distributed denial of service attack is so named because it is capable of attacking many victims simultaneously who are distributed across the Internet. 
D) None of the above are true statements.

Question 11

What problem is common to all private key encryption techniques?

Accepted Answer

The more individuals who need to know th

Question 12

Viruses rarely attach themselves to executable files.

Accepted Answer

A) True 
 B)False

Question 13

In determining whether a system is adequately protected from attacks by computer viruses,all of the following policies are relevant except

Accepted Answer

A) the policy on the purchase of software only from reputable vendors 
B) the policy that all software upgrades are checked for viruses before they are implemented 
C) the policy that current versions of antivirus software should be available to all users 
D) the policy that permits users to take files home to work on them 
A) the policy on the purchase of software only from reputable vendors 
B) the policy that all software upgrades are checked for viruses before they are implemented 
C) the policy that current versions of antivirus software should be available to all users 
D) the policy that permits users to take files home to work on them

Question 14

Which of the following is not a test of access controls?

Accepted Answer

A) biometric controls 
B) encryption controls 
C) backup controls 
D) inference controls 
A) biometric controls 
B) encryption controls 
C) backup controls 
D) inference controls

Question 15

Many techniques exist to reduce the likelihood and effects of data communication hardware failure.One of these is

Accepted Answer

A) hardware access procedures 
B) antivirus software 
C) parity checks 
D) data encryption 
A) hardware access procedures 
B) antivirus software 
C) parity checks 
D) data encryption

Question 16

In an electronic data interchange environment,customers routinely

Accepted Answer

A) access the vendor's accounts receivable file with read/write authority 
B) access the vendor's price list file with read/write authority 
C) access the vendor's inventory file with read-only authority 
D) access the vendor's open purchase order file with read-only authority 
A) access the vendor's accounts receivable file with read/write authority 
B) access the vendor's price list file with read/write authority 
C) access the vendor's inventory file with read-only authority 
D) access the vendor's open purchase order file with read-only authority

Question 17

What is EDI? How does its use affect the audit trail?

Accepted Answer

Electronic data interchange is an arrang

Question 18

What is a virus?

Accepted Answer

A virus is a program that atta

Question 19

All of the following techniques are used to validate electronic data interchange transactions except

Accepted Answer

A) value-added networks that compare passwords to a valid customer file before message transmission 
B) prior to converting the message, the translation software of the receiving company can compare the password against a validation file in the firm's database 
C) the recipient's application software can validate the password prior to processing 
D) the recipient's application software can validate the password after the transaction has been processed 
A) value-added networks that compare passwords to a valid customer file before message transmission 
B) prior to converting the message, the translation software of the receiving company can compare the password against a validation file in the firm's database 
C) the recipient's application software can validate the password prior to processing 
D) the recipient's application software can validate the password after the transaction has been processed

Question 20

Which of the following is not a basic database backup and recovery feature?

Accepted Answer

A) checkpoint 
B) backup database 
C) transaction log 
D) database authority table 
A) checkpoint 
B) backup database 
C) transaction log 
D) database authority table

In a telecommunications environment,line errors can be detected by using an echo check.

Explain how the one-time password approach works.

A formal log-on procedure is the operating system's last line of defense against unauthorized access.

All of the following are designed to control exposures from subversive threats except

A worm is software program that replicates itself in areas of idle memory until the system fails.

Describe three ways in which IPS can be used to protect against DDoS attacks?

Subschemas are used to authorize user access privileges to specific data elements.

Disguising message packets to look as if they came from another user in order to gain access to the host's network is called spooling.

Discuss the key features of the one-time password technique:

Which of the following is true?

What problem is common to all private key encryption techniques?

Viruses rarely attach themselves to executable files.

In determining whether a system is adequately protected from attacks by computer viruses,all of the following policies are relevant except

Which of the following is not a test of access controls?

Many techniques exist to reduce the likelihood and effects of data communication hardware failure.One of these is

In an electronic data interchange environment,customers routinely

What is EDI? How does its use affect the audit trail?

What is a virus?

All of the following techniques are used to validate electronic data interchange transactions except

Which of the following is not a basic database backup and recovery feature?

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Auditing It Controls Part I: Sarbanes-Oxley and It Governance

Auditing It Controls Part III: Systems Development, program Changes, and Application Auditing

Filters

Exam 15: Auditing It Controls Part II: Security and Access

In a telecommunications environment,line errors can be detected by using an echo check.

Explain how the one-time password approach works.

A formal log-on procedure is the operating system's last line of defense against unauthorized access.

All of the following are designed to control exposures from subversive threats except

A worm is software program that replicates itself in areas of idle memory until the system fails.

Describe three ways in which IPS can be used to protect against DDoS attacks?

Subschemas are used to authorize user access privileges to specific data elements.

Disguising message packets to look as if they came from another user in order to gain access to the host's network is called spooling.

Discuss the key features of the one-time password technique:

Which of the following is true?

What problem is common to all private key encryption techniques?

Viruses rarely attach themselves to executable files.

In determining whether a system is adequately protected from attacks by computer viruses,all of the following policies are relevant except

Which of the following is not a test of access controls?

Many techniques exist to reduce the likelihood and effects of data communication hardware failure.One of these is

In an electronic data interchange environment,customers routinely

What is EDI? How does its use affect the audit trail?

What is a virus?

All of the following techniques are used to validate electronic data interchange transactions except

Which of the following is not a basic database backup and recovery feature?

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Auditing It Controls Part I: Sarbanes-Oxley and It Governance

Auditing It Controls Part III: Systems Development, program Changes, and Application Auditing

Filters