Question 1

Discuss three techniques for breaching operating system controls.

Accepted Answer

Browsing involves searching through area

Question 2

Which is not a biometric device?

Accepted Answer

A) password 
B) retina prints 
C) voice prints 
D) signature characteristics 
A) password 
B) retina prints 
C) voice prints 
D) signature characteristics

Question 3

Which of the following is considered an unintentional threat to the integrity of the operating system?

Accepted Answer

A) a hacker gaining access to the system because of a security flaw 
B) a hardware flaw that causes the system to crash 
C) a virus that formats the hard drive 
D) the systems programmer accessing individual user files 
A) a hacker gaining access to the system because of a security flaw 
B) a hardware flaw that causes the system to crash 
C) a virus that formats the hard drive 
D) the systems programmer accessing individual user files

Question 4

A recovery module suspends all data processing while the system reconciles its journal files against the database.

Accepted Answer

A) True 
 B)False

Question 5

Transmitting numerous SYN packets to a targeted receiver,but not responding to an ACK,is

Accepted Answer

A) a smurf attack 
B) IP spoofing 
C) a ping attack 
D) none of the above 
A) a smurf attack 
B) IP spoofing 
C) a ping attack 
D) none of the above

Question 6

The checkpoint feature

Accepted Answer

A) makes a periodic backup of the entire database 
B) uses logs and backup files to restart the system after failure 
C) suspends all data processing while the system reconciles the transaction log against the database 
D) provides an audit trail of all processed transactions 
A) makes a periodic backup of the entire database 
B) uses logs and backup files to restart the system after failure 
C) suspends all data processing while the system reconciles the transaction log against the database 
D) provides an audit trail of all processed transactions

Question 7

What are the three security objectives of audit trails? Explain.

Accepted Answer

Audit trails support system security obj

Question 8

A value-added network can detect and reject transactions by unauthorized trading partners.

Accepted Answer

A) True 
 B)False

Question 9

Electronic data interchange customers may be given access to the vendor's data files.

Accepted Answer

A) True 
 B)False

Question 10

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

Accepted Answer

compare job descriptions with authority

Question 11

All of the following will reduce the exposure to computer viruses except

Accepted Answer

A) install antivirus software 
B) install factory-sealed application software 
C) assign and control user passwords 
D) install public-domain software from reputable bulletin boards 
A) install antivirus software 
B) install factory-sealed application software 
C) assign and control user passwords 
D) install public-domain software from reputable bulletin boards

Question 12

A Trojan horse

Accepted Answer

A) burrows into a computer's memory and replicates itself into areas of idle memory 
B) is a destructive program triggered by some predetermined event 
C) allows unauthorized access to a system without going through normal log-on procedures 
D) captures IDs and passwords from unsuspecting users 
A) burrows into a computer's memory and replicates itself into areas of idle memory 
B) is a destructive program triggered by some predetermined event 
C) allows unauthorized access to a system without going through normal log-on procedures 
D) captures IDs and passwords from unsuspecting users

Question 13

Electronic data interchange translation software interfaces with the sending firm and the value added network.

Accepted Answer

A) True 
 B)False

Question 14

What is an operating system? What does it do? What are operating system control objectives?

Accepted Answer

An operating system is a computer's cont

Question 15

All of the following tests of controls will provide evidence that access to the data files is limited except

Accepted Answer

A) inspecting biometric controls 
B) reconciling program version numbers 
C) comparing job descriptions with access privileges stored in the authority table 
D) attempting to retrieve unauthorized data via inference queries 
A) inspecting biometric controls 
B) reconciling program version numbers 
C) comparing job descriptions with access privileges stored in the authority table 
D) attempting to retrieve unauthorized data via inference queries

Question 16

What is a database authorization table?

Accepted Answer

The database authorization table contain

Question 17

Explain how transactions are audited in an electronic data interchange environment.

Accepted Answer

Firms using electronic data interchange

Question 18

In an electronic data interchange environment,customers routinely access

Accepted Answer

A) the vendor's price list file 
B) the vendor's accounts payable file 
C) the vendor's open purchase order file 
D) none of the above 
A) the vendor's price list file 
B) the vendor's accounts payable file 
C) the vendor's open purchase order file 
D) none of the above

Question 19

One purpose of a database system is the easy sharing of data.But this ease of sharing can also jeopardize security.Discuss at least three forms of access control designed to reduce this risk.

Accepted Answer

Many types of access control are possibl

Question 20

Access controls protect databases against destruction,loss or misuse through unauthorized access.

Accepted Answer

A) True 
 B)False

Discuss three techniques for breaching operating system controls.

Which is not a biometric device?

Which of the following is considered an unintentional threat to the integrity of the operating system?

A recovery module suspends all data processing while the system reconciles its journal files against the database.

Transmitting numerous SYN packets to a targeted receiver,but not responding to an ACK,is

The checkpoint feature

What are the three security objectives of audit trails? Explain.

A value-added network can detect and reject transactions by unauthorized trading partners.

Electronic data interchange customers may be given access to the vendor's data files.

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

All of the following will reduce the exposure to computer viruses except

A Trojan horse

Electronic data interchange translation software interfaces with the sending firm and the value added network.

What is an operating system? What does it do? What are operating system control objectives?

All of the following tests of controls will provide evidence that access to the data files is limited except

What is a database authorization table?

Explain how transactions are audited in an electronic data interchange environment.

In an electronic data interchange environment,customers routinely access

One purpose of a database system is the easy sharing of data.But this ease of sharing can also jeopardize security.Discuss at least three forms of access control designed to reduce this risk.

Access controls protect databases against destruction,loss or misuse through unauthorized access.

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Auditing It Controls Part I: Sarbanes-Oxley and It Governance

Auditing It Controls Part III: Systems Development, program Changes, and Application Auditing

Filters

Exam 15: Auditing It Controls Part II: Security and Access

Discuss three techniques for breaching operating system controls.

Which is not a biometric device?

Which of the following is considered an unintentional threat to the integrity of the operating system?

A recovery module suspends all data processing while the system reconciles its journal files against the database.

Transmitting numerous SYN packets to a targeted receiver,but not responding to an ACK,is

The checkpoint feature

What are the three security objectives of audit trails? Explain.

A value-added network can detect and reject transactions by unauthorized trading partners.

Electronic data interchange customers may be given access to the vendor's data files.

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

All of the following will reduce the exposure to computer viruses except

A Trojan horse

Electronic data interchange translation software interfaces with the sending firm and the value added network.

What is an operating system? What does it do? What are operating system control objectives?

All of the following tests of controls will provide evidence that access to the data files is limited except

What is a database authorization table?

Explain how transactions are audited in an electronic data interchange environment.

In an electronic data interchange environment,customers routinely access

One purpose of a database system is the easy sharing of data.But this ease of sharing can also jeopardize security.Discuss at least three forms of access control designed to reduce this risk.

Access controls protect databases against destruction,loss or misuse through unauthorized access.

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Auditing It Controls Part I: Sarbanes-Oxley and It Governance

Auditing It Controls Part III: Systems Development, program Changes, and Application Auditing

Filters