Question 1

Which of the following is true?

Accepted Answer

A)  Deep Packet Inspection uses a variety of analytical and statistical techniques to evaluate the contents of message packets. 
B)  An Intrusion prevention system works in parallel with a firewall at the perimeter of the network to act as a filer that removes malicious packets from the flow before they can affect servers and networks. 
C)  A distributed denial of service attack is so named because it is capable of attacking many victims simultaneously who are distributed across the internet. 
D)  None of the above are true statements. 
A)  Deep Packet Inspection uses a variety of analytical and statistical techniques to evaluate the contents of message packets. 
B)  An Intrusion prevention system works in parallel with a firewall at the perimeter of the network to act as a filer that removes malicious packets from the flow before they can affect servers and networks. 
C)  A distributed denial of service attack is so named because it is capable of attacking many victims simultaneously who are distributed across the internet. 
D)  None of the above are true statements.

Question 2

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

Accepted Answer

compare job descriptions with authority

Question 3

To preserve audit trails in a computerized environment,transaction logs are permanent records of transactions.

Accepted Answer

A) True 
 B)False

Question 4

In a computerized environment,the audit trail log must be printed onto paper documents.

Accepted Answer

A) True 
 B)False

Question 5

What is event monitoring?

Accepted Answer

Event monitoring summarizes key activiti

Question 6

A software program that replicates itself in areas of idle memory until the system fails is called a

Accepted Answer

A)  Trojan horse 
B)  worm 
C)  logic bomb 
D)  none of the above 
A)  Trojan horse 
B)  worm 
C)  logic bomb 
D)  none of the above

Question 7

An integrated group of programs that supports the applications and facilitates their access to specified resources is called a (an)

Accepted Answer

A)  operating system. 
B)  database management system. 
C)  utility system 
D)  facility system. 
E)  object system. 
A)  operating system. 
B)  database management system. 
C)  utility system 
D)  facility system. 
E)  object system.

Question 8

What are the auditor's concerns in testing EDI controls?

Accepted Answer

When testing EDI controls,the auditor's

Question 9

One purpose of a database system is the easy sharing of data.But this ease of sharing can also jeopardize security.Discuss at least three forms of access control designed to reduce this risk.

Accepted Answer

Many types of access control are possibl

Question 10

A formal log-on procedure is the operating system's first line of defense.Explain how this works.

Accepted Answer

When the user logs on,he or she is prese

Question 11

In a direct access file system

Accepted Answer

A)  backups are created using the grandfather-father-son approach 
B)  processing a transaction file against a maser file creates a backup file 
C)  files are backed up immediately before an update run 
D)  if the master file is destroyed,it cannot be reconstructed 
A)  backups are created using the grandfather-father-son approach 
B)  processing a transaction file against a maser file creates a backup file 
C)  files are backed up immediately before an update run 
D)  if the master file is destroyed,it cannot be reconstructed

Question 12

Audit objectives for communications controls include all of the following except

Accepted Answer

A)  detection and correction of message loss due to equipment failure 
B)  prevention and detection of illegal access to communication channels 
C)  procedures that render intercepted messages useless 
D)  all of the above 
A)  detection and correction of message loss due to equipment failure 
B)  prevention and detection of illegal access to communication channels 
C)  procedures that render intercepted messages useless 
D)  all of the above

Question 13

What can be done to defeat a DDoS Attack?

Accepted Answer

Intrusion Prevention Systems (

Question 14

Firewalls are special materials used to insulate computer facilities

Accepted Answer

A) True 
 B)False

Question 15

The most frequent victims of program viruses are microcomputers.

Accepted Answer

A) True 
 B)False

Question 16

What are the three security objectives of audit trails? Explain.

Accepted Answer

Audit trails support system security obj

Question 17

In an electronic data interchange environment,customers routinely access

Accepted Answer

A)  the vendor's price list file 
B)  the vendor's accounts payable file 
C)  the vendor's open purchase order file 
D)  none of the above 
A)  the vendor's price list file 
B)  the vendor's accounts payable file 
C)  the vendor's open purchase order file 
D)  none of the above

Question 18

In an electronic data interchange environment,the audit trail

Accepted Answer

A)  is a printout of all incoming and outgoing transactions 
B)  is an electronic log of all transactions received,translated,and processed by the system 
C)  is a computer resource authority table 
D)  consists of pointers and indexes within the database 
A)  is a printout of all incoming and outgoing transactions 
B)  is an electronic log of all transactions received,translated,and processed by the system 
C)  is a computer resource authority table 
D)  consists of pointers and indexes within the database

Question 19

Computer viruses usually spread throughout the system before being detected.

Accepted Answer

A) True 
 B)False

Question 20

Passwords are secret codes that users enter to gain access to systems.Security can be compromised by all of the following except

Accepted Answer

A)  failure to change passwords on a regular basis 
B)  using obscure passwords unknown to others 
C)  recording passwords in obvious places 
D)  selecting passwords that can be easily detected by computer criminals 
A)  failure to change passwords on a regular basis 
B)  using obscure passwords unknown to others 
C)  recording passwords in obvious places 
D)  selecting passwords that can be easily detected by computer criminals

Which of the following is true?

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

To preserve audit trails in a computerized environment,transaction logs are permanent records of transactions.

In a computerized environment,the audit trail log must be printed onto paper documents.

What is event monitoring?

A software program that replicates itself in areas of idle memory until the system fails is called a

An integrated group of programs that supports the applications and facilitates their access to specified resources is called a (an)

What are the auditor's concerns in testing EDI controls?

One purpose of a database system is the easy sharing of data.But this ease of sharing can also jeopardize security.Discuss at least three forms of access control designed to reduce this risk.

A formal log-on procedure is the operating system's first line of defense.Explain how this works.

In a direct access file system

Audit objectives for communications controls include all of the following except

What can be done to defeat a DDoS Attack?

Firewalls are special materials used to insulate computer facilities

The most frequent victims of program viruses are microcomputers.

What are the three security objectives of audit trails? Explain.

In an electronic data interchange environment,customers routinely access

In an electronic data interchange environment,the audit trail

Computer viruses usually spread throughout the system before being detected.

Passwords are secret codes that users enter to gain access to systems.Security can be compromised by all of the following except

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part Ii: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

General Ledger,financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct,deliver,and Maintain Systems Projects

IT Controls Part I: Sarbanes-Oxley and It Governance

IT Controls Part III: Systems Development, program Changes, and Application Controls

Filters

Exam 16: IT Controls Part II: Security and Access

Which of the following is true?

Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts.

To preserve audit trails in a computerized environment,transaction logs are permanent records of transactions.

In a computerized environment,the audit trail log must be printed onto paper documents.

What is event monitoring?

A software program that replicates itself in areas of idle memory until the system fails is called a

An integrated group of programs that supports the applications and facilitates their access to specified resources is called a (an)

What are the auditor's concerns in testing EDI controls?

One purpose of a database system is the easy sharing of data.But this ease of sharing can also jeopardize security.Discuss at least three forms of access control designed to reduce this risk.

A formal log-on procedure is the operating system's first line of defense.Explain how this works.

In a direct access file system

Audit objectives for communications controls include all of the following except

What can be done to defeat a DDoS Attack?

Firewalls are special materials used to insulate computer facilities

The most frequent victims of program viruses are microcomputers.

What are the three security objectives of audit trails? Explain.

In an electronic data interchange environment,customers routinely access

In an electronic data interchange environment,the audit trail

Computer viruses usually spread throughout the system before being detected.

Passwords are secret codes that users enter to gain access to systems.Security can be compromised by all of the following except

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part Ii: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

General Ledger,financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct,deliver,and Maintain Systems Projects

IT Controls Part I: Sarbanes-Oxley and It Governance

IT Controls Part III: Systems Development, program Changes, and Application Controls

Filters