Which of the following activities performed by a database administrator (DBA) should be performed by a
different person?

• A.Deleting database activity logs
• B.Implementing database optimization tools
• C.Monitoring database usage
• D.Defining backup and recovery procedures

Comment: *

Name: *

Email: *

Verification: *

The most common problem in the operation of an intrusion detection system (IDS) is:

• A.the detection of false positives.
• B.receiving trap messages.
• C.reject-error rates.
• D.denial-of-service attacks.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important consideration tor an IS auditor when reviewing a vendor selection process?

• A.Security and regulatory concerns were identified as part of the selection process
• B.The lowest price possible was obtained for vendor services rendered
• C.Responsible managers were assigned to monitor vendor performance
• D.Vendors were assessed and assigned a ranking during the selection process

Comment: *

Name: *

Email: *

Verification: *

In a 24/7 processing environment, a database contains several privileged application accounts with passwords set to "never expire.' Which of the following recommendations would BEST address the risk with minimal disruption to the business?

• A.Schedule downtime to implement password changes
• B.Modify applications to no longer require direct access to the database.
• C.Modify the access management policy to make allowances for application accounts
• D.Introduce database access monitoring into the environment

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important requirement for an IS auditor to evaluate when reviewing a
transmission of personally identifiable information between two organizations?

• A.Completeness
• B.Timeliness
• C.Necessity
• D.Accuracy

Comment: *

Name: *

Email: *

Verification: *