For an organization that has plans to implement web-based trading, it would be MOST important for an IS auditor to verity the organizations information security plan Include:

• A.the firewall configuration for the web server.
• B.security requirements for the new application.
• C.security training prior to implementation.
• D.attributes for system passwords

Comment: *

Name: *

Email: *

Verification: *

For an application system with a large master Tile and a small transact ion-activity file, the MAIN benefit in changing from full transaction file backups to incremental backups would be

• A.reduced CPU processing time
• B.increased control over backup media
• C.increased disk seek time
• D.faster disaster recovery capability

Comment: *

Name: *

Email: *

Verification: *

An IS auditor concludes that a local area network's (LAN's) access security is satisfactory. In reviewing the work, the audit manager should:

• A.assess whether the auditor had the appropriate skills to perform the work
• B.verify that the elements of an agreed-upon audit plan have been addressed.
• C.re-perform some steps of the audit to verify the quality of the work
• D.verify user management's agreement with the findings

Comment: *

Name: *

Email: *

Verification: *

Which of the following will help detect changes made by an intruder to the system log of a server?

• A.Mirroring the system log on another server
• B.Simultaneously duplicating the system log on a write-once disk
• C.Write-protecting the directory containing the system log
• D.Storing the backup of the system log offsite

Comment: *

Name: *

Email: *

Verification: *

An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor's NEXT course of action?

• A.Determine the value of the firewall.
• B.Report the security posture of the organization.
• C.Report the mitigating controls.
• D.Determine the risk of not replacing the firewall.

Comment: *

Name: *

Email: *

Verification: *