Which of the following provides the MOST useful information for performing a business impact analysis (BIA)?

• A.Documentation of application configurations
• B.Policies for business procurement
• C.Inventory of relevant business processes
• D.Results of business resumption planning efforts

Comment: *

Name: *

Email: *

Verification: *

During an informatics security audit of a mid-sized organization an IS auditor notes that the organizations information security policy is not sufficient. What is the auditor's BEST recommendation for the organization?

• A.Identify and close gaps compared to a best-practice framework
• B.Define roles and responsibilities for regularly updating the policy
• C.Obtain an external consultants support to rewrite the pokey
• D.Perform a Benchmark with competitors' polices

Comment: *

Name: *

Email: *

Verification: *

Which of the following exposures could be caused by a line grabbing technique?

• A.Unauthorized data access
• B.Excessive CPU cycle usage
• C.Lockout of terminal polling
• D.Multiplexor control dysfunction

Comment: *

Name: *

Email: *

Verification: *

An organization has been recently downsized, in light of this, an IS auditor decides to test logical access controls. The IS auditor's PRIMARY concern should be that:

• A.all system access is authorized and appropriate for an individual's role and responsibilities.
• B.management has authorized appropriate access for all newly-hired individuals.
• C.only the system administrator has authority to grant or modify access to individuals.
• D.access authorization forms are used to grant or modify access to individuals.

Comment: *

Name: *

Email: *

Verification: *

Distributed denial-of-service (DDOS) attacks on Internet sites are typically evoked by hackers using which of the following?

• A.Logic bombs
• B.Phishing
• C.Spyware
• D.Trojan horses

Comment: *

Name: *

Email: *

Verification: *