TEMPEST is a hardware for which of the following purposes?

• A.Eavedropping
• B.Social engineering
• C.Virus scanning
• D.Firewalling
• E.None of the choices.

Comment: *

Name: *

Email: *

Verification: *

In a small organization, an employee performs computer operations and, when the situation demands, program modifications. Which of the following should the IS auditor recommend?

• A.Automated logging of changes to development libraries
• B.Additional staff to provide separation of duties
• C.Procedures that verify that only approved program changes are implemented
• D.Access controls to prevent the operator from making program modifications

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the PRIMARY benefit of using a capability maturity model?

• A.It helps the organization estimate how long it will lake to reach the highest level of maturity in each area
• B.It helps the organization develop a roadmap toward its desired level of n each area
• C.It provides detailed changes management strategies for performance improvement.
• D.It provides a way to compare against similar organizations' maturity levels

Comment: *

Name: *

Email: *

Verification: *

During the review of a web-based software development project, an IS auditor realizes that coding
standards are not enforced and code reviews are rarely carried out. This will MOST likely increase the
likelihood of a successful:

• A.buffer overflow.
• B.brute force attack.
• C.distributed denial-of-service attack.
• D.war dialing attack.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST influential when defining disaster recovery strategies?

• A.Existing server redundancies
• B.Data classification scheme
• C.Maximum tolerable downtime
• D.Annual loss expectancy

Comment: *

Name: *

Email: *

Verification: *