Due to system limitations, segregation of duties (SoD) cannot be enforced in an accounts payable system. Which of the following is the IS auditor s BEST recommendation for a compensating control?

• A.Require written authorization for all payment transactions.
• B.Reconcile payment transactions with invoices.
• C.Review payment transaction history.
• D.Restrict payment authorization to senior staff members

Comment: *

Name: *

Email: *

Verification: *

An IS auditor should ensure that an application's audit trail:

• A.Is accessible online
• B.does not impact operational efficiency
• C.logs ail database records.
• D.has adequate security.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY advantage of object-oriented technology is enhanced:

• A.management of a restricted variety of data types for a data object
• B.management of sequential program execution for data access
• C.efficiency due to the re-use of elements of logic
• D.grouping of objects into methods for data access

Comment: *

Name: *

Email: *

Verification: *

Which of the following should an IS auditor expect to see in a network vulnerability assessment?

• A.Security design flaws
• B.Misconfiguration and missing updates
• C.Zero-day vulnerabilities
• D.Malicious software and spyware

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY focus of a post-implementation review is to verify that:

• A.acceptance testing has been properly executed.
• B.user requirements have been met.
• C.user access controls have been adequately designed.
• D.enterprise architecture (EA) has been complied with.

Comment: *

Name: *

Email: *

Verification: *