When protecting the confidentiality of information assets, the MOST effective control practice is the:

• A.awareness training of personnel on regulatory requirements.
• B.enforcement of a need-to-know access control philosophy.
• C.utilization of a dual-factor authentication mechanism.
• D.configuration of read-only access to all users.

Comment: *

Name: *

Email: *

Verification: *

What must an IS auditor understand before performing an application audit?

• A.The potential business impact of application risks.
• B.Application risks must first be identified.
• C.Relative business processes.
• D.Relevant application risks.

Comment: *

Name: *

Email: *

Verification: *

The MOST likely explanation for the use of applets in an Internet application is that:

• A.it is sent over the network from the server.
• B.the server does not run the program and the output is not sent over the network.
• C.they improve the performance of the web server and network.
• D.it is a JAVA program downloaded through the web browser and executed by the web server of the client machine.

Comment: *

Name: *

Email: *

Verification: *

For which of the following applications would rapid recovery be MOST crucial?

• A.Point-of-sale system
• B.Corporate planning
• C.Regulatory reporting
• D.Departmental chargeback

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST method for determining the criticality of each application system in the production environment?

• A.interview the application programmers.
• B.Perform a gap analysis.
• C.Review the most recent application audits.
• D.Perform a business impact analysis.

Comment: *

Name: *

Email: *

Verification: *