An organization transmits large amount of data from one internal system to another. The IS auditor is reviewing quality of the data at the originating point. Which of the following should the auditor verify first?

• A.The data transformation is accurate
• B.The data has been encrypted
• C.The source data is accurate
• D.The data extraction process is completed

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a mechanism for mitigating risks?

• A.Security and control practices
• B.Property and liability insurance
• C.Audit and certification
• D.Contracts and service level agreements (SLAs)

Comment: *

Name: *

Email: *

Verification: *

An IS auditor reviewing a job scheduling tool notices performance and reliability problem. Which of the following is MOST likely affecting the tool?

• A.The scheduling tool was not classified as business-critical by the IT department.
• B.Maintaining patches and the latest enhancement upgrades are missing./
• C.Administrator passwords do not organizational security and complicity requirements.
• D.The number of support staff responsible for job scheduling has been reduced.

Comment: *

Name: *

Email: *

Verification: *

The role of the certificate authority (CA) as a third party is to:

• A.provide secured communication and networking services based on certificates.
• B.host a repository of certificates with the corresponding public and secret keys issued by that CA.
• C.act as a trusted intermediary between two communication partners.
• D.confirm the identity of the entity owning a certificate issued by that CA.

Comment: *

Name: *

Email: *

Verification: *

Following a breach, what is the BEST source to determine the maximum amount of time before customers must be notified that their personal information may have been compromised?

• A.Incident response plan
• B.Industry standards
• C.Information security policy
• D.Industry regulations

Comment: *

Name: *

Email: *

Verification: *