In which phase of penetration testing would host detection and domain name system (DNS) interrogation
be performed?

• A.Reporting
• B.Attacks
• C.Discovery
• D.Planning

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be an IS auditor's FIRST activity when planning an audit?

• A.Gain an understanding of the area to be audited.
• B.Document specific questions in the audit program.
• C.Create a list of key controls to be reviewed.
• D.Identify proper resources for audit activities.

Comment: *

Name: *

Email: *

Verification: *

A retailer normally uses a scanner to read product labels and input product codes and prices. The unit is not functioning and staff are keying information manually. With respect to the accuracy of the input, it is likely that:

• A.audit risk has increased.
• B.control risk has increased.
• C.inherent risk has decreased.
• D.detection risk has decreased.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor learns a server administration team regularly applies work arounds to address repeated failures of critical data processing services. Which of the following would BEST enable the organization to resolve the issue?

• A.Change management
• B.Incident management
• C.Problem management
• D.Service level management

Comment: *

Name: *

Email: *

Verification: *

Talking about the different approaches to security in computing, the principle of regarding the computer system itself as largely an untrusted system emphasizes:

• A.most privilege
• B.full privilege
• C.least privilege
• D.null privilege
• E.None of the choices.

Comment: *

Name: *

Email: *

Verification: *