Which of the following is the BEST method to maintain an audit trail of changes made to the source code of a program?

• A.Standardize file naming conventions.
• B.Utilize automated version control.
• C.Embed details within source code.
• D.Document details on a change register.

Comment: *

Name: *

Email: *

Verification: *

A post-implementation review was conducted by issuing a survey to users. Which of the following should be of GREATEST concern to an IS auditor?

• A.The survey questions did not address the scope of the business case.
• B.The survey form template did not allow additional feedback to be provided.
• C.The survey was issued to employees a month after implementation.
• D.The survey results were not presented in detail lo management.

Comment: *

Name: *

Email: *

Verification: *

An organization has a recovery time objective (RTO) equal to zero and a recovery point objective (RPO) close to 1 minute for a critical system. This implies that the system can tolerate:

• A.a data loss of up to 1 minute, but the processing must be continuous.
• B.a 1-minute processing interruption but cannot tolerate any data loss.
• C.a processing interruption of 1 minute or more.
• D.both a data less and processing interruption longer than 1 minute.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be performed immediately after a computer security incident has been detected and analyzed by an incident response team?

• A.Eradicate the component that caused the incident
• B.Contain the incident before it spreads.
• C.Categorize the incident
• D.Assess the impact of the incident on critical systems.

Comment: *

Name: *

Email: *

Verification: *

Post-implementation testing is an example of which of the following control types?

• A.Preventive
• B.Directive
• C.Detective
• D.Deterrent

Comment: *

Name: *

Email: *

Verification: *