Which of following areas is MOST important for an IS auditor to focus on when reviewing the maturity model for a technology organization?

• A.Standard operating procedures
• B.Service level agreements (SLAs)
• C.Roles and responsibility matrix
• D.Business resiliency

Comment: *

Name: *

Email: *

Verification: *

A programmer maliciously modified a production program to change data and then restored the original code. Which of the following would MOST effectively detect the malicious activity?

• A.Comparing source code
• B.Reviewing system log files
• C.Comparing object code
• D.Reviewing executable and source code integrity

Comment: *

Name: *

Email: *

Verification: *

An IS auditor considering the risks associated with spooling sensitive reports for off-line printing will be the
MOST concerned that:

• A.data can easily be read by operators
• B.data can more easily be amended by unauthorized persons
• C.unauthorized copies of reports can be printed
• D.output will be lost if the system should fail

Comment: *

Name: *

Email: *

Verification: *

Which of the following is NOT a disadvantage of Single Sign On (SSO)?

• A.Support for all major operating system environment is difficult
• B.The cost associated with SSO development can be significant
• C.SSO could be single point of failure and total compromise of an organization asset
• D.SSO improves an administrator's ability to manage user's account and authorization to all associated system

Comment: *

Name: *

Email: *

Verification: *

Which of the following metrics would be MOST useful to an IS auditor when assessing the resilience of an application programming interface (API)?

• A.Number of defects logged during development compared to other APIs
• B.Number of developers adopting the API for their applications
• C.Number of API calls expected versus actually received within a lime interval
• D.Number of patches released within a time interval for the API

Comment: *

Name: *

Email: *

Verification: *