Default permit is only a good approach in an environment where:

• A.security threats are non-existent or negligible.
• B.security threats are non-negligible.
• C.security threats are serious and severe.
• D.users are trained.
• E.None of the choices.

Comment: *

Name: *

Email: *

Verification: *

Which of the following are valid examples of Malware (choose all that apply):

• A.viruses
• B.worms
• C.trojan horses
• D.spyware
• E.All of the above

Comment: *

Name: *

Email: *

Verification: *

A CIO has asked an IS auditor to implement several security controls for an organization s IT processes and systems. The auditor should:

• A.obtain approval from executive management for the implementation
• B.communicate the conflict of interest to audit management
• C.perform the assignment and future audits with due professional care.
• D.refuse due to independence issues.

Comment: *

Name: *

Email: *

Verification: *

An organization has decided to migrate payroll processing to a new platform hosted by a third party in a different country. Which of the following is MOST important for the IS auditor to consider?

• A.The service provider's compliance with privacy regulations
• B.Whether the contract contains a right-to-terminate clause
• C.The service provider's compliance with financial regulations
• D.Storage costs charged by the service provider

Comment: *

Name: *

Email: *

Verification: *

In a high-volume, real-time system, the MOST effective technique by which to continuously monitor and analyze transaction processing is:

• A.integrated test facility (ITF).
• B.parallel simulation.
• C.transaction tagging.
• D.embedded audit modules.

Comment: *

Name: *

Email: *

Verification: *