Which of the following would be considered a corrective control when designing the security of a data center?

• A.Perimeter fence
• B.Closed-circuit television (CCTV)
• C.Fire extinguisher
• D.Security guards

Comment: *

Name: *

Email: *

Verification: *

An IS auditor seeks assurance that a new process for purging transactions does not have a detrimental
impact on the integrity of a database. This could be achieved BEST by analyzing the:

• A.database structure.
• B.design of triggers.
• C.results of the process in a test environment.
• D.entity relationship diagram of the database.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST IS audit strategy?

• A.Perform audits based on Impact and probability of error and failure.
• B.Cycle general control and application audits over a two-year period
• C.Conduct general control audits annually and application audits in alternating years
• D.Limit audits to new application system developments

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a detective control?

• A.Programmed edit checks tor data entry
• B.Backup procedures
• C.Verification of hash totals
• D.Use of pass cards to gain access to physical facilities

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST effective way to reduce risk to an organization from widespread use of unauthorized web-based communication technologies?

• A.Block access from user devices to unauthorized sites that allow web-based
• B.communication. 1 Monitor unauthorized staff usage of web-based communication and notify the IT security department of violations.
• C.Publish an enterprise-wide policy outlining acceptable use of web-based communication technologies
• D.Incorporate web-based communications into the enterprise security architecture.

Comment: *

Name: *

Email: *

Verification: *