Which of the following is the GREATEST risk to the effectiveness of application system controls?

• A.Removal of manual processing steps
• B.inadequate procedure manuals
• C.Collusion between employees
• D.Unresolved regulatory compliance issues

Comment: *

Name: *

Email: *

Verification: *

In a botnet, mailbot logs into a particular type of system for making coordinated attack attempts. What type of system is this?

• A.Chat system
• B.SMS system
• C.Email system
• D.Log system
• E.Kernel system
• F.None of the choices.

Comment: *

Name: *

Email: *

Verification: *

Retention periods and conditions for the destruction of personal data should be determined by the.

• A.risk manager.
• B.database administrator (DBA).
• C.privacy manager.
• D.business owner.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. Inthis situation, which of the following would be considered an adequate set of compensating controls?

• A.Allow changes to be made only with the DBA user account.
• B.Make changes to the database after granting access to a normal user account.
• C.Use the DBA user account to make changes, log the changes and review the change log the following day.
• D.Use the normal user account to make changes, log the changes and review the change log the following day.

Comment: *

Name: *

Email: *

Verification: *

Proper segregation of duties does not prohibit a quality control administrator from also being responsible for change control and problem management. True or false?

• A.True
• B.False

Comment: *

Name: *

Email: *

Verification: *