Which of the following is the BEST information source for management to use as an aid in the identification of assets that are subject to laws and regulations?

• A.Security incident summaries
• B.Vendor best practices
• C.CERT coordination center
• D.Significant contracts

Comment: *

Name: *

Email: *

Verification: *

Naming conventions for system resources are important for access control because they:

• A.ensure that resource names are not ambiguous.
• B.reduce the number of rules required to adequately protect resources.
• C.ensure that user access to resources is clearly and uniquely identified.
• D.ensure that internationally recognized names are used to protect resources.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is an objective of IT project portfolio management?

• A.Successful implementation of projects
• B.Selection of sound, strategically aligned investment opportunities
• C.Validation of business case benefits
• D.Establishment of tracking mechanisms

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a prevalent risk in the development of end-user computing (EUC) applications?

• A.Applications may not be subject to testing and IT general controls
• B.increased development and maintenance costs
• C.increased application development time
• D.Decision-making may be impaired due to diminished responsiveness to requests for information

Comment: *

Name: *

Email: *

Verification: *

An IS auditor reviews an organizational chart PRIMARILY for:

• A.an understanding of workflows.
• B.investigating various communication channels.
• C.understanding the responsibilities and authority of individuals.
• D.investigating the network connected to different employees.

Comment: *

Name: *

Email: *

Verification: *