Which of the following cryptography options would increase overhead/cost?

• A.The encryption is symmetric rather than asymmetric.
• B.A long asymmetric encryption key is used.
• C.The hash is encrypted rather than the message.
• D.A secret key is used.

Comment: *

Name: *

Email: *

Verification: *

When evaluating database management practices, which of the following controls would MOST effectively support data integrity?

• A.System processing output balanced to control totals
• B.System-generated duplicate transaction reports
• C.System edit checks
• D.User access controls

Comment: *

Name: *

Email: *

Verification: *

For an organization that has plans to implement web-based trading, it would be MOST important for an IS auditor to verify the organization's information security plan includes:

• A.attributes for system passwords.
• B.security training prior to implementation.
• C.security requirements for the new application.
• D.the firewall configuration for the web server.

Comment: *

Name: *

Email: *

Verification: *

What are used as the framework for developing logical access controls?

• A.Information systems security policies
• B.Organizational security policies
• C.Access Control Lists (ACL)
• D.Organizational charts for identifying roles and responsibilities

Comment: *

Name: *

Email: *

Verification: *

When planning an audit to assess application controls of a cloud-based system, it is MOST important for
the IS auditor to understand the:

• A.policies and procedures of the business area being audited.
• B.business process supported by the system.
• C.availability reports associated with the cloud-based system.
• D.architecture and cloud environment of the system.

Comment: *

Name: *

Email: *

Verification: *