Which of the following should concern an IS auditor when reviewing security in a client-server environment?

• A.Protecting data using an encryption technique
• B.Preventing unauthorized access using a diskless workstation
• C.The ability of users to access and modify the database directly
• D.Disabling floppy drives on the users' machines

Comment: *

Name: *

Email: *

Verification: *

Which of the following system conversion strategies provides the GREATEST redundancy?

• A.Direct cutover
• B.Phased approach
• C.Parallel run
• D.Pilot study

Comment: *

Name: *

Email: *

Verification: *

Which type of major BCP test only requires representatives from each operational area to meet to review
the plan?

• A.Parallel
• B.Preparedness
• C.Walk-thorough
• D.Paper

Comment: *

Name: *

Email: *

Verification: *

An IS auditor reviewing the implementation of an intrusion detection system (IDS) should be MOST concerned if:

• A.IDS sensors are placed outside of the firewall.
• B.a behavior-based IDS is causing many false alarms.
• C.a signature-based IDS is weak against new types of attacks.
• D.the IDS is used to detect encrypted traffic.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be seen as one of the most significant factors considered when determining the frequency of IS audits within your organization?

• A.The cost of risk analysis
• B.The income generated by the business function
• C.Resource allocation strategy
• D.The nature and level of risk
• E.None of the choices.

Comment: *

Name: *

Email: *

Verification: *