An IS auditor is evaluating the security of an organization's data backup process which includes the transmission of daily incremental backups to a public cloud provider Which of the following findings poses the GREATEST risk to the organization?
Correct Answer: B
Question 382
Host Based ILD&P primarily addresses the issue of:
Correct Answer: D
Section: Protection of Information Assets Explanation: Information Leakage Detection and Prevention (ILD&P) is a computer security term referring to systems designed to detect and prevent the unauthorized transmission of information from the computer systems of an organization to outsiders. Network ILD&P are gateway-based systems installed on the organization's internet network connection and analyze network traffic to search for unauthorized information transmissions. Host Based ILD&P systems run on end-user workstations to monitor and control access to physical devices and access information before it has been encrypted.
Question 383
Which of the following provides the BEST quality control for data being loaded into an organization's data warehouse?
Correct Answer: C
Question 384
In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?
Correct Answer: A
Reviewing the last compile date of production programs is the most efficient way to detect unauthorized changes to production programs, as it can quickly identify any discrepancies between the expected and actual dates of program modification. The last compile date is a timestamp that indicates when a program was last compiled or translated from source code to executable code. Any changes to the source code would require a recompilation, which would update the last compile date. The IS auditor can compare the last compile date of production programs with the authorized change requests and reports to verify that only approved changes were implemented. The other options are not as efficient as option A, as they are more time-consuming, labor-intensive or error-prone. Manually comparing code in production programs to controlled copies is a method of verifying that the code in production matches the code in a secure repository or library, but it requires access to both versions of code and a tool or technique to compare them line by line. Periodically running and reviewing test data against production programs is a method of verifying that the programs produce the expected outputs and results, but it requires designing, executing and evaluating test cases for each program. Verifying user management approval of modifications is a method of verifying that the changes to production programs were authorized and documented, but it does not ensure that the changes were implemented correctly or accurately. References: CISA Review Manual (Digital Version) , Chapter 4: Information Systems Operations and Business Resilience, Section 4.3: Change Management Practices.
Question 385
Which of the following is a good time frame for making changes to passwords?
Correct Answer: D
Explanation/Reference: Explanation: Passwords are the first defensive line in protecting your data and information. Your users need to be made aware of what a password provides them and what can be done with their password. They also need to be made aware of the things that make up a good password versus a bad password. A good password has mixed-case alphabetic characters, numbers, and symbols. Do use a password that is at least eight or more characters. You may want to run a ""password cracker"" program periodically, and require users to immediately change any easily cracked passwords. In any case ask them to change their passwords every 90 to 120 days.
