.How is the risk of improper file access affected upon implementing a database system?

• A.Risk varies.
• B.Risk is reduced.
• C.Risk is not affected.
• D.Risk is increased.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is reviewing IT policies and found that most policies have not been reviewed in over 3 years.
The MOST significant risk is that the policies do not reflect.

• A.The vision of the CEO
• B.Current industry best practices
• C.Current legal requirements
• D.The mission of the organization

Comment: *

Name: *

Email: *

Verification: *

An IS auditor should use statistical sampling and not judgment (nonstatistical) sampling, when:

• A.the probability of error must be objectively quantified.
• B.the auditor wishes to avoid sampling risk.
• C.generalized audit software is unavailable.
• D.the tolerable error rate cannot be determined.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important when an incident may lead to prosecution?

• A.Right to perform e-discovery
• B.Advice from legal counsel
• C.Preservation of evidence
• D.Adherence to incident response procedures

Comment: *

Name: *

Email: *

Verification: *

Which of the following weaknesses would have the GREATEST impact on the effective operation of a perimeter firewall?

• A.Use of stateful firewalls with default configuration
• B.Potential back doors to the firewall software
• C.Misconfiguration of the firewall rules
• D.Ad hoc monitoring of firewall activity

Comment: *

Name: *

Email: *

Verification: *