Ensurepass

 

QUESTION 141

Business process re-engineering often results in ______________ automation, which results in _____________ number of people using technology. Fill in the blanks.

 

A.

Increased; a greater

B.

Increased; a fewer

C.

Less; a fewer

D.

Increased; the same

 

Correct Answer: A

Explanation:

Business process re-engineering often results in increased automation, which results in a greater number of people using technology.

 

 

QUESTION 142

Which of the following is MOST is critical during the business impact assessment phase of business continuity planning?

 

A.

End-user involvement

B.

Senior management involvement

C.

Security administration involvement

D.

IS auditing involvement

 

Correct Answer: A

Explanation:

End-user involvement is critical during the business impact assessment phase of business continuity planning.

 

 

QUESTION 143

Whenever business processes have been re-engineered, the IS auditor attempts to identify and quantify the impact of any controls that might have been removed, or controls that might not work as effectively after business process changes. True or false?

 

A.

True

B.

False

 

Correct Answer: A

Explanation:

Whenever business processes have been re-engineered, the IS auditor should attempt to identify and quantify the impact of any controls that might have been removed, or controls that might not work as effectively after business process changes.

 

 

QUESTION 144

What type(s) of firewalls provide(s) the greatest degree of protection and control because both firewall technologies inspect all seven OSI layers of network traffic?

 

A.

A first-generation packet-filtering firewall

B.

A circuit-level gateway

C.

An application-layer gateway, or proxy firewall, and stateful-inspection firewalls

D.

An application-layer gateway, or proxy firewall, but not stateful-inspection firewalls

 

Correct Answer: C

Explanation:

An application-layer gateway, or proxy firewall, and stateful-inspection firewalls provide the greatest degree of protection and control because both firewall technologies inspect all seven OSI layers of network traffic.

 

QUESTION 145

What can be very helpful to an IS auditor when determining the efficacy of a systems maintenance program? Choose the BEST answer.

 

A.

Network-monitoring software

B.

A system downtime log

C.

Administration activity reports

D.

Help-desk utilization trend reports

 

Correct Answer: B

Explanation:

A system downtime log can be very helpful to an IS auditor when determining the efficacy of a systems maintenance program.

 

 

QUESTION 146

Proper segregation of duties normally does not prohibit a LAN administrator from also having programming responsibilities. True or false?

 

A.

True

B.

False

 

Correct Answer: B

Explanation:

Proper segregation of duties normally prohibits a LAN administrator from also having programming responsibilities.

 

 

QUESTION 147

What are intrusion-detection systems (IDS) primarily used for?

 

A.

To identify AND prevent intrusion attempts to a network

B.

To prevent intrusion attempts to a network

C.

Forensic incident response

D.

To identify intrusion attempts to a network

 

Correct Answer: D

Explanation:

Intrusion-detection systems (IDS) are used to identify intrusion attempts on a network.

 

 

QUESTION 148

An advantage of a continuous audit approach is that it can improve system security when used in time-sharing environments that process a large number of transactions. True or false?

 

A.

True

B.

False

 

Correct Answer: A

Explanation:

It is true that an advantage of a continuous audit approach is that it can improve system security when used in time-sharing environments that process a large number of transactions.

 

 

QUESTION 149

Which of the following do digital signatures provide?

 

A.

Authentication and integrity of data

B.

Authentication and confidentiality of data

C.

Confidentiality and integrity of data

D.

Authentication and availability of data

 

Correct Answer: A

Explanation:

The primary purpose of digital signatures is to provide authentication and integrity of datA.

 

 

QUESTION 150

Who is ultimately responsible and accountable for reviewing user access to systems?

 

A.

Systems security administrators

B.

Data custodians

C.

Data owners

D.

Information systems auditors

 

Correct Answer: C

Explanation:

Data owners are ultimately responsible and accountable for reviewing user access to systems.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.