Ensurepass

 

QUESTION 181

When should plans for testing for user acceptance be prepared? Choose the BEST answer.

 

A.

In the requirements definition phase of the systems-development project

B.

In the feasibility phase of the systems-development project

C.

In the design phase of the systems-development project

D.

In the development phase of the systems-development project

Correct Answer: A

Explanation:

Plans for testing for user acceptance are usually prepared in the requirements definition phase of the systems-development project.

 

 

QUESTION 182

Of the three major types of off-site processing facilities, what type is often an acceptable solution for preparing for recovery of noncritical systems and data?

 

A.

Cold site

B.

Hot site

C.

Alternate site

D.

Warm site

 

Correct Answer: A

Explanation:

A cold site is often an acceptable solution for preparing for recovery of noncritical systems and data.

 

 

QUESTION 183

The initial step in establishing an information security program is the:

 

A.

development and implementation of an information security standards manual.

B.

performance of a comprehensive security control review by the IS auditor.

C.

adoption of a corporate information security policy statement.

D.

purchase of security access control software.

 

Correct Answer: C

Explanation:

A policy statement reflects the intent and support provided by executive management for proper security and establishes a starting point for developing the security program.

 

 

QUESTION 184

What process allows IS management to determine whether the activities of the organization differ from the planned or expected levels? Choose the BEST answer.

 

A.

Business impact assessment

B.

Risk assessment

C.

IS assessment methods

D.

Key performance indicators (KPIs)

 

Correct Answer: C

Explanation:

IS assessment methods allow IS management to determine whether the activities of the organization differ from the planned or expected levels.

 

 

QUESTION 185

What is often assured through table link verification and reference checks?

 

A.

Database integrity

B.

Database synchronization

C.

Database normalcy

D.

Database accuracy

 

Correct Answer: A

Explanation:

Database integrity is most often ensured through table link verification and reference checks.

 

 

QUESTION 186

An intentional or unintentional disclosure of a password is likely to be evident within control logs. True or false?

 

A.

True

B.

False

 

Correct Answer: B

Explanation:

An intentional or unintentional disclosure of a password is not likely to be evident within control logs.

 

 

QUESTION 187

What process is used to validate a subject’s identity?

 

A.

Identification

B.

Nonrepudiation

C.

Authorization

D.

Authentication

 

Correct Answer: D

Explanation:

Authentication is used to validate a subject’s identity.

 

 

QUESTION 188

What can be used to help identify and investigate unauthorized transactions? Choose the BEST answer.

 

A.

Postmortem review

B.

Reasonableness checks

C.

Data-mining techniques

D.

Expert systems

 

Correct Answer: C

Explanation:

Data-mining techniques can be used to help identify and investigate unauthorized transactions.

 

 

QUESTION 189

Which of the following is a benefit of using callback devices?

 

A.

Provide an audit trail

B.

Can be used in a switchboard environment

C.

Permit unlimited user mobility

D.

Allow call forwarding

 

Correct Answer: A

Explanation:

A callback feature hooks into the access control software and logs all authorized and unauthorized access attempts, permitting the follow-up and further review of potential breaches. Call forwarding (choice D) is a means of potentially bypassing callback control. By dialing through an authorized phone number from an unauthorized phone number, a perpetrator can gain computer access. This vulnerability can be controlled through callback systems that are available.

 

 

QUESTION 190

The quality of the metadata produced from a data warehouse is _______________ in the warehouse’s design. Choose the BEST answer.

 

A.

Often hard to determine because the data is derived from a heterogeneous data environment

B.

The most important consideration

C.

Independent of the quality of the warehoused databases

D.

Of secondary importance to data warehouse content

 

Correct Answer: B

Explanation:

The quality of the metadata produced from a data warehouse is the most important consideration in the warehouse’s design.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.