Question details

CIS430 Unit 7 Quiz C16 Latest 2017
$ 5.00

Question 1

In regard to data base backup the auditor's objective is to verify that the database controls are adequate to facilitate the recovery of lost, destroyed or corrupted data



Question 2

A user’s application may consist of several modules stored in separate memory locations, each with its own data. One module must not be allowed to destroy or corrupt another module. This is an objective of

operating system controls

data resource controls

computer center and security controls

application controls

Question 3

Audit trails can be used to support system security by:

Detecting unauthorized access to the system

Facilitating the reconstruction of events

Promoting personal accountability

All of the above.

Question 4

A program whose sole purpose is to capture IDs and passwords from unsuspected users is called:



Trojan horse

logic bomb

Question 5

Reviewing database authority tables is a(n)

access control

organizational structure control

data resource control

operating resource control

Question 6

In regard to controlling access privileges which of the following is false?

The systems administrator or the owner of the resource (system) normally assigns the access privilege

User access privileges are assigned to indivuduals or to entire user workgroups

User access privileges determine what files can be accessed and what can be done to those files

Because of the nature of computerized systems, management need not be concerned with assigning access privileges that are incompatible with assigned duties

Question 7

In reference to Electronic Data Interchanges (EDI) which of the following is false?

Both the customer and the supplier must establish that the transaction being processed is to (or from) a valid trading partner and is authorized

EDI trading partners must permit a degree of access to private files that would be forbidden in the traditional environment

The EDI process makes use of periodic human intervention to insure adequate internal control


Question 8

Which of the following techniques is not normally considered a way to reduce malicious and destructive computer programs

Purchase software only from reputable vendors

Have an organization wide policy prohibiting the use of unauthorized software

Prevent illegal access through a password system

Examine all vendor software upgrades and public domain software for viruses before installing



Available solutions