ACCT 308 exam 2
(CISA exam, adapted) To ensure confidentiality in an asymmetric-key encryption system, knowledge of which of the following keys is required to decrypt the receive the message? I. Private II. Public a. I b. II c. Both I and II d. Neither I nor II
a. I
What is a requirement of the proof of authority algorithm? a. a few members have known identities b a portion of the miner's blocks will be locked until it is validated c. large quantities of computer power are requires to solve a complex mathematical problem d. none of these are a requirement of the proof of authority algorithm
a. a few members have known identities
Which feature cannot be found in Bitcoin? a. double spend b. anyone can join and leave the bitcoin network at any time c. immutable history of transactions d. a new block is added every 10 minutes
a. double spend
Select a correct statement describing encryption or hashing process. a. encryption process is reversible b. hashing results are called message digests c. hashing process is used to obtain a digital signature d. encryption process is to maintain confidentiality e. all of the above are correct
a. encryption process is reversible
Match the descriptions with each encryption method: (i. symmetric-key encryption, ii. asymmetric-key encryption) a. good for large data sets b. slow in processing c. convenient for key distribution and and key management d. each user has a public key and a private key e. good for authentication
a. good for large data sets: i symmetric b. slow in processing: ii asymmetric c. convenient for key distribution and and key management: ii asymmetric d. each user has a public key and a private key: ii asymmetric e. good for authentication: : ii asymmetric
Identify the activities of vulnerability management and assessment. a. prioritize vulnerabilities b. design a risk response plan c. monitor vulnerabilities d. establish policy and requirements e. identify vulnerabilities i. vulnerability management ii. vulnerability assessment
a. ii b. i c. i d. i e. ii
Incentive to commit fraud usually will include all of the following, except: a. inadequate segregation of duties b. financial pressure c. personal habits and lifestyle d. feelings of resentment e. alcohol, drug, or gambling addicition
a. inadequate segregation of duties
Which of the following best describes a confusion matrix? a. it is a table summarizing the prediction results b. it has as many rows and columns as classifications to predict c. it can be used to calculate other performance metrics d. all of these e. none of these
a. it is a table summarizing the prediction results
Which of the following best describes the difference between AI and machine learning? a. machine learning is a subset of AI b. machine learning only applies to deep learning algortithms c. AI and machine learning are the same thing d. machine learning requires less data than AI
a. machine learning is a subset of AI
which of the following is not part of the virtuous cycle of machine learning? a. model b. learn. c. predict d. data e. none of these
a. model
Encryption is a: a. preventative control b. detective control c. corrective control d. two of the above are correct
a. preventative control
Which of the following best describes semi-supervised learning? a. the training data contain missing labels or incomplete data b. the training data match inputs to nodes in the network c. the training data contain input-output pairs d. the training data only include values e. none of these
a. the training data contain missing labels or incomplete data
Match correct statements with each term regarding system availability. a. Activities required to keep a firm running during a period of displacement or interruption of normal operations b. A process that identifies significant events that may threaten a firm's operations and outline the procedures to ensure that the firm will resume operations if such events occur c. A service model in which a third-party service provider offers computing resources, including hardware and software applications, to cloud users over the Internet, and the service provider charges on a per-user basis d. A clearly defined and documented plan that covers key personnel, resources including IT infrastructure and applications, and actions required to be carried out in order to continue or resume the systems for critical business functions e. Using redundant units to provide a system with the ability to continue functioning when part of the system fails f. A device using battery power to enable a system to operate long enough to back up critical data and shut down properly during the loss of power i. Uninterruptible power supply ii. Fault tolerance iii. Cloud computing iv. Disaster recovery planning v. Business continuity management
a. v b. iv c. iii d. iv e. ii f. i
Which of the following is not directly related to one of the five questions that machine learning/AI is best suited to answer? a. which business strategy will be most successful? b. is the firm a good merger candidate? c. what type of customer will like this new product d. how much can we sell this product for? e. none of these
a. which business strategy will be most successful?
If a confusion matrix shows 46 TP, 6 FUN, 500 TN, and 4 FP, what is the precision ration? a.0.90 b. .92 c. .98 d. 0.88 e. none of these
b. 0.92
Which organization created the Reporting on an Entity's Cybersecurity Risk Management Program and Controls: Attestation Guide in 2017? a. SEC b. AICPA c. US Congress d. Department of Homeland Security
b. AICPA
To prevent repudiation in conducting e-business, companies must be able to authenticate their trading partners. Which of the following encryption methods can be used for authentication purpose? a. symmetric-key encryption method b. asymmetric-key encryption method c. both symmetric-key and asymmetric-key encryption methods are good for authentication
b. asymmetric-key encryption method
Which of the following statements is false? a. private blockchain requires permission to join the network b. bitcoin uses smart contract to specify the business rules c. in ethereum, a new block is added evert 12 to 15 seconds d. blockchain transactions are immutable
b. bitcoin uses smart contract to specify the business rules
Which of the following best describes deep learning? a. deep learning is used to solve philosophical problems. b. deep learning involves complex, multilayer neural networks c. deep learning is different from machine learning in fundamental ways d. deep learning provides more output values than machine learning e. none of these
b. deep learning involves complex, multilayer neural networks
In the Ethereum network: a. transaction fees are higher than bitcoin b. mining of ether occurs at a constant rate c. because a smart contract describes business rules and is also flexible for different industries, it can be modified to fit the business after ablock is inserted to the ethereum network d. miner uses SHA256 to determine if a block is a valid block
b. mining of ether occurs at a constant rate
To authenticate the message sender in an asymmetric-key encryption system, which of the following keys is required to decrypt the received message? a. sender's private key b. sender's public key c. receiver's private key d. receiver's public key
b. sender's public key
(CISE exam, adapted) Authentication is the process by which the: a. system verifies that the user entitled to enter the transaction requested b. system verifies the identity of the user c. use identifies him- or herself to the system d. user indicates to the system that the transaction was processed correctly
b. system verifies the identity of the user
What is fault tolerance? a. a policy allowing employees to make mistakes b. using redundant units to continue functioning when a system is failing c. an application that can detect mistakes and correct mistakes automatically d. two of the above are correct
b. using redundant units to continue functioning when a system is failing
If a confusion matrix shows 46 TP, 6 FUN, 500 TN, and 4 FP, what is the accuracy ratio? a. 0.90 b. 0.92 c. 0.98 d. 0.88 e. none of these
c. 0.98
If a confusion matrix shows 25 TP, 5 FN, 1000 TN, and 5 FP, what is the accuracy ratio? a. 0.90 b. 0.92 c. 0.99 d. 0.83 e. none of these
c. 0.99
Which of the following is not true with respect to artificial intelligence? a. AI is a broad field in CS b. AI is intelligence exhibited by machines rather than humans c. AI began in the 1990's d. AI is also called cognitive technologies e. none of these are true
c. AI began in the 1990's
Which of the following statements is false? a. a distributed ledger contains many copies of the same ledger b. a distributed ledger stores the same set of transaction records c. because a distributed ledger exists in a blockchain network, a computer consisting of all transaction records may crash and cause the syncing issue in the blockchain network d. a transaction record cannot be added to the blockchain unless there is network consensus
c. because a distributed ledger exists in a blockchain network, a computer consisting of all transaction records may crash and cause the syncing issue in the blockchain network
Business continuity management is a: a. preventative control b. detective control c. corrective control d. two of the above are correct
c. corrective control
Disaster recovery plan is a: a. preventive control b. detective control c. corrective control d. two of the above are correct
c. corrective control
Which of the following statements is correct? a. a spam will send a network packet that appears to come from a source other than its actual source b. multi-factor authentication is less secure than requiring a user always entering a password to access a network c. fault tolerance uses redundant units to provide a system with the ability to continue functioning when parts of the system fails
c. fault tolerance uses redundant units to provide a system with the ability to continue functioning when parts of the system fails
A message digest is the result of hashing. Which of the following statements about the hashing process is true? a. it is reversible b. comparing the hashing results can ensure confidentiality c. hashing is the best approach to make sure that two files are identical d. none of the above is true
c. hashing is the best approach to make sure that two files are identical
a digital certificate: a. is used to certify public and private key pairs b. is a trusted entity to certify and revoke Certificate Authorities (CA) c. indicates that the subscriber identified has sole control and access to the private key d. ensures that the symmetric-key encryption method functions well
c. indicates that the subscriber identified has sole control and access to the private key
Which of the following best describes machine learning? a. machine learning is driven by programming instructions. b. machine learning is a different branch of computer sciende from AI c. machine learning is a technique where a software model is trained using data d. machine learning is the ability of a machine to think on its own. e. none of these
c. machine learning is a technique where a software model is trained using data
Ben goes to his bank to wire transfer $1,000 to his sister Jennifer. The role of the bank in this transaction is best described as: a. Miner b. blockchain c. middleman d. consensus
c. middleman
which of the following best describes artificial neural networks? a. training a neural network involves the use of real-world data b. deep learning is required for a neural network c. neural networks consist of inputs, neurons or nodes, and outputs d. neural networks only have two layers e. none of these
c. neural networks consist of inputs, neurons or nodes, and outputs
Which of the following best describes supervised learning? a. the training data contain missing labels or incomplete data. b. the training data match inputs to nodes in the network c. the training data contain input-output pairs. d. the training data only include input values e. none of these
c. the training data contain input-output pairs.
If a confusion matrix shows 25 TP, 5 FN, 1000 TN, and 5 FP, what is the precision ratio? a. 0.90 b. 0.92 c. 0.99 d. 0.83 e. none of these
d. 0.83
If a confusion matrix shows 25 TP, 5 FN, 1000 TN, and 5 FP, what is the recall ratio? a. 0.90 b. 0.92 c. 0.99 d. 0.83 e. none of these
d. 0.83
If a confusion matrix shows 46 TP, 6 FUN, 500 TN, and 4 FP, what is the recall ration? a. 0.90 b. 0.92 c. 0.98 d. 0.88 e. none of these
d. 0.88
Which of the following groups/laws was the earliest to encourage auditors to incorporate fraud examination into audit programs? a. COSO b. COBIT c. PCAOB d. SAS No. 99 e. Sarbanes-Oxley Act
d. SAS No. 99
Regarding GDPR, which of the following statements is/are correct? a. it is a regulation enforced by EU b. it is to protect EU citizens' personal data c. it is not relevant to the companies in the US d. a and b are correct e. a, b, an c are all correct
d. a and b are correct
When we refer to a smart contract in blockchain, we mean: a. a contract that can be edited at any time for business rules b. a digital copy of paper contract such as a word file c. a digital contract that can be distributed to the participants with all terms defined d. a piece of software code that can be executed or triggered by business activities
d. a piece of software code that can be executed or triggered by business activities
Select a correct statement regarding encryption methods. a. most companies prefer using a asymmetric-key encryption method for data transmission. b. symmetric-key encryption method is used to authenticate trading partners c. only asymmetric-key encryption method is used to create digital confidentiality d. asymmetric-key encryption method is used to create digital signatures
d. asymmetric-key encryption method is used to create digital signatures
Which of the following is created mainly for cryptocurrency application? a. ethereum b. hyperledger c. corda d. bitcoin
d. bitcoin
Which of the following can be considered as a good alternative to back up data and applications? a. continuous monitoring b. disaster recovery planning c. business continuity management d. cloud computing
d. cloud computing
A selected set of organizations may run a blockchain node separately for keeping the transaction records. Administrators from the organizations establish the access rights and permissions for each participant. This type of blockchain is often called: a. public blockchain b. permissionless blockchain c. private blockchain d. consortium blockchain
d. consortium blockchain
An information technology director colecte the names and locations of key vendors, current hardware configuration, names of team members, and an alternative processing location. What is director most likely preparing? a. internal control policy b. system hardware policy c. system security policy d. disaster recovery plan e. supply chain management policy
d. disaster recovery plan
Comparing encryption with hashing, a. hashing process is reversible b. encryption is used to ensure data integrity c. hashing results are large data d. encryption results are called cyphertest
d. encryption results are called cyphertest
Which of the following statements is false? a. hyperledger is an open source blockchain platform created by the Linus foundation b. hyperledger is a permissioned blockchain with capabilities of handling smart contracts c. the main objective of hyperledger is to achieve cross-industry collaboration with blockchain technology d. hyperledger is a public blockchain
d. hyperledger is a public blockchain
The fraud triangle indicates which of the following conditions exist for a fraud to be perpetrated? a. rationalization b. pressure c. legal environment d. only a and b are correct e. a, b, and c are correct
d. only a and b are correct
To ensure the data sent over the internet are protected, which of the following kes is required to encrypt the data (before transmittion) using an asymmetric-key encryption method? a. sender's private key b. sender's public key c. receiver's private key d. receiver's public key
d. receiver's public key
(CMA exam, adapted) Data processing activities may be classified in terms of three stages of processes: input, processing, and output. An activity that is not normally associated with the input state is: a. batching b. recording c. verifying d. reporting
d. reporting
Which of the following statements is true? a. Because blockchain transactions are stored in chronological order, you may trace a block from an earlier transaction block to the most recent block in the blockchain b. both permissioned and public blockchains need miners to determine which transaction block should be added next. c. ethereum is a private blockchain d. smart contract was introduced in ethereum
d. smart contract was introduced in ethereum
Which of the following best describes reinforcement learning? a. the model determines how elements of the dataset are alike b. the training data match inputs to nodes in the network c. the training data contain input-output pairs d. the model learns by trial and error e. none of these
d. the model learns by trial and error
Which of the following best describes unsupervised learning? a. the training data contain missing labels or incomplete data b. the training data match inputs to nodes in the network c. the training data contain d. the training data only include values e. none of these
d. the training data only include values
Which of the following vulnerabilities would create the most serious risk to a firm? a. using open source software (downloaded for free) on the firm's network b. employees recording passwords in excel files c. employees writing instant messages with friends during office hours d. unauthorized access to the firm's network
d. unauthorized access to the firm's network
The symmetric key encryption method: a. is slow b. is not appropriate for encryption large data sets c. solves problems in key distribution and key management d. uses the same key for both senders and receivers for encryption and decryption
d. uses the same key for both senders and receivers for encryption and decryption
what information does a block in the bitcoin network not contain? a. the sender b. the receiver c. the quantity of bitcoins to transfer d. a and b e. none, a block contains all of this information
e. none, a block contains all of this information