IT Audit Exam 1 Prep

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Regarding privacy, what is a common characteristic of "personal information"?

It can be used to identify a person

Which act, which consists of 11 "titles," mandated many reforms to enhance corporate responsibility, enhance financial disclosures, and prevent fraud?

Sarbanes-Oxley (SOX) Act

A large financial organization wants to outsource its payroll function. Which of the following should the financial organization ensure the payroll company has?

SOC Report

An acceptable use policy (AUP) is part of the _____________ Domain.

User Domain

In an IT infrastructure, the end users' operating environment is called the _____________.

Workstation Domain

Which of the following best describes Control Objectives for Information and related Technology (COBIT)?

A framework providing best practices for IT governance and control

Which of the following best describes a prescriptive IT control?

Helps standardize IT operations and tasks

Assurance against unauthorized modification or destruction of data is the definition of:

Integrity

Which of the following requires organizations to have an annual assessment by a Qualified Security Assessor (QSA)?

Payment Card Industry Data Security Standard (PCI DSS)

Which of the following uses "engagements" to report on the evaluation of controls of third-party service businesses that host or process data on behalf of customers?

SOC

What term describes the identification, control, logging, and auditing of all changes made across the infrastructure?

Configuration and Change Management

Which of the following best describes a descriptive IT control?

Aligns IT with business goals

Which of the following best describes the Gramm-Leach-Bliley Act (GLBA)?

An act of Congress that prohibits banks from offering investment, commercial banking, and insurance services all under one umbrella

An organization creates policies and a framework for the application of controls. The organization then maps existing controls to each regulation to which it must comply. Thereafter, the organization performs a __________ to identify anything that is missing.

Gap Analysis

An unauthorized user has gained access to data and viewed it. What has been lost?

Confidentiality


संबंधित स्टडी सेट्स

English Grade 12, Vocabulary Unit 11

View Set

Number the Stars Chapters 1 and 2

View Set

ABEKA: American Government Appendix Quiz H

View Set