IT Auditing Exam 1

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Which of the following uses "engagements" to report on the evaluation of controls of third-party service businesses that host or process data on behalf of customers?

SOC

Which act, which consists of 11 "titles," mandated many reforms to enhance corporate responsibility, enhance financial disclosures, and prevent fraud?

Sarbanes-Oxley (SOX) Act

National Institute of Standards and Technology (NIST) security controls are classified as being preventive, detective, or __________.

Corrective

An IT infrastructure audit __________ is the system in a known acceptable state, with the applied minimum controls relative to the accepted risk.

Baseline

True or False: A security assessment is a method for proving the strength of a security system.

False

Regarding privacy, what is a common characteristic of "personal information"?

It can be used to identify a person

Which of the following is NOT an important step for conducting effective IT audit interviews?

Setting organizational goals during the interview

Which NIST IT security control category includes the following controls: identification and authorization, logical access control, audit trail, cryptography?

Technical

True or False: Whereas only qualified auditors issue opinions for security audits, anyone can perform a security assessment.

True

This is a widely used control framework for IT.

COBIT

Which of the following requires organizations to have an annual assessment by a Qualified Security Assessor (QSA)?

Payment Card Industry Data Security Standard (PCI DSS)

An acceptable use policy (AUP) is part of the _____________ Domain.

User

What term describes the identification, control, logging, and auditing of all changes made across the infrastructure?

configuration and change management

An unauthorized user has gained access to data and viewed it. What has been lost?

Confidentiality

Three IT security controls covered by the National Institute of Standards and Technology (NIST) include management, operational, and ______________ controls

Technical


संबंधित स्टडी सेट्स

Fundamentals - Hygiene and Wound Care (Ch. 32 and 33)

View Set

The Surrender Speech of Chief Joseph Vocabulary

View Set

W3 SQL Tutorial PART 1: SQL Intro - SQL Between

View Set

F307 Chapter 8: Introduction to Working Capital Management

View Set

Prokaryotic and Eukaryotic Cells

View Set

Anatomy Exam; (Unit 3) Nervous System

View Set

World History Developements In Art Flashcards | quizlet

View Set

contemporary connection: cedric yamanka

View Set