ais chapter 11

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which of the following security controls would best prevent unauthorized access to a firm's internal network?

Automatic log-off of inactive users

An information technology director collected the names and locations of key vendors, current hardware configuration, names of team members, and an alternative processing location. What is the director most likely preparing?

Disaster recovery plan

Which of the following does not represent a viable data backup method?

Disaster recovery plan

Which of the following outcomes is a likely benefit of information technology used for internal control?

Enhanced timeliness of information

Why would companies want to use digital signatures when conducting e-business?

It can authenticate the document sender and maintain data integrity

When client's accounts payable computer system was relocated, the administrator provided support through a dial-up connection to server. Subsequently, the administrator left the company. No changes were made to the accounts payable system at that time. Which of the following situations represents the greatest security risk?

User accounts are not removed upon termination of employees

Which of the following is a password security weakness?

Users are assigned passwords when accounts are created, but do not change them

Which of the following is not included in the remediation phrase for vulnerability management?

Vulnerability Prioritization

Select a correct statement regarding encryption methods?

When conducting e-business, most companies use both symmetric-key and asymmetric-key encryption methods

Integrity of information means the information is:

accurate and complete

In a large multinational organization, which of the following job responsibilities should be assigned to be network administrator?

Managing remote access

Why do Certificate Authority (CA) play an important role in a company's information security management?

Most companies use CA to manage their employees' public keys

Which of the following statements about asymmetric-key encryption is correct?

Most companies would like to use a Certificate Authority to manage the public keys of their employees

Which of the following statements regarding authentication in conducting e-business is incorrect?

One key is used for encryption and decryption purposes in the authentication process

When computer programs or files can be accessed from terminals, users should be required to enter a(n)

Password as a personal identification code

Fraud triangle includes incentive, opportunity and an attitude to rationalize the fraud

t

Information security is a critical factor in maintaining systems integrity.

t

Key distribution and key management are problematic under the symmetric-key encryption

t

One type of fault tolerance is using redundant units to provide a system the ability to continue functioning when part of the system fails.

t

The goal of information security management is to enhance the confidence, integrity and authority (CIA) of a firm's management.

t

The goal of information security management is to maintain confidentiality, integrity and availability of a firm's information.

t

Which of the following statements is incorrect about digital signature?

A digital signature is a message digest encrypted using the document creator's public key

Which of the following statements is incorrect?

A fraud prevention program should include an evaluation on the efficiency of business processes

Which of the following controls would most likely assure that a company can reconstruct its financial records?

Backup data are tested and stored safely

An entity doing business on the internet most likely could use any of the following methods to prevent unauthorized intruders from accessing proprietary information except:

Batch processing

Bacchus, Inc. is a larger multinational corporation with various business units around the world. After a fire destroyed the corporation headquarters and largest manufacturing site, plans for which of the following would help Bacchus ensure a timely recovery?

Business continuity

A disaster recovery approach should include which of the following elements:

Regular backups

Which of the following statement present an example of a general control for a computerized system?

Restricting access to the computer center by use of biometric devices

What is the primary objective of data security controls?

To ensure that data storage media are subject to authorization prior to access, change, or destruction

To prevent invalid data input, a bank added an extra number at the end of each account number and subjected the new number to an algorithm. This technique is known as:

check digit verification

A company's audit committee is responsible for fraud risk assessments.

f

Asymmetric-key encryption is suitable for encrypting large data sets or messages

f

Disaster recovery planning and business continuity management are preventive controls

f

Encryption and hashing are similar process to maintain data confidentiality

f

Spam is a self-replicating program that runs and spreads by modifying other programs or files.

f

Symmetric-key encryption method is used to authenticate users.

f

Virus is a self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself.

f

Certificate Authority (CA) issues digital certificates to bond the subscriber with a public key and a private key.

t

Encryption is a preventive control ensuring data confidentiality and privacy during transmission and for storage.

t


Set pelajaran terkait

SNCOA Module 1 Lesson 1: Successful Learning

View Set

Test 1 - Chapter 22: The Child with Gastrointestinal Dysfunction (Threats to NUTRITION)

View Set

Chapter 2: Managerial Accounting & Cost Concepts

View Set

Nursing Fundamental Chapter 42 self concept PREP U 8

View Set

20: Ch 9 - Application International Trade

View Set