CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 335
1. An IS auditor discovers that developers have operator access to the command line of a production environment operating system. Which of the following controls would BEST mitigate the risk of undetected and unauthorized program changes to the production environment?
A) Commands typed on the command line are logged
B) Hash keys are calculated periodically for programs and matched against hash keys calculated for the most recent authorized versions of the programs
C) Access to the operating system command line is granted through an access restriction tool with preapproved rights
D) Software development tools and compilers have been removed from the production environment
2. Which of the following is MOST likely to result from a business process reengineering (BPR) project?
A) An increased number of people using technology
B) Significant cost savings, through a reduction in the complexity of information technology
C) A weaker organizational structures and less accountability
D) Increased information protection (IP) risk will increase
3. Which of the following is a telecommunication device that translates data from digital form to analog form and back to digital?
A) Multiplexer
B) Modem
C) Protocol converter
D) Concentrator
4. What is the PRIMARY purpose of audit trails?
A) To document auditing efforts
B) To correct data integrity errors
C) To establish accountability and responsibility for processed transactions
D) To prevent unauthorized access to data
5. A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it can:
A) Identify high-risk areas that might need a detailed review later
B) Reduce audit costs
C) Reduce audit time
D) Increase audit accuracy
A) Commands typed on the command line are logged
B) Hash keys are calculated periodically for programs and matched against hash keys calculated for the most recent authorized versions of the programs
C) Access to the operating system command line is granted through an access restriction tool with preapproved rights
D) Software development tools and compilers have been removed from the production environment
2. Which of the following is MOST likely to result from a business process reengineering (BPR) project?
A) An increased number of people using technology
B) Significant cost savings, through a reduction in the complexity of information technology
C) A weaker organizational structures and less accountability
D) Increased information protection (IP) risk will increase
3. Which of the following is a telecommunication device that translates data from digital form to analog form and back to digital?
A) Multiplexer
B) Modem
C) Protocol converter
D) Concentrator
4. What is the PRIMARY purpose of audit trails?
A) To document auditing efforts
B) To correct data integrity errors
C) To establish accountability and responsibility for processed transactions
D) To prevent unauthorized access to data
5. A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it can:
A) Identify high-risk areas that might need a detailed review later
B) Reduce audit costs
C) Reduce audit time
D) Increase audit accuracy
1. Right Answer: B
Explanation: The matching of hash keys over time would allow detection of changes to files. Choice A is incorrect because having a log is not a control, reviewing the log is a control. Choice C is incorrect because the access was already granted-it does not matter how. Choice D is wrong because files can be copied to and from the production environment.
2. Right Answer: A
Explanation: A BPR project more often leads to an increased number of people using technology, and this would be a cause for concern. Incorrect answers:B. As BPR is often technology oriented, and this technology is usually more complex and volatile than in the past, cost savings do not often materialize in this area.D. There is no reason for IP to conflict with a BPR project, unless the project is not run properly.
3. Right Answer: B
Explanation: A modem is a device that translates data from digital to analog and back to digital.
4. Right Answer: C
Explanation: The primary purpose of audit trails is to establish accountability and responsibility for processed transactions.
5. Right Answer: C
Explanation: A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it can identify high-risk areas that might need a detailed review later.
Explanation: The matching of hash keys over time would allow detection of changes to files. Choice A is incorrect because having a log is not a control, reviewing the log is a control. Choice C is incorrect because the access was already granted-it does not matter how. Choice D is wrong because files can be copied to and from the production environment.
2. Right Answer: A
Explanation: A BPR project more often leads to an increased number of people using technology, and this would be a cause for concern. Incorrect answers:B. As BPR is often technology oriented, and this technology is usually more complex and volatile than in the past, cost savings do not often materialize in this area.D. There is no reason for IP to conflict with a BPR project, unless the project is not run properly.
3. Right Answer: B
Explanation: A modem is a device that translates data from digital to analog and back to digital.
4. Right Answer: C
Explanation: The primary purpose of audit trails is to establish accountability and responsibility for processed transactions.
5. Right Answer: C
Explanation: A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it can identify high-risk areas that might need a detailed review later.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment