Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
68 Cards in this Set
- Front
- Back
|
1. Concerning virtual private networks (VPN), which of the following is not true?
a) VPNs provide the functionality of a privately owned network using the Internet. b) Using VPN software to encrypt information while it is in transit over the Internet in effect creates private communication channels, often referred to as tunnels, which are accessible only to those parties possessing the appropriate encryption and decryption keys. c) The cost of the VPN software is much less than the cost of leasing or buying the infrastructure (telephone lines, satellite links, communications equipment, etc.) needed to create a privately owned secure communications network. d) It is more expensive to reconfigure VPNs to include new sites than it is to add or remove the corresponding physical connections in a privately owned network. |
d) It is more expensive to reconfigure VPNs to include new sites than it is to add or remove the corresponding physical connections in a privately owned network.
|
|
|
2. The goal of information systems controls is
a) To ensure that systems objectives are met. b) To ensure that systems function c) To ensure that systems are reliable. d) To ensure that data are confidential. |
c) To ensure that systems are reliable.
|
|
|
3. Which of the following is not one of the 10 internationally recognized best practices for protecting the privacy of customers' personal information?
a) Choice and consent. b) Disclosure to third parties. c) Reimbursement. d) Use and retention. |
c) Reimbursement.
|
|
|
4. Which of the following is not one of the 10 internationally recognized best practices for protecting the privacy of customers' personal information?
a) Access. b) Monitoring and enforcement. c) Registration. d) Security. |
c) Registration.
|
|
|
5. A text file created by a website and stored on a visitor's hard disk.
a) Validity check b) Spam c) Error log d) Cookie |
d) Cookie
|
|
|
6. Forms design is an example of this type of control.
a) Data entry controls b) Data transmission controls c) Output controls d) Source data controls |
d) Source data controls
|
|
|
7. Sequentially pre-numbered forms is an example of .
a) Data entry controls b) Data transmission controls c) Processing controls d) Source data controls |
d) Source data controls
|
|
|
8. Message acknowledgement techniques are an example of
a) Data entry controls b) Data transmission controls c) Output controls d) Processing controls |
b) Data transmission controls
|
|
|
9. File labels are an example of
a) Data entry controls b) Output controls c) Processing controls d) Source data controls |
c) Processing controls
|
|
|
10. Turnaround documents are an example of
a) Data entry controls b) Output controls c) Processing controls d) Source data controls |
d) Source data controls
|
|
|
11. Input validation checks are an example of
a) Data entry controls b) Data transmission controls c) Output controls d) Source data controls |
a) Data entry controls
|
|
|
12. Parity checks are an example of
a) Data entry controls b) Data transmission controls c) Output controls d) Processing controls |
b) Data transmission controls
|
|
|
13. Error logs and review are an example of
a) Data entry controls b) Data transmission controls c) Output controls d) Processing controls |
a) Data entry controls
|
|
|
14. Visual scanning is an example of
a) Data entry controls b) Output controls c) Processing controls d) Source data controls |
d) Source data controls
|
|
|
15. User reviews are an example of
a) Data entry controls b) Data transmission controls c) Output controls d) Processing controls |
c) Output controls
|
|
|
16. Data matching is an example of
a) Data entry controls b) Data transmission controls c) Processing controls d) Source data controls |
c) Processing controls
|
|
|
17. Batch totals are an example of
a) Data entry controls b) Data transmission controls c) Output controls d) Processing controls |
a) Data entry controls
|
|
|
18. Check digit verification is an example of
a) Data transmission controls b) Output controls c) Processing controls d) Source data controls |
d) Source data controls
|
|
|
19. Data conversion checks are an example of
a) Data entry controls b) Output controls c) Processing controls d) Source data controls |
c) Processing controls
|
|
|
20. This determines if the characters in a field are of the proper type.
a) Field check b) Limit check c) Range check d) Reasonableness test |
a) Field check
|
|
|
21. This ensures that the input data will fit into the assigned field.
a) Limit check b) Range check c) Size check d) Validity check |
c) Size check
|
|
|
22. This tests a numerical amount to ensure that it does not exceed a predetermined value.
a) Completeness check b) Limit check c) Range check d) Sign check |
b) Limit check
|
|
|
23. This tests a numerical amount to ensure that it does not exceed a predetermined value nor fall below another predetermined value.
a) Completeness check b) Field check c) Limit check d) Range check |
d) Range check
|
|
|
24. This determines if all required data items have been entered.
a) Completeness check b) Field check c) Limit check d) Range check |
a) Completeness check
|
|
|
25. This compares the ID number in transaction data with similar data in the master file to verify that the account exists.
a) Reasonableness test b) Sign check c) Size check d) Validity check |
d) Validity check
|
|
|
26. This determines the correctness of the logical relationship between two data items.
a) Range check b) Reasonableness test c) Sign check d) Size check |
b) Reasonableness test
|
|
|
27. This batch processing data entry control tests if a batch of input data is in the proper numerical or alphabetical sequence.
a) Batch total b) Financial total c) Hash total d) Sequence check |
d) Sequence check
|
|
|
28. This batch processing data entry control sums a field that contains dollar values.
a) Batch total b) Financial total c) Hash total d) Sequence check |
b) Financial total
|
|
|
29. This batch processing data entry control sums a non-financial numeric field.
a) Batch total b) Financial total c) Hash total d) Sequence check |
c) Hash total
|
|
|
30. This batch processing data entry control sums the number of items in a batch.
a) Batch total b) Hash total c) Record count d) Sequence check |
c) Record count
|
|
|
31. This ensures that the correct and most current files are being updated.
a) Cross-footing balance test b) Data matching c) File labels d) Write-protect mechanism |
c) File labels
|
|
|
32. These find processing errors.
a) Cross-footing balance test b) File labels c) Recalculation of batch totals d) Write-protect mechanisms |
c) Recalculation of batch totals
|
|
|
33. This compares the results produced by more than one method to verify accuracy.
a) Concurrent update control b) Cross-footing balance test c) Data matching d) Recalculation of batch totals |
b) Cross-footing balance test
|
|
|
34. This protects records from errors that occur when two or more users attempt to update the same record simultaneously.
a) Concurrent update controls b) Cross-footing balance test c) Data conversion controls d) Recalculation of batch totals |
a) Concurrent update controls
|
|
|
35. The system and the receiving unit calculate a summary statistic and compare it.
a) Echo check b) Numbered batches c) Parity check d) Trailer record |
a) Echo check
|
|
|
36. This entails verifying that the proper number of bits are set to the value 1 in each character received.
a) Echo check b) Numbered batches c) Parity check d) Trailer record |
c) Parity check
|
|
|
37. Concerning availability, which of the following statements is true?
a) Human error does not threaten system availability. b) Proper controls can maximize the risk of threats causing significant system downtime. c) Threats to system availability can be completely eliminated. d) Threats to system availability include hardware and software failures as well as natural and man-made disasters. |
d) Threats to system availability include hardware and software failures as well as natural and man-made disasters.
|
|
|
38. This enables a system to continue functioning in the event that a particular component fails,
a) Backup procedures b) Fault tolerance c) Preventive maintenance d) None of the above |
b) Fault tolerance
|
|
|
39. Every organization should have a disaster recovery plan so that data processing capacity can be restored as smoothly and quickly as possible. Which item below would not typically be part of an adequate disaster recovery plan?
a) a system upgrade due to operating system software changes b) uninterruptible power systems installed for key system components c) scheduled electronic vaulting of files d) backup computer and telecommunication facilities |
a) a system upgrade due to operating system software changes
|
|
|
40. ________ involves copying only the data items that have changed since the last backup.
a) Archive b) Backup c) Differential backup d) Incremental backup |
d) Incremental backup
|
|
|
41. ________ copies all changes made since the last full backup.
a) Archive b) Backup c) Differential backup d) Incremental backup |
c) Differential backup
|
|
|
42. While this type of backup takes longer, it's restoration is simpler.
a) Archive b) Backup c) Differential backup d) Incremental backup |
c) Differential backup
|
|
|
43. A copy of a database, master file, or software that will be retained indefinitely as a historical record.
a) Archive b) Backup c) Differential backup d) Incremental backup |
a) Archive
|
|
|
44. A location that is pre-wired for necessary telecommunications and computer equipment.
a) a cold site b) a hot site c) a remote sister site d) a subsidiary location |
a) a cold site
|
|
|
45. A facility that contains all the computing equipment the organization needs to perform its essential business activities.
a) a cold site b) a hot site c) a remote sister site d) a subsidiary location |
b) a hot site
|
|
|
46. Which of the following is not the objective of a disaster recovery plan?
a) Minimize the extent of the disruption, damage or loss. b) Permanently establish an alternative means of processing information. c) Resume normal operations as soon as possible. d) Train employees for emergency operations. |
b) Permanently establish an alternative means of processing information.
|
|
|
47. The most important change management technique is probably
a) User rights and privileges are carefully monitored during change process. b) Changes tested thoroughly prior to implementation. c) All documentation is updated to reflect changes to the system. d) Adequate monitoring and review by top management. |
d) Adequate monitoring and review by top management.
|
|
|
48. Which of the following is not a useful control procedure to control access to system outputs?
a) Allowing visitors to move through the building without supervision. b) Coding reports to reflect their importance. c) Requiring employees to log out of applications when leaving their desk. d) Restricting access to rooms with printers. |
a) Allowing visitors to move through the building without supervision.
|
|
|
49. When a computer system's files are automatically duplicated on a second data storage system as they are changed, the process is referred to as
a) real-time mirroring. b) batch updating. c) consistency control. d) double-secure storage. |
a) real-time mirroring.
|
|
|
50. The accounting department at Synergy Hydroelectric records an average of 12,500 transactions per hour. By cost-benefit analysis, managers have concluded that the maximum acceptable loss of data in the event of a system failure is 25,000 transactions. The firm's recovery point objective is therefore
a) 25,000 transactions b) 12,500 transactions c) 1 hour d) 2 hours |
d) 2 hours
|
|
|
51. The accounting department at Synergy Hydroelectric records an average of 12,500 transactions per hour. By cost-benefit analysis, managers have concluded that the maximum acceptable loss of data in the event of a system failure is 25,000 transactions. If the firm's recovery time objective is 120 minutes, then the worst case recovery time objective is
a) 1 hour b) 2 hours c) 3 hours d) 4 hours |
d) 4 hours
|
|
|
52. The accounting department at Synergy Hydroelectric records an average of 10,000 transactions per hour. By cost-benefit analysis, managers have concluded that the maximum acceptable loss of data in the event of a system failure is 40,000 transactions. The firm's recovery point objective is therefore
a) 40,000 transactions b) 10,000 transactions c) 10 hours d) 4 hours |
d) 4 hours
|
|
|
53. The accounting department at Synergy Hydroelectric records an average of 10,000 transactions per hour. By cost-benefit analysis, managers have concluded that the maximum acceptable loss of data in the event of a system failure is 20,000 transactions. If the firm's recovery time objective is 60 minutes, then the worst case recovery time objective is
a) 1 hour b) 2 hours c) 3 hours d) 4 hours |
c) 3 hours
|
|
|
54. The maximum amount of time between backups is determined by a firm's
a) recovery time objective. b) recovery point objective. c) recovery objective. d) maximum time recovery objective. |
b) recovery point objective.
|
|
|
55. The maximum acceptable down time after a computer system failure is determined by a firm's
a) recovery time objective. b) recovery point objective. c) recovery objective. d) maximum time recovery objective. |
a) recovery time objective.
|
|
|
56. The Spontaneous Combustion Rocket Shoppe in downtown Fargo, North Dakota, generates three quarters of its revenue from orders taken over the Internet. The revenue clearing account is debited by the total of cash and credit receipts and credited by the total of storefront and Internet sales. This is an example of a
a) data integrity test. b) zero-balance test. c) trial balance audit. d) cross-footing balance test. |
b) zero-balance test.
|
|
|
57. Chaz Finnerty called the IT Help Desk in a huff. "I'm trying to open an Excel file and I get a message that says that the file is locked for editing. What's going on?" The answer is that
a) the file is corrupted due to a computer virus. b) there is no problem. Chaz is editing the file, so it is locked.. c) concurrent update controls have locked the file. d) Chaz didn't open the file with the appropriate program. |
c) concurrent update controls have locked the file.
|
|
|
58. A comparison of debits and credits in related control accounts is referred to as a
a) cross-footing balance test. b) parity test. c) zero-balance test. d) size check. |
c) zero-balance test.
|
|
|
59. When I enter a correct customer number, the data entry screen displays the customer name and address. This is an example of
a) prompting. b) preformatting. c) closed-loop verification d) error checking. |
c) closed-loop verification
|
|
|
60. What is the most effective way to ensure information system availability?
a) High bandwidth b) Maintain a hot site c) Maintain a cold site d) Frequent backups |
b) Maintain a hot site
|
|
|
61. Mike Colby took a call from a client. "Listen, Mike, I need to interact online in real time with our manufacturing operation in China, and I want to make sure that no one intercepts the communications. How can I do that?" Mike thought a moment, then responded with the best solution. "We'll set up a(an) ________."
a) ballistic sequencing network b) electronic courier system c) virtual private network d) can-string-can (CSC) system |
c) virtual private network
|
|
|
62. Modest Expectations Investment Services (MEIS) allows customers to manage their investments over the Internet. If customers attempt to spend more money than they have in their account, an error message is displayed. This is an example of a
a) reasonableness test. b) field check. c) validity check. d) limit check. |
d) limit check.
|
|
|
63. Mike Colby took a call from a client. "Listen, Mike, I need for my customers to make payments online using credit cards. Here's the thing, though. I want to make sure that no one intercepts the communications. How can I do that?" Mike thought a moment, then responded with the best solution. "We'll set up a(an) ________."
a) ballistic sequencing network b) electronic courier system c) secure sockets layer (SSL) system d) can-string-can (CSC) system |
c) secure sockets layer (SSL) system
|
|
|
64. Cancellation and storage of documents means that
a) data are copied from a document and stored, after which the document is shredded. b) documents are defaced before being shredded. c) documents are defaced and stored. d) cancellation data are copied from documents before they are stored. |
c) documents are defaced and stored.
|
|
|
65. The devices that direct TCP/IP packets to their destinations are called
a) servers. b) access points. c) routers. d) coaxial stackers. |
c) routers.
|
|
|
66. Devices that filter TCP/IP packets in order to protect against malicious code are called
a) routers. b) firewalls. c) COBIT frameworks. d) black ICE. |
b) firewalls.
|
|
|
67. Which of the following will not make a password more secure?
a) Including multiple character types b) Choosing a word or phrase that is easy to remember. c) Making a password longer. d) Change a password frequently. |
b) Choosing a word or phrase that is easy to remember.
|
|
|
68. Modest Expectations Investment Services (MEIS) allows customers to manage their investments over the Internet. If customers attempt to sell more shares of a stock than they have in their account, an error message is displayed. This is an example of a
a) reasonableness test. b) field check. c) validity check. d) limit check. |
d) limit check.
|
