Preview

Cisa

Better Essays
Open Document
Open Document
12601 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Cisa
1. A benefit of open system architecture is that it:
A. facilitates interoperability.
B. facilitates the integration of proprietary components.
C. will be a basis for volume discounts from equipment vendors.
D. allows for the achievement of more economies of scale for equipment.

ANSWER: A
NOTE: Open systems are those for which suppliers provide components whose interfaces are defined by public standards, thus facilitating interoperability between systems made by different vendors. In contrast, closed system components are built to proprietary standards so that other suppliers ' systems cannot or will not interface with existing systems.

2. An IS auditor discovers that developers have operator access to the command line of a production environment operating system. Which of the following controls would BEST mitigate the risk of undetected and unauthorized program changes to the production environment?
A. Commands typed on the command line are logged
B. Hash keys are calculated periodically for programs and matched against hash keys calculated for the most recent authorized versions of the programs
C. Access to the operating system command line is granted through an access restriction tool with preapproved rights
D. Software development tools and compilers have been removed from the production environment

ANSWER: B
NOTE: The matching of hash keys over time would allow detection of changes to files. Choice A is incorrect because having a log is not a control, reviewing the log is a control. Choice C is incorrect because the access was already granted—it does not matter how. Choice D is wrong because files can be copied to and from the production environment.

3. In the context of effective information security governance, the primary objective of value delivery is to:
A. optimize security investments in support of business objectives.
B. implement a standard set of security practices.
C. institute a standards-based solution.
D. implement a

You May Also Find These Documents Helpful

  • Satisfactory Essays

    a. The passwd file is used to keep to in track of every user on…

    • 368 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Nt1330 Unit 1 Study Guide

    • 508 Words
    • 3 Pages

    * Access control: Access to the password file is limited to one or a very few…

    • 508 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    4. When a computer is physically connected to a network port, manual procedures and/or an automated method must exist to perform what type of security functions at the Network Port and Data Switch level for access control? Name and define at least three.…

    • 1152 Words
    • 4 Pages
    Satisfactory Essays
  • Powerful Essays

    NT1430 Lab2 Joy Brewer

    • 989 Words
    • 4 Pages

    7. In terms of file or directory permissions, what does U-G-O stand for? User Group Other What are the 3 permission that can be given to a file or directory? r=read w=write x=execute…

    • 989 Words
    • 4 Pages
    Powerful Essays
  • Good Essays

    Implementing remote access will allow employees to telecommute which can bring down overhead costs and allow users the flexibility of accessing data outside of the office. In order to protect the data as well as users, audits and access control lists are to be implemented. Access Control allows the identity of the user to determine whether or not they are able to access certain file systems. In order for access control to work properly every user attempting to access the data will need to be entered into the system. Placing passwords on individual files will also provide an added layer of protection.…

    • 689 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Open standards are designed to create a fair market over which no one can take advantage over or monopolize. These standards are applied across all companies so that all devices are compatible with each other by a minimum standard. This allows a situation such as an OS X computer to access a website run by Linux-based web server. Open standards at the heart encourage interoperability, competition, and innovation, rather than restricted nature of proprietary standards.…

    • 538 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    Sandhu, R., & Samarati, P. (1996). Authentication, access control, and audit. ACM Computing Surveys (CSUR), 28(1), 241-243.…

    • 1478 Words
    • 5 Pages
    Powerful Essays
  • Good Essays

    Lesson 9

    • 673 Words
    • 3 Pages

    ___c____ 3. This Default Security Level in Software Restriction Policies will disallow any executable that requires administrative rights to run.…

    • 673 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Video Response Worksheet

    • 410 Words
    • 2 Pages

    Social Location/p.3: The group memberships that people have because of their location in history and society. The corners in life that people occupy because of their place in society. How jobs, income, education, gender, race-ethnicity, and age affect people’s ideas and behavior.…

    • 410 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    Access Control Lists

    • 3039 Words
    • 13 Pages

    This report will look at various access control methods used by Operating Systems (OS) to control user access to files on a computer and what they can do once they have gained access. In this first section I will look at methods such as Access Control Lists(ACL’s), Capabilities and Encrypting file systems(EFS) and which Operating Systems use these as well as the advantages and disadvantages they have over each other. The second part of my report will focus on one OS and explain in detail the methods it uses to control file access and how it works.…

    • 3039 Words
    • 13 Pages
    Powerful Essays
  • Good Essays

    Assignment from readings

    • 1211 Words
    • 5 Pages

    9-15. Identify one or more control procedures (either general or application controls, or both) that would guard against each of the following errors or problems.…

    • 1211 Words
    • 5 Pages
    Good Essays
  • Satisfactory Essays

    Capa

    • 464 Words
    • 2 Pages

    * What is CAPA? Corrective and Preventative Action (CAPA) is a system of quality procedures required to eliminate the causes of an existing nonconformity and to prevent recurrence of nonconforming product, processes, and other quality problems.…

    • 464 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Sample Cases

    • 1557 Words
    • 8 Pages

    a) Identify the internally generated documents and indicate the number of copies of each document that would be needed. Why?…

    • 1557 Words
    • 8 Pages
    Good Essays
  • Satisfactory Essays

    Auditing Problems Quiz

    • 11286 Words
    • 46 Pages

    ANSWER: Choice "c" is correct. When an entity transmits, processes, maintains, or accesses significant information electronically, some accounting data and source documents may be available only in electronic form, or only at a certain point in time. The auditor would generally perform tests of controls several times during the year to compensate for this limitation. Choice "a" is incorrect. Comparing a sample of paid vendors'…

    • 11286 Words
    • 46 Pages
    Satisfactory Essays
  • Good Essays

    BEC IT Homework

    • 475 Words
    • 2 Pages

    2. The most likely disadvantage for an entity that keeps data files prepared by personal computers rather than manually prepared files:…

    • 475 Words
    • 2 Pages
    Good Essays