Académique Documents
Professionnel Documents
Culture Documents
Chapter 3
requirements are
Chapter 3
Chapter 3
42. An executable module is about to be migrated from the test environment to the
production environment. Which of the following controls would MOST likely detect
an unauthorized modification to the module?
A. Object code comparison
B. Source code comparison
C. Timestamps
D. Manual inspection
43. Receiving an electronic data interchange (EDI) transaction and passing it through
the communications interface stage usually requires:
A. translating and unbundling transactions
B. routing verification procedures
C. passing data to the appropriate application system
D. creating a point of receipt audit log
44. Which of the following is NOT an application control likely to be found in an EDI
interface?
A. Hash totals
B. Echo checks
C. Record counts
D. Validity checks
45. Which of the following application controls indicate failures in input or processing
controls?
A. Process control procedures
B. Data file control procedures
C. Output control procedures
D. Data integrity tests
46. The PKI element that manages the certificate life cycle, including certificate
directory maintenance and certificate revocation list (CRL) maintenance and
publication is the:
A. certificate authority
B. digital certificate
C. certification practice statement
D. registration authority
47. Which of the following represents a typical prototype of an interactive application?
A. Screens and process programs
B. Screens, interactive edits and sample reports
C. Interactive edits process programs and sample reports
D. Screens, interactive edits, process programs and sample reports
48. All of the following are used as cost estimating techniques during the project
planning stage EXCEPT:
A. PERT charts
B. function points
C. delphi technique
D. expert judgment
Chapter 3
49. The PRIMARY reason for using digital signatures is to ensure data:
A. confidentiality
B. integrity
C. availability
D. timeliness
50. Which of the following statements pertaining to ISO 9000 is FALSE?
A. The standard covers all aspects of an organization that may affect customer
satisfaction
B. The standard covers both internal and external business processes
C. The standard defines a set of quality compliance requirements
D. The standard focuses heavily on documentation of activities
51. The primary goal of a web site certificate is:
A. authentication of the web site to be surfed through
B. authentication of the user who surfs through that site
C. preventing surfing of the web site by hackers
D. the same purpose as that of a digital certificate
52. An IS auditor performing a review of an applications controls would evaluate the:
A. efficiency of the application in meeting the business processes
B. impact of any exposures discovered
C. business processes served by the application
D. the applications optimization
53. The MAJOR concern for an IS auditor when reviewing an organizations business
process reengineering (BRP) efforts is:
A. cost overrun of the project
B. employees resistance to change
C. key controls may be removed from a business process
D. lack of documentation of new processes
54. Which of the following manages the digital certificate life cycle to ensure adequate
security and controls exist in digital signature applications related to e-commerce?
A. Registration authority
B. Certification authority
C. Certification relocation list
D. Certification practice statement
55. The impact of EDI on internal controls will be:
A. that fewer opportunities for review and authorization will exist
B. an inherent authentication
C. a proper distribution of EDI transactions while in the possession of third
parties
D. that IPF management will have increased responsibilities over data center
controls