True or false?
.Rather than simply reviewing the adequacy of access control, appropriateness of access policies,
and effectiveness of safeguards and procedures, the IS auditor is more concerned with effectiveness
and utilization of assets. True or false?
True or false?
.If a programmer has update access to a live system, IS auditors are more concerned with the
programmer’s ability to initiate or modify transactions and the ability to access production than with
the programmer’s ability to authorize transactions. True or false?
Choose the BEST answer.
.Organizations should use off-site storage facilities to maintain _________________ (fill in the blank)
of current and critical information within backup files. Choose the BEST answer.
.The purpose of business continuity planning and disaster-recovery planning is to:
.The purpose of business continuity planning and disaster-recovery planning is to:
which of the following is recommended?
.If a database is restored from information backed up before the last system image, which of the
following is recommended?
True or false?
.An off-site processing facility should be easily identifiable externally because easy identification
helps ensure smoother recovery. True or false?
Which of the following types of information would the information security manager expect to have the LOWEST l
Which of the following types of information would the information security manager expect to have the LOWEST level of security protection in a large, multinational enterprise?
Which of the following is the dominating objective of BCP and DRP?
.Which of the following is the dominating objective of BCP and DRP?
How can minimizing single points of failure or vulnerabilities of a common disaster best be controlled?
.How can minimizing single points of failure or vulnerabilities of a common disaster best be
controlled?
True or false?
.Mitigating the risk and impact of a disaster or business interruption usually takes priority over
transference of risk to a third party such as an insurer. True or false?