Which of the following is the BEST approach for an organization desiring to protect its intellectual property?
Which of the following is the BEST approach for an organization desiring to protect its intellectual
property?
The GREATEST benefit in implementing an expert system is the:
The GREATEST benefit in implementing an expert system is the:
which of the following individuals has update rights to the database access control list (ACL)?
The “separation of duties” principle is violated if which of the following individuals has update
rights to the database access control list (ACL)?
By evaluating application development projects against the capability maturity model (CMM), an IS auditor shou
By evaluating application development projects against the capability maturity model (CMM), an IS
auditor should be able to verify that:
which of the following?
An account with full administrative privileges over a production file is found to be accessible by a
member of the software development team. This account was set up to allow the developer to
download nonsensitive production data for software testing purposes. The information security
manager should recommend which of the following?
The waterfall life cycle model of software development is most appropriately used when:
The waterfall life cycle model of software development is most appropriately used when:
Which would be the BEST recommendation to protect against phishing attacks?
Which would be the BEST recommendation to protect against phishing attacks?
This will MOST likely increase the likelihood of a successful:
During the review of a web-based software development project, an IS auditor realizes that coding
standards are not enforced and code reviews are rarely carried out. This will MOST likely increase
the likelihood of a successful:
Which of the following is the BEST indicator that an effective security control is built into an organization?
Which of the following is the BEST indicator that an effective security control is built into an
organization?
Which testing approach is MOST appropriate to ensure that internal application interface errors are identified
Which testing approach is MOST appropriate to ensure that internal application interface errors
are identified as soon as possible?