Why is the WAP gateway a component warranting critical concern and review for the IS auditor
when auditing and testing controls enforcing message confidentiality?

When reviewing print systems spooling, an IS auditor is MOST concerned with which of the
following vulnerabilities?

In order to properly protect against unauthorized disclosure of sensitive data, how should hard disks
be sanitized?

How is the risk of improper file access affected upon implementing a database system?

The directory system of a database-management system describes:

What can be implemented to provide the highest level of protection from external attack?

Proper segregation of duties does not prohibit a quality control administrator from also being
responsible for change control and problem management. True or false?

Who should be responsible for network security operations?

Allowing application programmers to directly patch or change code in production programs
increases risk of fraud. True or false?

When should reviewing an audit client’s business plan be performed relative to reviewing an
organization’s IT strategic plan?