To determine who has been given permission to use a par…
To determine who has been given permission to use a particular system resource, an IS auditor
should review:
The GREATEST risk when end users have access to a datab…
The GREATEST risk when end users have access to a database at its system level, instead of
through the application, is that the users can:
Accountability for the maintenance of appropriate secur…
Accountability for the maintenance of appropriate security measures over information assets
resides with the:
Which of the following functions should be performed by…
Which of the following functions should be performed by the application owners to ensure an
adequate segregation of duties between IS and end users?
When reviewing the configuration of network devices, an…
When reviewing the configuration of network devices, an IS auditor should FIRST identify:
The MAIN reason for requiring that all computer clocks …
The MAIN reason for requiring that all computer clocks across an organization be synchronized is
to:
Which significant risk is introduced by running the fil…
Which significant risk is introduced by running the file transfer protocol (FTP) service on a server
in a demilitarized zone (DMZ)?
which of the following would be considered the GREATEST…
During the audit of a database server, which of the following would be considered the GREATEST
exposure?
Which of the following is a feature of Wi-Fi Protected …
Which of the following is a feature of Wi-Fi Protected Access (WPA) in wireless networks?
When reviewing an implementation of a VoIP system over …
When reviewing an implementation of a VoIP system over a corporate WAN, an IS auditor should
expect to find: