|
|
| Q.1 |
Which statement is correct? |
| Ans |
a) |
A digital signature is an electronic identification of a person or entity created by using a public key algorithm and intended to verify to a recipient the integrity of the data and the identity of the sender. |
| |
b) |
A digital signature is an electronic identification of a person or entity crated by using a private key algorithm and intended to verify to a sender the integrity of the data and the identity of the receiver. |
| |
c) |
Scanning signature of the sender on the computer. |
| |
d) |
None of the above. |
|
| |
| Q.2 |
Which of the following types of Risks assumes and absence of the compensating control in the area being reviewed? |
| Ans |
a) |
Control Risk |
| |
b) |
Detection risk |
| |
c) |
Inherent risk |
| |
d) |
Sampling risk |
|
| |
| Q.3 |
In a business continuity plan (BCP) which of the following notification directories is the most important. |
| Ans |
a) |
Equipment and supply vendors |
| |
b) |
Insurance company agents |
| |
c) |
IContract personnel services |
| |
d) |
A prioritized contact list |
|
| |
| Q4. |
Which of the following network topologies yields the GREATEST redundancy in the event of the failure of the one node? |
| Ans |
a) |
Mesh |
| |
b) |
Star |
| |
c) |
Ring |
| |
d) |
Bus |
|
| |
| Q5. |
Which of the following would be most appropriate to ensure the confidentiality of transactions initiated via Internet? |
| Ans |
a) |
Digital Signature |
| |
b) |
Data encryption standard (DES) |
| |
c) |
Virtual private network (VPN) |
| |
d) |
Public key encryption |
|
| |
| Q6. |
An IS auditor reviewing to log the log failed logon attempts would be most concerned if they targeted which of the following accounts? |
| Ans |
a) |
Network administrator |
| |
b) |
System administrator |
| |
c) |
Data administrator |
| |
d) |
Database administrator |
|
| |
| Q7. |
Which of the following concerns about the security of an electronic message would be addressed by digital signature? |
| Ans |
a) |
Unauthorized reading |
| |
b) |
Theft |
| |
c) |
Unauthorized copying |
| |
d) |
Alteration |
|
| |
| Q8. |
Software quality assurance (SQA) is a management process that aids |
| Ans |
a) |
Adherence to development standards |
| |
b) |
Performance of system test |
| |
c) |
Identification of system requirements |
| |
d) |
Specification of detailed design |
|
| |
| Q9. |
IT Governance ensures that an organization aligns its IT strategy with |
| Ans |
a) |
Enterprise objectives |
| |
b) |
IT objectives |
| |
c) |
IAudit objectives |
| |
d) |
Control objectives |
|
| |
| Q10. |
Which of the following is used to ensure that batch data are completely and accurately transferred between two systems? |
| Ans |
a) |
Check digit |
| |
b) |
Control total |
| |
c) |
Check sum |
| |
d) |
Control account |
|
| |
| Q11. |
Which of the following transmission media provides resistance to lightning induced interference |
| Ans |
a) |
Twisted pair |
| |
b) |
Fiber optic |
| |
c) |
Coaxial cables |
| |
d) |
Radio system |
|
| |
| Q12. |
An IS auditor when reviewing a network used for Internet communication will first examine the |
| Ans |
a) |
Validity of password change occurrences |
| |
b) |
Architecture of the client –server application |
| |
c) |
Network architecture and design |
| |
d) |
Firewall protection and proxy servers |
|
| |
| Q13. |
Which statement is correct regarding digital envelop? |
| Ans |
a) |
The process of encrypting the bulk data using symmetric key cryptography, and encrypting the symmetric key with a public key algorithm. |
| |
b) |
The process of encrypting the bulk data using asymmetric key cryptography and
encrypting the message digest with symmetric key. |
| |
c) |
The process of encrypting the bulk data using asymmetric cryptography and encrypting the symmetric key with a private key algorithm. |
| |
d) |
None of the above |
|
| |
| Q14. |
Classification of information system is essential in BCP. Which of the following system types cannot be replaced by manual methods? |
| Ans |
a) |
Critical system |
| |
b) |
Vital system |
| |
c) |
Sensitive system |
| |
d) |
Non-critical system |
|
| |
| Q15 |
The application test plans are developed in which of the following systems development life cycle (SDLC) phases? |
| Ans |
a) |
Design |
| |
b) |
Testing |
| |
c) |
Requirement |
| |
d) |
Development |
|
| |
| Q16. |
Encryption is not applicable in which layer of the OSI Model? |
| Ans |
a) |
Physical layer |
| |
b) |
Application layer |
| |
c) |
Presentation layer |
| |
d) |
Session layer |
|
| |
| Q17. |
Digital signature ensures |
| Ans |
a) |
Data integrity |
| |
b) |
Authentication |
| |
c) |
Replay protection |
| |
d) |
All of the above |
|
| |
| Q18. |
Encryption is applicable to which layer of the OSI model |
| Ans |
a) |
Application layer |
| |
b) |
Presentation layer |
| |
c) |
Session layer |
| |
d) |
All of the above |
|
| |
| Answers. |
- A
- C
- D
- A
- D
- B
- D
- A
- A
- B
- B
- C
- A
- A
- A
- A
- D
- D
|
| |
| |
