Show
Recommended textbook solutionsTopology2nd EditionJames Munkres 622 solutions Mathematical Proofs: A Transition to Advanced Mathematics3rd EditionAlbert D. Polimeni, Gary Chartrand, Ping Zhang 999 solutions
Numerical Analysis9th EditionJ. Douglas Faires, Richard L. Burden 873 solutions Excursions in Modern Mathematics8th EditionPeter Tannenbaum 983 solutions Recommended textbook solutions
The Language of Composition: Reading, Writing, Rhetoric2nd EditionLawrence Scanlon, Renee H. Shea, Robin Dissin Aufses 661 solutions
Literature and Composition: Reading, Writing,Thinking1st EditionCarol Jago, Lawrence Scanlon, Renee H. Shea, Robin Dissin Aufses 1,697 solutions
Technical Writing for Success3rd EditionDarlene Smith-Worthington, Sue Jefferson 468 solutions Technical Writing for Success3rd EditionDarlene Smith-Worthington, Sue Jefferson 468 solutions
Home Subjects Expert solutions Create Log in Sign up Upgrade to remove ads Only ₩37,125/year
Terms in this set (64)Which of the following is an advantage of a computer-based system for transaction processing over a manual system? A computer-based system Will be more efficient at producing financial statements. Which of the following is most likely a disadvantage for an entity that keeps data files prepared by personal computers rather than manually prepared files? It is usually easier for unauthorized persons to access and alter the files. Which of the following risks are greater in computerized systems than in manual systems? I, III, and IV. Your firm has recently converted its purchasing cycle from a manual process to an online computer system. Which of the following is a probable result associated with conversion to the new automatic system? Traditional duties are less segregated. Which of the following statements most accurately describes the impact that automation has on the controls normally present in a manual system? Controls must be more explicit in a computer-based system because many processing points that present opportunities for human judgment in a manual system are eliminated. Which of the following is a key difference in controls when changing from a manual system to a computer system? Methodologies for implementing controls change. Innovations in IT increase the importance of risk management because Information system security is continually subject to new threats. Which of the following characteristics distinguishes computer processing from manual processing? Computer processing virtually eliminates the occurrence of computational error normally associated with manual processing. As a result of technological developments facing businesses and CPAs, System boundaries are becoming less distinct. A small client recently put its cash disbursements system on a server. About which of the following internal control features would an auditor most likely be concerned? The server is operated by employees who have cash custody responsibilities. Which of the following is the best policy for the protection of a company's vital information resources from computer viruses? Prudent management procedures instituted in conjunction with technological safeguards. Spoofing is one type of malicious online activity. Spoofing is Identity misrepresentation in cyberspace. Attacks on computer networks may take many forms. Which of the following uses the computers of innocent parties infected with Trojan horse programs? A distributed denial-of-service attack. Which of the following control activities should be taken to reduce the risk of incorrect processing in a newly installed computerized accounting system? Independently verify the transactions. Matthews Corp. has changed from a system of recording time worked on clock cards to a computerized payroll system in which employees record time in and out with magnetic cards. The computer system automatically updates all payroll records. Because of this change, Part of the audit trail is altered.
A company's web server has been overwhelmed with a sudden surge of false requests that caused the server to crash. The company has most likely been the target of A denial of service attack. Which of the following is a computer program that appears to be legitimate but performs some illicit activity when it is run? Trojan horse.
Which of the following statements is inconsistent with the key principles of the COBIT 5 framework? Enterprise governance and management are treated as the same activity. Which of the following statements is true concerning the COBIT 5 framework? Information and organizational structures are among the enablers identified in COBIT 5. Which of the following statements is true regarding internal control objectives of information systems? A secure system may have inherent risks due to management's analysis of trade-offs identified by cost-benefit studies. A company permits employees to work from home using company-owned laptops. Which of the following competitive advantages does the company most likely obtain as a result of this decision? Availability. Which of the following statements is correct regarding information technology (IT) governance? A primary goal of IT governance is to balance risk versus return over IT and its processes. Review of the audit log is an example of which type of security control? Detective. Which of the following is a true statement regarding security over an entity's IT? Controls should exist to ensure that users have access to and can update only the data elements that they have been authorized to access. Controls in the information technology area are classified into the preventive, detective, and corrective categories. Which of the following is a preventive control? Access control software. An organization relied heavily on e-commerce for its transactions. Evidence of the organization's security awareness manual would be an example of which of the following types of controls? Preventive Which of the following activities would most likely detect computer-related fraud? Reviewing the systems-access log. Dora Jones, an auditor for Farmington Co., noted that the Acme employees were using computers connected to Acme's network by wireless technology. On her next visit to Acme, Jones brought one of Farmington's laptop computers with a wireless network card. When she started the laptop to begin work, Jones noticed that the laptop could view several computers on Acme's network and that she had access to Acme's network files. Which of the following statements is the most likely explanation? Acme was not using security on the network. When a client's accounts payable computer system was relocated, the administrator provided support through a dial-up connection to a server. Subsequently, the administrator left the company. No changes were made to the accounts payable system at that time. Which of the following situations represents the greatest security risk? User accounts are not removed upon termination of employees. What is the primary objective of data security controls? To ensure that storage media are subject to authorization prior to access, change, or destruction. A company began issuing handheld devices to key executives. Each of the following factors is a reason for requiring changes to the security policy except Convenience of the device. A retail store uses batch processing to process sales transactions. The store has batch control total and other control checks embedded in the information processing system of the sales subsystem. While comparing reports, an employee notices that information sent to the subsystem was not fully processed. Which of the following types of controls is being exercised by the employee? Detective Which of the following is an important senior management responsibility with regard to information systems security? Assessing exposures. What should be examined to determine if an information system is operating according to prescribed procedures? System control. A client installed the sophisticated controls using the biometric attributes of employees to authenticate user access to the computer system. This technology most likely replaced which of the following controls? Passwords. One of the major problems in a computer system is that incompatible functions may be performed by the same individual. One compensating control is the use of A computer log. All of the following are correct statements regarding general controls except Segregation of duties is less important because IT facilitates the separation of functions (authorization, recording, and access to assets). General
controls include I, II, III, IV, and V. Parity checks and echo checks are examples of Hardware controls. All of the following are adequate controls for protection against unauthorized access to sensitive information except System access log. All of the following are correct statements regarding a firewall except An application firewall is an adequate substitute for a network firewall. Which of the following statements presents an example of a general control for a computerized system? Restricting access to the computer center by use of biometric devices. An entity has many employees that access a database. The database contains sensitive information concerning the customers of the entity and has numerous access points. Access controls prevent employees from entry to those areas of the database for which they have no authorization. All salespersons have certain access permission to customer information. Which statement is true regarding the nature of the controls and risks? A salesperson's access to customer information should extend only to what is necessary to perform his or her duties. The two broad groupings of information systems control activities are general controls and application controls. General controls include controls For developing, modifying, and maintaining computer programs. The significance of hardware controls is that they Ensure the proper execution of machine instructions. Some data processing controls relate to all computer processing activities (general controls) and some relate to specific tasks (application controls). General controls include Controls for documenting and approving programs and changes to programs. General controls in an information system include each of the following except Logic tests. Authentication is the process by which the System verifies the identity of the user. When a user enters a certain entity's system, a series of questions is asked of the user, including a name and mother's birth date. These questions are primarily intended to provide Authentication of the user. A company wants to protect its IT system from unauthorized users accessing the system. Which of the following controls would best serve to mitigate this risk? A biometric device. Which of the following statements best characterizes the function of a physical access control? Separates unauthorized individuals from computer resources. An auditor was examining a client's network and discovered that the users did not have any password protection. Which of the following would be the best example of the type of network password the users should have? tR34ju78. A network firewall is designed to provide adequate protection against which of the following? Unauthenticated logins from outside users. Which of the following is a password security problem? Users are assigned passwords when accounts are created but do not change them. A client who recently installed a new accounts payable system assigned employees a user identification code (UIC) and a separate password. Each UIC is a person's name, and the individual's password is the same as the UIC. Users are not required to change their passwords at initial log-in, nor do passwords ever expire. Which of the following statements does not reflect a limitation of the client's computer-access control? Employees are not required to take regular vacations. Which of the following risks can be minimized by requiring all employees accessing the information system to use passwords? Firewall vulnerability. Which of the following security controls may prevent unauthorized access to sensitive data via an unattended workstation connected to a server? Automatic log-off of inactive users. Which of the following is the most effective user account management control in preventing the unauthorized use of a computer system? Employees are required to renew their accounts semiannually. Which of the following passwords would be most difficult to crack? O?Ca!FlSi Which of the following is an electronic device that separates or isolates a network segment from the main network while maintaining the connection between networks? Firewall The headquarters' computer of a certain entity maintains a matrix of user names and the files/programs the user can access as well as what the user can do to/with the file or program. This matrix is primarily intended to provide Authorization for processing. Which of the following classifications of security controls includes smoke detectors, generators, security guards, and ID badges? Physical Which of the following is a network security system that is used to control network traffic and to set up a boundary that prevents traffic from one segment from crossing over to another? Firewall. The firewall system that limits access to a computer by routing users to replicated Web pages is A proxy server. Sets with similar termsSU 15108 terms rhett_tucker5 Q7: 5.5/8.3/10.486 terms hzz1000 Audit Chapter 7, 8 and 931 terms michael_logrande MIS Chapter 860 terms lexee_miller8 Sets found in the same folderACCT 390 Quiz 147 terms macyalexandra5 ACCT 390 Chapter 12.4-12.650 terms macyalexandra5 ACCT 390 Chapter 13.1-432 terms macyalexandra5 ACCT 390 Chapter 13.5-663 terms macyalexandra5 Other sets by this creatorACCT 390 Final380 terms macyalexandra5 ACCT 304- Chapter 840 terms macyalexandra5 Chapter 7- Deductions56 terms macyalexandra5 ACCT 390 Chapter 15.5-646 terms macyalexandra5 Verified questionsSOCIOLOGY Describe the relationship between religion and political allegiance in the U.S. Verified answer
SOCIOLOGY How does telling a friend about a trip you took last summer show how language frees humans from the limits of time and place? Verified answer SOCIOLOGY How did the economic downturn of the early 2000s affect the jobs typically filled by former welfare recipients? Verified answer
SOCIOLOGY A group of lower-class youths are accused of a crime for behavior that higher-status teens have engaged in without punishment. What sociological term describes this process? Verified answer Recommended textbook solutionsAnderson's Business Law and the Legal Environment, Comprehensive Volume23rd EditionDavid Twomey, Marianne Jennings, Stephanie Greene 369 solutions
Operations Management13th EditionWilliam Stevenson 980 solutions
Information Technology Project Management: Providing Measurable Organizational Value5th EditionJack T. Marchewka 346 solutions Service Management: Operations, Strategy, and Information Technology7th EditionJames Fitzsimmons, Mona Fitzsimmons 103 solutions Other Quizlet setsMorph quiz 323 terms yetigirl1414 introduction to economics12 terms HMGstudentPLUS The Child with Cardiovascular Dysfunction (Study G…56 terms AngrybearzPLUS Ph-E2-Adrenergic-Blocking-1951 terms Belli333 Which of the following characteristic distinguishes computer processing from manual processing?Which of the following characteristics distinguishes computer processing from manual processing? The independence of the data from the application programs, which allows the programs to be developed for the user's specific needs without concern for data capture problems.
Which of the following activities would most likely be performed in the computer processing department?Which of the following activities would most likely be performed in the computer processing department? Conversion of information to machine-readable form.
When auditors consider only non IT controls in assessing control risk it is known as?10. When the client uses a computer but the auditor chooses to use only the non-IT segment of internal control to assess control risk, it is referred to as auditing around the computer.
Which of the following statements most likely represents a disadvantage for an entity that maintains computer data files rather than manual files *?Which of the following is most likely a disadvantage for an entity that keeps data files prepared by personal computers rather than manually prepared files? It is usually easier for unauthorized persons to access and alter the files.
|