Q) Which of the following functions to be performed by the application owners to ensure proper distribution of tasks between Isami and end-users?
a) analysis system
b) Data access authorization
c) application programming
d) Data management
Q) Responsibility for the maintenance of appropriate security measures to information assets are:
a) security administrator
b) System Administrator
c) The owners of the data and systems.
d) Group operating systems.
Q) The biggest risk when end users have access to a database on the level of the system, not the application, is that users can:
a) unauthorized changes to the database directly, without an audit trail.
b) use the query system language (SQL) to access information.
c) remote access to the database.
d) update the data without authentication.
Q) In order to determine who is granted permission to use a particular system resource, IS auditor should consider the following questions:
a) lists of activities
b) Access control lists.
c) Login ID lists
d) password lists.
Q) Which of the following is the most effective control in the provision of temporary access to suppliers?
a) MEETS access providers with service level agreement (SLA)
b) User accounts are created with the expiry date and are based on services provided.
c) Administrator access are available for a limited time period.
d) User IDs are deleted when the job is finished.