Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ACCT 360 > Acct 360 exam 2 review fall2020 > Flashcards

Acct 360 exam 2 review fall2020 Flashcards

1
Q 
) Duplicate checking of calculations and preparing bank reconciliations and monthly trial balances are examples of what type of control?
A) Preventive control
B) Detective control
C) Corrective control
D) Authorization control
A

) Detective control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

2) Identify the preventive control below.
A) Reconciling the bank statement to the cash control account.
B) Approving customer credit prior to approving a sales order.
C) Maintaining frequent backup records to prevent loss of data.
D) Counting inventory on hand and comparing counts to the perpetual inventory records.

A

B) Approving customer credit prior to approving a sales order.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

3) Internal controls are often segregated into
A) detective controls and preventive controls.
B) general controls and application controls.
C) process controls and general controls.
D) system controls and application controls

A

B) general controls and application controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
4) Duplicate checking of calculations is an example of a \_\_\_\_\_\_\_\_ control, and procedures to resubmit rejected transactions are an example of a \_\_\_\_\_\_\_\_ control. 
A) corrective; detective 
B) detective; corrective 
C) preventive; corrective 
D) detective; preventive
A

B) detective; corrective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
5) Which type of control prevents, detects, and corrects transaction errors and fraud?
A) general
B) application
C) detective
D) preventive
A

B) application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
6) Which internal control framework is widely accepted as the authority on internal controls?
A) COBIT.
B) ISACA framework.
C) COSO Integrated Control.
D) Sarbanes-Oxley control framework
A

C) COSO Integrated Control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
7) Applying the COBIT5 framework, monitoring is the responsibility of
A) the CEO.
B) the CFO.
C) the board of directors.
D) all of the above
A

D) all of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

9) Melissa is a staff accountant for Quality Paper Company, which has strict corporate policies on appropriate use of corporate resources. The first week of March, Melissa saw Kent, the branch manager putting printer paper and toner into his briefcase on his way out the door. This situation best reflects a weakness in which aspect of internal environment, as discussed in the COSO Enterprise Risk Management Framework?
A) Integrity and ethical values.
B) Risk management philosophy.
C) Restrict access to assets.
D) Methods of assigning authority and responsibility.

A

A) Integrity and ethical values.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

10) Reducing management layers, creating self-directed work teams, and emphasizing continuous improvement are all related to which aspect of internal environment?
A) Organizational structure.
B) Methods of assigning authority and responsibility.
C) Management philosophy and operating style.
D) Commitment to competence.

A

A) Organizational structure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q 
8) The principle of identifying and assessing changes that could significantly impact the system of internal control belongs to which of the COSO's Internal Control Model's component?
A) Control environment.
B) Risk assessment.
C) Control activities.
D) Information and communication.
A

B) Risk assessment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
11) If the time an attacker takes to break through the organization's preventive controls is greater than the sum of the time required to detect the attack and the time required to respond to the attack, then security is
A) effective.
B) ineffective.
C) overdone.
D) undermanaged.
A

A) effective.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
12) The steps that criminals take to identify potential points of remote entry is called
A) scanning and mapping the target.
B) social engineering.
C) research.
D) reconnaissance.
A

A) scanning and mapping the target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
13) The steps that criminals take to find known vulnerabilities and learn how to take advantage of those vulnerabilities is called
A) scanning and mapping the target.
B) social engineering.
C) research.
D) reconnaissance.
A

C) research.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q 
14) \_\_\_\_\_\_\_\_ is/are an example of a preventive control.
A) Emergency response teams
B) Encryption
C) Log analysis
D) Intrusion detection
A

B) Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
15) Which of the following is an example of a detective control?
A) Physical access controls.
B) Encryption.
C) Continuous monitoring.
D) Incident response teams.
A

C) Continuous monitoring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

16) An access control matrix
A) is the process of restricting access of authenticated users to specific portions of the system and limiting what actions they are permitted to perform.
B) is used to implement authentication controls.
C) matches the user’s authentication credentials to his authorization.
D) is a table specifying which portions of the system users are permitted to access.

A

D) is a table specifying which portions of the system users are permitted to access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q 
17) A special purpose hardware device or software running on a general purpose computer, which filters information that is allowed to enter and leave the organization's information system, is known as a(n)
A) demilitarized zone.
B) intrusion detection system.
C) intrusion prevention system.
D) firewall.
A

D) firewall.

18
Q 
18) This protocol specifies the procedures for dividing files and documents into packets to be sent over the Internet.
A) access control list
B) Internet protocol
C) packet switching protocol
D) transmission control protocol
A

D) transmission control protocol

19
Q 
19) The process that screens individual IP packets based solely on the contents of the source and/or destination fields in the packet header is known as
A) access control list.
B) deep packet inspection.
C) intrusion filtering.
D) packet filtering.
A

D) packet filtering.

20
Q 
20) The security technology that evaluates IP packet traffic patterns in order to identify attacks against a system is known as
A) an intrusion prevention system.
B) stateful packet filtering.
C) static packet filtering.
D) deep packet inspection.
A

A) an intrusion prevention system.

21
Q 
21) Encryption is a necessary part of which information security approach?
A) Defense in depth.
B) Time based defense.
C) Continuous monitoring.
D) Synthetic based defense.
A

A) Defense in depth.

22
Q

22) Identify the first step in protecting the confidentiality of intellectual property below.
A) Identifying who has access to the intellectual property.
B) Identifying the means necessary to protect the intellectual property.
C) Identifying the weaknesses surrounding the creation of the intellectual property.
D) Identifying what controls should be placed around the intellectual property.

A

a

23
Q 
23) Data masking is also referred to as 
A) encryption.
B) tokenization.
C) captcha.
D) cookies.
A

a

24
Q 
24) If an organization asks you to disclose your social security number, yet fails to permit you to opt-out before you provide the information, the organization has likely violated which of the Generally Accepted Privacy Principles?
A) Management.
B) Notice.
C) Choice and consent.
D) Use and retention
A

C) Choice and consent.

25
Q 
25) If an organization asks you to disclose your social security number, yet fails to properly dispose of your private information once it has fulfilled its purpose, the organization has likely violated which of the Generally Accepted Privacy Principles?
A) Management.
B) Notice.
C) Choice and consent.
D) Use and retention
A

A) Management.

26
Q 
26) All of the following are associated with asymmetric encryption except
A) speed.
B) private keys.
C) public keys.
D) no need for key exchange
A

A) speed.

27
Q 
27) Text that was transformed into unreadable gibberish using encryption is called
A) plaintext.
B) ciphertext.
C) encryption text.
D) private text.
A

C) encryption text.

28
Q

28) Which of the following is not one of the three important factors determining the strength of any encryption system?
A) Key length.
B) Policies for managing cryptographic keys.
C) Encryption algorithm.
D) Storage of digital signatures.

A

D) Storage of digital signatures.

29
Q

29) The best example of an effective payroll transaction file financial total would most likely be
A) sum of net pay.
B) total number of employees.
C) sum of hours worked.
D) total of employees’ social security numbers.

A

D) total of employees’ social security numbers.

30
Q

D) total of employees’ social security numbers.

A

B) total number of employees

31
Q 
31) \_\_\_\_\_\_\_\_ is a data entry input control that involves checking the accuracy of input data by using it to retrieve and display other related information.
A) Validity check
B) Duplicate data check
C) Closed-loop verification
D) Check digit verification
A

D) Check digit verification

32
Q 
32) The inventory tracking system shows that 12 laptop were on hand before a customer brings two laptops to the register for purchase. The cashier accidentally enters the quantity sold as 20 instead of 2. Which data entry control would most effectively prevent this error?
A) Limit check.
B) Sign check.
C) Field check.
D) Validity check.
A

B) Sign check.

33
Q 
33) Turnaround documents are an example of a(n)
A) data entry control.
B) output control.
C) processing control.
D) input control.
A

D) input control.

34
Q 
34) Checksums is an example of a(n)
A) data entry control.
B) data transmission control.
C) output control.
D) processing control.
A

B) data transmission control.

35
Q 
35) Data matching is an example of a(n)
A) data entry control.
B) data transmission control.
C) processing control.
D) input control.
A

C) processing control.

36
Q 
36) A \_\_\_\_\_\_\_\_ ensures input data will fit into the assigned field. 
A) limit check
B) size check
C) range check
D) field check
A

B) size check

37
Q 
37) A \_\_\_\_\_\_\_\_ determines the correctness of the logical relationship between two data items. 
A) range check
B) reasonableness test
C) sign check
D) size check
A

B) reasonableness test

38
Q 
38) The batch processing data entry control that sums a non-financial numeric field is called
A) record count.
B) financial total.
C) hash total.
D) sequence check.
A

C) hash total.

39
Q 
39) A \_\_\_\_\_\_\_\_ control ensures that the correct and most current files are being updated. 
A) cross-footing balance test
B) data matching
C) file labels
D) write-protect mechanism
A

C) file labels

40
Q 
40) A \_\_\_\_\_\_\_\_ is a data entry control that compares the ID number in transaction data to a master file to verify that the ID number exists. 
A) reasonableness test
B) user review
C) data matching
D) validity check
A

D) validity check

ACCT 360 (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions