Audit-IT(reviewer)

Question 1

What type of computer is used for extremely high-volume and complex processing?

A) Mainframe Computers
B) Minicomputers
C) Supercomputers
D) Microcomputers

Answer 1

C) Supercomputers

Question 2

Which of the following is an example of an input device?

A) Magnetic Ink Character Reader (MICR)
B) Monitor
C) Printer
D) Plotter

Answer 2

A) Magnetic Ink Character Reader (MICR)

Question 3

What is the main function of the Central Processing Unit (CPU)?

A) Store and retrieve data
B) Process instructions and manipulate data
C) Control input and output devices
D) Print and display output

Answer 3

B) Process instructions and manipulate data

Question 4

Which storage device provides direct access to data?

A) Magnetic disks
B) Magnetic tapes
C) Cartridges
D) Optical disks

Answer 4

A) Magnetic disks

Question 5

What is the main function of an operating system?

A) Monitor and control computer hardware and software operations
B) Perform specific tasks like payroll processing
C) Store data permanently
D) Manage a company’s database

Answer 5

A) Monitor and control computer hardware and software operations

Question 6

What type of processing allows transactions to be processed as they occur?

A) Batch Processing
B) Database Processing
C) Real-Time Processing (OLRT)
D) Sequential Processing

Answer 6

C) Real-Time Processing (OLRT)

Question 7

Which of the following is NOT an internal control in an IT environment?

A) Organizational controls
B) Profit Maximization Control
C) Access controls
D) Monitoring controls

Answer 7

B) Profit Maximization Control

Question 8

What type of network spans a large geographical area?

A) Local Area Network (LAN)
B) Wide Area Network (WAN)
C) Personal Area Network (PAN)
D) Data Processing Network

Answer 8

B) Wide Area Network (WAN)

Question 9

What role does a Chief Information Officer (CIO) play in an organization?

A) Develops programming languages
B) Supervises and manages IT operations
C) Manages employee benefits
D) Conducts external audits

Answer 9

B) Supervises and manages IT operations

Question 10

What is an example of a general IT control?

A) Segregation of IT duties
B) Transaction validation
C) Data encryption
D) Data entry verification

Answer 10

A) Segregation of IT duties

Question 11

What is the purpose of a database management system (DBMS)?

A) Store, access, and manage a database
B) Convert machine code into human language
C) Secure an organization’s IT infrastructure
D) Print and display processed data

Answer 11

A) Store, access, and manage a database

Question 12

What is a white box approach in IT auditing?

A) Auditing with or through the computer
B) Auditing only around the computer
C) Ignoring data processing procedures
D) Conducting interviews with IT staff

Answer 12

A) Auditing with or through the computer

Question 13

What is a common risk in an IT environment?

A) Increase in paper-based transactions
B) Unauthorized access to data
C) More reliance on manual calculations
D) Increased hardware storage capacity

Answer 13

B) Unauthorized access to data

Question 14

What is the main objective of a test of controls in an IT audit?

A) Evaluate the effectiveness of controls
B) Review management policies
C) Identify key business competitors
D) Determine company profitability

Answer 14

A) Evaluate the effectiveness of controls

Question 15

What is the primary purpose of a hash total in IT controls?

A) Store critical data
B) Ensure accuracy by checking the sum of non-financial data fields
C) Protect software against viruses
D) Track employee login times

Answer 15

B) Ensure accuracy by checking the sum of non-financial data fields

Question 16

Which technique involves running an auditor’s test data through a company’s system to check for control failures?

A) Test Data Approach
B) Program Mapping
C) Flowcharting Software
D) Audit Trail Analysis

Answer 16

A) Test Data Approach

Question 17

What is the purpose of transaction tagging in IT auditing?

A) Track a transaction through different processing stages
B) Replace manual transactions
C) Store encrypted financial information
D) Generate customer receipts

Answer 17

A) Track a transaction through different processing stages

Question 18

Which IT audit method involves using a duplicate system to compare processing results?

A) Black Box Approach
B) Parallel Simulation
C) Code Review
D) Integrated Test Facility

Answer 18

B) Parallel Simulation

Question 19

What is the main function of a firewall in an IT system?

A) Store confidential data
B) Prevent unauthorized access to a network
C) Increase processing speed
D) Manage employee payroll

Answer 19

B) Prevent unauthorized access to a network

Question 20

What is a key characteristic of a Cold Site in IT disaster recovery?

A) Requires hardware installation before operation
B) Fully equipped with pre-installed hardware and software
C) Used for daily backup and storage
D) Provides cloud computing services

Answer 20

A) Requires hardware installation before operation

Question 21

What is an example of a secondary storage device that provides sequential access to data?

A) Magnetic tape
B) Hard disk
C) Solid-state drive
D) Optical disk

Answer 21

A) Magnetic tape

Question 22

What is the primary function of the Arithmetic and Logic Unit (ALU) in the CPU?

A) Store program instructions
B) Control input and output devices
C) Perform mathematical and logical operations
D) Manage file storage

Answer 22

C) Perform mathematical and logical operations

Question 23

Which of the following is an example of an output device?

A) Plotter
B) Keyboard
C) Optical scanner
D) Magnetic tape reader

Answer 23

A) Plotter

Question 24

What is the main advantage of a RAID (Redundant Array of Independent Disks) system?

A) Minimizes data loss by storing redundant copies of data
B) Speeds up data input
C) Reduces power consumption
D) Eliminates the need for external backups

Answer 24

A) Minimizes data loss by storing redundant copies of data

Question 25

Which of the following is NOT a type of computer network? A) Local Area Network (LAN) B) Computer Processing Network (CPN) C) Wide Area Network (WAN) D) National Area Network (NAN)

Answer 25

B) Computer Processing Network (CPN)

Question 26

What is the main function of an IT General Control? A) Ensure the reliability and security of IT systems B) Approve financial statements C) Process payroll transactions D) Manage customer relationships

Answer 26

A) Ensure the reliability and security of IT systems

Question 27

What type of software manages hardware resources and provides a platform for application software? A) Operating system B) Database management system C) Utility program D) Communication software

Answer 27

A) Operating system

Question 28

Which of the following is an example of an electronic commerce input method? A) Optical scanner B) Keyboard entry C) Joystick D) Electronic Data Interchange (EDI)

Answer 28

D) Electronic Data Interchange (EDI)

Question 29

What type of processing is best for large batch jobs that do not require immediate results? A) Real-time processing B) Distributed processing C) Batch processing D) Online transaction processing

Answer 29

C) Batch processing

Question 30

What is a key advantage of database systems? A) Requires no security measures B) Eliminates the need for user access controls C) Slows down data retrieval D) Prevents data redundancy

Answer 30

D) Prevents data redundancy

Question 31

What is the primary security risk in distributed data processing? A) Slower transaction processing B) Increased hardware costs C) Limited data storage capacity D) Unauthorized access to information

Answer 31

D) Unauthorized access to information

Question 32

What is the function of a source program? A) Stores company financial records B) Contains human-readable programming code before compilation C) Manages operating system functions D) Controls hardware components

Answer 32

B) Contains human-readable programming code before compilation

Question 33

Which technique in IT auditing focuses only on inputs and outputs without examining internal processing? A) White box approach B) Flowcharting C) Code review D) Black box approach

Answer 33

D) Black box approach

Question 34

What is the purpose of a virtual memory system? A) Store program source codes B) Extend primary memory using secondary storage C) Secure IT infrastructure D) Replace physical hard drives

Answer 34

B) Extend primary memory using secondary storage

Question 35

Which control ensures that only authorized transactions are processed? A) Output control B) Network monitoring C) Backup recovery system D) Input validation control

Answer 35

D) Input validation control

Question 36

What is an example of a physical access control? A) Encrypting database records B) Implementing network firewalls C) Using keycards for data center entry D) Running antivirus scans

Answer 36

C) Using keycards for data center entry

Question 37

Which of the following is NOT an input validation technique? A) Limit test B) Completeness check C) Output formatting D) Field check

Answer 37

C) Output formatting

Question 38

What type of software assists in data analysis and report generation? A) Text editor B) Web browser C) Email client D) Generalized audit software (GAS)

Answer 38

D) Generalized audit software (GAS)

Question 39

Which IT audit technique introduces test data into a live system without the knowledge of management? A) Integrated Test Facility (ITF) B) Test data approach C) Parallel simulation D) Black box auditing

Answer 39

A) Integrated Test Facility (ITF)

Question 40

What is an embedded audit module? A) A physical component of the CPU B) A technique for processing test data C) A feature of network firewalls D) A program built into an application to monitor transactions

Answer 40

D) A program built into an application to monitor transactions

Question 41

What type of control protects data during transmission? A) Firewall installation B) User authentication C) Encryption D) Role-based access control

Answer 41

C) Encryption

Question 42

What technique is used to confirm that transactions are processed accurately? A) Data encryption B) Role-based access control C) Hash total verification D) Limit test

Answer 42

C) Hash total verification

Question 43

What IT audit method involves directly examining the processing logic of a program? A) Parallel simulation B) Test data approach C) Auditing around the computer D) Code review

Answer 43

D) Code review

Question 44

What type of backup system follows the Grandfather-Father-Son principle? A) Cloud storage B) RAID storage C) Network-attached storage D) Batch file retention system

Answer 44

D) Batch file retention system

Question 45

Which is a key feature of a hot site in disaster recovery? A) Requires manual installation of hardware B) Pre-configured with necessary IT infrastructure C) Stores only archived data D) Located on external hard drives

Answer 45

B) Pre-configured with necessary IT infrastructure

Question 46

What does an IT security log track? A) Financial transactions B) Failed login attempts and security breaches C) IT department employee work schedules D) Business marketing plans

Answer 46

B) Failed login attempts and security breaches

Question 47

What technique involves marking specific transactions for tracking throughout the system? A) Flowcharting B) Transaction tagging C) Integrated test facility D) Test data approach

Answer 47

B) Transaction tagging

Question 48

Which of the following is NOT a feature of database management systems (DBMS)? A) Data retrieval B) Data storage C) Query execution D) Printing financial statements

Answer 48

D) Printing financial statements

Question 49

What is the purpose of a firewall in IT security? A) Encrypt stored data B) Prevent unauthorized network access C) Prevent physical damage to hardware D) Authenticate software licenses

Answer 49

B) Prevent unauthorized network access

Question 50

What technique captures and stores audit data as transactions occur? A) Data archiving B) Data compression C) Continuous auditing D) Firewall logging

Answer 50

C) Continuous auditing

Question 51

What is the main function of audit hooks in an IT system? A) Store transaction records B) Monitor transactions in real time and flag unusual activity C) Process payroll transactions D) Restrict user access

Answer 51

B) Monitor transactions in real time and flag unusual activity

Question 52

What does a parity check do? A) Encrypts passwords B) Detects network intrusions C) Manages database queries D) Verifies the integrity of transmitted data

Answer 52

D) Verifies the integrity of transmitted data

Question 53

What is the primary purpose of an access control list (ACL)? A) Encrypt sensitive data B) Monitor system performance C) Restrict or permit access to specific system resources D) Automate financial reporting

Answer 53

C) Restrict or permit access to specific system resources

Question 54

What is the main function of a program compiler? A) Debug software errors B) Execute system commands C) Convert source code into machine-readable object code D) Manage database records

Answer 54

C) Convert source code into machine-readable object code

Question 55

What is an example of a hardware control in IT security? A) Firewalls B) Encryption software C) Boundary protection for memory allocation D) Virus scanning

Answer 55

C) Boundary protection for memory allocation

Question 56

What IT audit method involves reprocessing actual transactions using an auditor’s copy of the client’s software? A) Parallel simulation B) Black box approach C) Controlled reprocessing D) Test data approach

Answer 56

C) Controlled reprocessing

Question 57

What is a risk of not implementing segregation of duties in an IT environment? A) Slower system processing B) Increased hardware costs C) Increased fraud and unauthorized changes D) Reduced data storage capacity

Answer 57

C) Increased fraud and unauthorized changes

Question 58

What does an intrusion detection system (IDS) do? A) Encrypts stored passwords B) Prevents unauthorized access to physical files C) Monitors and detects unauthorized access to a network D) Restricts file access to internal users

Answer 58

C) Monitors and detects unauthorized access to a network

Question 59

What is a logic test in input validation? A) Converts input data into machine code B) Encrypts sensitive financial transactions C) Rejects illogical or inconsistent data entries D) Verifies software licensing

Answer 59

C) Rejects illogical or inconsistent data entries

Question 60

What does a data completeness check ensure? A) Input data is encrypted B) All required fields are filled before processing continues C) Processing follows a batch schedule D) Transactions are permanently stored

Answer 60

B) All required fields are filled before processing continues

Question 61

What is the main risk of a single sign-on (SSO) authentication system? A) If compromised, all systems are exposed to unauthorized access B) It slows down user authentication C) It does not support multiple devices D) It increases IT costs significantly

Answer 61

A) If compromised, all systems are exposed to unauthorized access

Question 62

What IT control ensures that only authorized transactions are recorded? A) Backup procedures B) Application controls C) Firewall settings D) Data compression techniques

Answer 62

B) Application controls

Question 63

What is the purpose of a self-checking digit in input validation? A) Convert data into machine language B) Detect errors in numeric data fields C) Store system logs D) Encrypt email messages

Answer 63

B) Detect errors in numeric data fields

Question 64

What is the main disadvantage of a cold site disaster recovery center? A) Expensive to maintain B) Requires time to set up hardware and software before use C) Limited storage capacity D) Can only store financial data

Answer 64

B) Requires time to set up hardware and software before use

Question 65

What does a role-based access control (RBAC) system do? A) Grants system access based on user roles and responsibilities B) Encrypts database records C) Restricts unauthorized external access D) Prevents power failures

Answer 65

A) Grants system access based on user roles and responsibilities

Question 66

What does an optical character recognition (OCR) device do? A) Encrypts input data B) Processes SQL queries C) Converts printed text into digital format D) Detects computer viruses

Answer 66

C) Converts printed text into digital format

Question 67

What is a potential risk of an automated audit system? A) Dependence on system-generated data, which may be manipulated B) Slower transaction processing C) Increased manual work D) Less efficient than manual audits

Answer 67

A) Dependence on system-generated data, which may be manipulated

Question 68

What is the main function of a test data approach in IT auditing? A) Determine if the system properly processes transactions B) Store financial statements C) Encrypt sensitive files D) Generate network security logs

Answer 68

A) Determine if the system properly processes transactions

Question 69

What is the purpose of a system control audit review file (SCARF)? A) Log and store information for later audit review B) Manage payroll records C) Process real-time transactions D) Encrypt sensitive company data

Answer 69

A) Log and store information for later audit review

Question 70

Which IT audit technique runs transactions using both client and auditor software to compare results? A) Code review B) White box testing C) Parallel simulation D) Transaction tagging

Answer 70

C) Parallel simulation

Question 71

Which of the following statements about IT security controls is INCORRECT? A) Firewalls help prevent unauthorized network access. B) A weak password policy has no impact on IT security. C) Multi-factor authentication enhances user security. D) Data encryption protects information from unauthorized access.

Answer 71

B) A weak password policy has no impact on IT security.

Question 72

Which of the following statements about database management is CORRECT? A) A Database Management System (DBMS) reduces data redundancy and ensures data integrity. B) A database system does not require access controls. C) Data stored in a DBMS cannot be backed up. D) DBMS slows down data retrieval compared to paper records.

Answer 72

A) A Database Management System (DBMS) reduces data redundancy and ensures data integrity.

Question 73

Which of the following statements about IT auditing is INCORRECT? A) The white box approach involves directly examining system processes. B) The black box approach focuses only on inputs and outputs. C) Test data techniques cannot detect errors in automated controls. D) Parallel simulation compares client and auditor processing results.

Answer 73

C) Test data techniques cannot detect errors in automated controls.

Question 74

Which of the following statements about disaster recovery is CORRECT? A) A cold site is immediately ready for use in case of system failure. B) A hot site has pre-installed hardware and software for quick recovery. C) Backups are unnecessary if an organization uses a cloud-based system. D) Disaster recovery plans are only required for financial institutions.

Answer 74

B) A hot site has pre-installed hardware and software for quick recovery.

Question 75

Which of the following statements about IT controls is INCORRECT? A) General IT controls only apply to application software and not hardware. B) Application controls help ensure the accuracy and completeness of transactions. C) Role-based access control (RBAC) restricts user access based on job roles. D) Strong IT controls reduce the risk of unauthorized system access.

Answer 75

A) General IT controls only apply to application software and not hardware.