ch 14

Question 1

Authentication is the process by which the

Answer 1

system verifies the identity of the user

Prove its you/ verify who you are

Question 2

To enrue confidentiality in a asymmetric key enrcyption ststem, knowledge of which of the follling keys is required to decrypt the recieve message

1. Private
2. Public

Answer 2

1

Question 3

To euthenticate the message sender in an asymmetric key enecryption which key is required to decrypt the recived message

Answer 3

Senders public key

Question 4

To ensure the data sent over the internet are protected which of the following keys is required to encrypt the data (before tranmission) using an asymmetric key encrytion

Answer 4

Receivers public key

Question 5

Which of the following groups/laws was the earlies to encorage auditors to incorporate fraud examination into audit programs

Answer 5

SAS NO. 99

Question 6

Incentive to commit fraud usually would include all of the following:

Answer 6

1. resentment
2. finanical pressure
3. personal habits and lifestyle
4. alcohol, drug, or gambiling addication

Question 7

The symmetric encryption method has the – keys for –

Answer 7

Uses same key for both senders and receivers for encryption and decryption

Question 8

To prevent repudiation in conducting E-business, compaies must be able to authenticate their trading partners. Which of the following encryption methods can be used for authentication prupose?

Answer 8

Asymmetric key encryption method

Question 9

Which organization created the reporting on an entity cybersecurity risk management program and controls: ATTESTATION GUIDE IN 2017

Answer 9

AICPA

Question 10

Business continuity management is a – control

Answer 10

corrective

Question 11

Encryption is a – control

Answer 11

preventive

Question 12

What is one tech issue for CPA

Answer 12

Info secutiry management

Question 13

Information secutiry has a critical factor in

Answer 13

maintaining system integrity

Question 14

Information secutiry and sytem integrity

4. social engineering

Answer 14

4. manipulate somone to do this or that

Question 15

Encryption is a - control

Answer 15

preventitive

Question 16

What are the two algorithmic schemes?

Answer 16

1. symmetric
2. asymetic

key encryption

Question 17

Symmetric key includes:

Answer 17

1. fast
2. sutable for large data
3. difficlut to distribute key
4. one key is not cost effective

Question 18

Asymmetric key include

Answer 18

1. slow
2. not for large data
3. public key is used while private key is secret
4. transmit confidential information

Question 19

What are the 3 factors of encryption

Answer 19

1. Encryption algo
2. key length
3. key managment

Question 20

Define authentication

Answer 20

gets you in, acess what you can do

Question 21

Cerficate authority

Answer 21

trust entity that issues and revoke digital certificate

Question 22

Digital certificate

Answer 22

binds private key to owner and public key

Question 23

What is the triangle fraud

Answer 23

1. Incentive
2. opportunity
3. Rationalize

Question 24

Define the fraud triangle
1. Incentive
2. opportunity
3. Rationalize

Answer 24

1. reason to commit fraud (money, wants)
2. Must be the opportunty to do the act (lack of supervsion)
3. “justification” (I’ll pay it back later)

Question 25

Uninterruptible power supply

Answer 25

back up generators

Question 26

Fault tolerance

Answer 26

tolerate some failure

Question 27

Virtualization or Cloud computing

Answer 27

back up data

Question 28

Disaster recovery planning (DRP)

Answer 28

a plan of what to do if this happens

Question 29

Business continuity management (BCM)

Answer 29

other external things that affect the firm

political/ competitor

Question 30

DRP and BCM are the most critical – controls

Answer 30

corrective

Question 31

Using a digital signature, what is used to encrypt and what is used to decrypt a message digest?

Answer 31

The private key to encrypt and the public key to decrypt

Question 32

Who is responsible for the fraud risk assessment for an organization?

Answer 32

Management at each division