Chapter 7 - IT (Hard/Incorrect Questions Only)

Question 1

The computer operating system performs scheduling, resource allocation, and data retrieval functions based on a set of instructions provided by the

Answer 1

Job Control Language Got this correct first try

Question 2

A digital signature is used primarily to determine that a message is

Answer 2

UNALTERED IN TRANSMISSION.

You got it incorrect - selected “Not intercepted on route”.

Remember from audit, we said Digital Signatures are on files and e-mails to prove identity of the sender and assure that the information was unaltered in in transmission.

Digital signatures do not (incorrect answers):

• prevent a message from being intercepted on route
• dont ensure the message is received by the intended recipient
• dont ensure its sent to the correct address

Question 3

What is a major disadvantage to using a private keyto encrypt data?

Answer 3

Both sender and receiver must have privatekey before this encryption method can work

Got right, but wasn’t sure if that was an advantage for a sec

Question 4

Which of the following aresof responsibility are normally assigned to the systems programmer in a computer system environment?

Answer 4

Maintaining and updating operating systems and compliers.

You thought it was “systems analysis and application programming”. That’s for APPLICATION programming, not system programming

Question 5

Most client/server applications operate on a three-tiered architecture consisting of which of the following layers?

Answer 5

Desktop client, appliation, and database

got it right. It wouldn’t use the following:

• software
• desktop server
• hardware

Question 6

A trojan horse is a

Answer 6

computer program that appears to be legitimate but performs an illicit activity when it is run

Question 7

Critical success factor in data mining a large data store?

Answer 7

Pattern recognition.

You got wrong; had no clue.

From book:
“Data mining searches for patterns and trends in data set to obtain useful information. The recognition of patterns is central, thus a critical success factor of a data mining operation.

Google said:
“Data Mining is an analytic process designed to explore data in search of consistent patterns and/or systematic relationships between variables. Data is typically business or market related”

Question 8

In whcih of the following locations should a copy of the accounting system data backup of year-end information be stired?

Answer 8

Secured off-site lcoation to protect itf rom theft, sabotage, and natural disasters

Got wrong

Question 9

A manufacturing comoany that wanted to be able to place material rodersmore efficiantly most likely would utilize

Answer 9

EDI

Got wrong

Question 10

In business informations processing, “stakeholder” refers to which of the following?

Answer 10

Anyone in the organization who has a role in creating or using documents and data stired on computers and networks.

Got right. Was close to choosing C - authorized users who are granted access rights to documents and data stored on the computers or networks

Question 11

security awareness manual is what type of control?

Answer 11

A preventative correction error because it suggests the organization educates its employees of procedures to prevent errors or fraud

Question 12

Which seperates or isolates a networks segment from the main network while maintaing the connection betweek networks?

Answer 12

firewall

got wrong

Question 14

A company has a significant e-commerce presence and self-hosts its web site. To assure continuity in the event of a natural disaster, the firm should adopt which of the following strategies?

Answer 14

Establish an off-site server

Question 15

An auditor most likely would test for the presence of unauthorized EDP program changes by running a

Answer 15

source code compariosn program

Question 16

Which of the following is not considered to be a risk associated with the performance of an audit in an IT environment?

Answer 16

circumvention

Question 17

Which of the following statements is not true of the test data approach when testing a computerized accounting system?

Answer 17

Test data must consist of all possible valid and invalid conditions

Question 18

What should be examined to determine if an information system is operating according to prescribed procedures?

Answer 18

system control

Question 19

Which one of the following artificial intelligence information systems cannot learn from experience?

Answer 19

Rule-based expert systems. think about it

Question 20

.

According to COBIT 5, covering the enterprise from end-to-end means that COBIT 5

Answer 20

Integrates governance of enterprise IT with enterprise governance

Question 21

An information technology director collected the names and locations of key vendors, current hardware configuration, names of team members, and an alternative processing location. What is the director most likely preparing?

Answer 21

A disaster-recovery plan. Doing these will facilitate rapid operation recovery in the event of a disaster

Question 22

A company has a significant e-commerce presence and self-hosts its web site. To assure continuity in the event of a natural disaster, the firm should adopt which of the following strategies?

Answer 22

Establish an off-site mirrorwed web server

You said “store records offsight”. Remember, this is an e-commerce heavy website. Also, storing it off-site would tkae more time to reupload info than sttoring it somewhere else online

Question 23

Which of the following statements presents an example of a general control for a computerized system?

Answer 23

restricting access to computer center through use of biometric devices

Question 24

Mill Co. uses a batch processing method to process its sales transactions. Data on Mill’s sales transaction tape are electronically sorted by customer number and are subjected to programmed edit checks in preparing its invoices, sales journals, and updated customer account balances. One of the direct outputs of the creation of this tape most likely would be a

Answer 24

report showing exceptions and control totals

Question 25

To obtain evidence that user identification and password controls are functioning as designed, an auditor would most likely

Answer 25

Examine a sample to determine whether password holders may have access to something incomaptible with their authroity

Question 26

An auditor using audit software probably would be least interested in which of the following fields in a computerized perpetual inventory file?

Answer 26

economic order quantity

irrelevant for auditor

Question 27

An auditor would least likely use computer software to

Answer 27

Assess EDP control risk

that requires JUDGEMENT

Question 28

In an IT department in a fairly large company, which of the following would be responsible for the security of shared data stored in a database system?

Answer 28

Database ADMINISTRATOR

NOT:

Data librarian

Data control clerk

systems analysy

Question 29

.

Duties that are considered incompatible and should be segregated in an IT environment are:

Answer 29

Authorization, recording, custody

(normal ARC)

Question 30

Which of the following is not an input control?

Answer 30

parity check ; thats a hardware control

Question 31

Which of the following is not considered to be a risk associated with the performance of an audit in an IT environment?

Answer 31

circumvention

Question 32

An audit client is using a computer program to process its data that the auditor wishes to verify. There is no appropriate equivalent program available to the auditor, requiring the auditor to apply techniques involving the direct use of the client program.

Answer 32

A auditor can verify that a program to be tested is the one used processing actual data through controlled reprocessing

Question 33

A research-based firm in the medical field could use each of the following Internet-based tools for collaboration, except

Answer 33

EDI

Question 34

Jones, an auditor for Farmington Co., noted that the Acme employees were using computers connected to Acme’s network by wireless technology. On Jones’ next visit to Acme, Jones brought one of Farmington’s laptop computers with a wireless network card. When Jones started the laptop to begin work, Jones noticed that the laptop could view several computers on Acme’s network and Jones had access to Acme’s network files. Which of the following statements is the most likely explanation?

Answer 34

Acme was not using security on the network

Question 35

Most client/server applications operate on a three-tiered architecture consisting of which of the following layers?

Answer 35

Desktop client/application database

Thought was “DESKTOP SERVER”