IT/Business Continuity Flashcards
A malicious program replicates itself at each node of access to a network and sends copies of itself to each location it can reach from that node without attaching itself to an existing program or code. The program eventually finds and exploits a hole in the network security prompting a security breach
WORM: It spreads by sending copies of itself to terminals throughout a network. Worms may act to open holes in network security.
Malicious programs that try to appear harmless by using social engineering (rhetorical techniques designed to make messages appear to be friendly, innocent, or sent by familiar contacts).
Trojan horses
Software-based controls that check amounts or validate access based on logical rules.
Logic controls.
What are the three processes involved in Identity and Access Management
- Provisioning 2. Identity Management 3. Enforcement
The need to maintain security and integrity of transmissions and the data they represent. One of the best means of managing the confidentiality of satellite transmissions would be.
Encryption: Encryption is the best means of managing the confidentiality of satellite transmissions because even if an unauthorized individual recorded the transmissions, they would not be intelligible.
To reduce security exposure when transmitting proprietary data over communication lines, a company should use?
Cryptographic devices protect data in transmission over communication lines.
List the steps in the SDLC ( Systems Development Life Cycle)
- Systems Planning 2. Systems Analysis 3. Systems design/system selection 4. Programming and customization/configuration 5. Conversion and implementation 6. Systems operation and refinement (feedback)
Give an example of a input control?
A validation check at data entry that verifies that a quantity field contains only numbers is an example of a programmatic means of ensuring the accuracy of the value in that no nonnumeric characters are permitted; this is an input control.
Which stage of the SDLC is most important for auditors to be involved in because they need to ensure specific controls are integrated?
Ensuring the system includes all of the necessary controls in the systems design stage is vital because such controls will be expensive if added later. For systems selection, auditors need to ensure specific controls are part of the selection criteria and should check that the controls actually exist once a package has been selected.
After implementation of a new software system, the project team should
determine if the development process was conducted in compliance with policy.
What is an Echo Check?
An echo check is a hardware control that checks for accuracy in data transmission;
What is a sign check?
A sign check looks for positive or negative field restrictions
Buy side, sell side, back office, and enterprise resources planning (ERP) are subcategories of which of the following layers of IT?
Applications are programs that perform specific tasks related to business processes. They may be transactional or support applications. Transactional applications perform buy side (e.g., procurement), sell side (e.g., order processing), back office (e.g., invoicing for payables, recording receivables), and enterprise resource planning (ERP), software that integrates some of the other functions.
A device used to connect dissimilar networks is a
gateway, often implemented via software, translates between two or more different protocol families and makes connections between dissimilar networks possible.
What are gateways, routers, bridges, and repeaters?
Gateways connect Internet computers of dissimilar networks. Routers determine the best path for data. Bridges connect physically separate LANs. Repeaters strengthen signal strength
allows the use of batch totals and other controls, while simultaneously allowing changes to be viewed immediately
Memo posting is used by banks for financial transactions and others to create real-time entries that are posted to a temporary memo file. The memo file allows the updated information to be viewed; at a designated time, the memo file is batch processed to update the master file. Data is available immediately for viewing, but batch processing controls are applied before the changes become permanent.
Describe Routers
includes intelligent processors that link network segments while keeping them separate and independent.
Describe switches
which are devices that connect telecom circuits and may allow network management capabilities at Layer 3 and 4 of the OSI Model.
What is distributed processing?
Distributed processing is a strategy where remote locations each have their own processing power, but all are networked together
Concurrency controls are important to ensure that all updates to the database are recorded.
The controls address the problem of two users attempting to update the database at the same time.
database elements would regulate whether a specific user role would have read-only access to particular data?
Schema, from schematic, are the rules for the overall database; subschema are files describing a portion of a database, including authorized read-only/full access users.
