Module 5+6 (Ch 14-18)

Question 1

What role is appropriate for COO, overseeing and guiding day-to-day operations of the company?

Answer 1

Read-only

Question 2

What role is appropriate for Tax Accountant, responsible for financial tax statements? Researches the financials to ensure the company is following tax laws.

Answer 2

Creator

Question 3

What role is appropriate for Accounting Director, responsible for directing the accounting department?

Answer 3

Administrator

Question 4

What role is appropriate for Regional sales manager, overseeing the sales department?

Answer 4

Read-only

Question 5

What role is appropriate for PR Manager?

Answer 5

Denied Access

Question 6

What role is appropriate for Internal Auditor?

Answer 6

Read-only

Question 7

What role is appropriate for Compensation and benefits manager?

Answer 7

Denied access

Question 8

What role is appropriate for Marketing Manager?

Answer 8

Denied Access

Question 9

The backup strategy that copies all existing data every time is ______.

Answer 9

Full backup

Question 10

The backup strategy used in the ‘son’ backup cycle is ____.

Answer 10

Differential Backup

Question 10

The cheapest backup strategy, which uses the lease amount of storage space is _____.

Answer 10

Incremental backup

Question 10

The middle ground of backup strategies is _____.

Answer 10

Differential backup

Question 10

The data strategy used in the ‘father’ backup cycle is _____.

Answer 10

Full backup

Question 10

Also known as ‘sand box’ and is where developers design and test coding.

Answer 10

Test environment

Question 11

Environment where developer no longer has access to ensure segregation of duties.

Answer 11

Model environment and Production environment

Question 12

Environment where user acceptance takes place.

Answer 12

Model environment

Question 13

Environment where outputs include testing documentation.

Answer 13

Test environment

Question 14

Environment where outputs include live code in the system.

Answer 14

Production environment

Question 15

Environment where outputs include initial code.

Answer 15

Test environment

Question 16

Environment where the business user or IT analyst no longer has access to the code to ensure segregation of duties.

Answer 16

Production environment

Question 17

There is currently a motion being filed to suspend all bank accounts and tax returns bearing your name and Social Security number. To review immediate rights and details and avoid all further proceedings, please contact our firm by clicking the link provided.

Answer 17

Fear, urgency

Question 18

Help a family in need this holiday season by providing them with a warm meal. A small donation of only $3 can provide a meal for a community member needing your help. Click the following link to make your donation on our easy-to-use web portal.

Answer 18

Helpfulness

Question 19

We have been reviewing your bank account information and it seems someone has made a large, unauthorized purchase. Please call us now at 1-800-987-6543 to discuss these changes and to protect your accounts.

Answer 19

Curiosity, fear

Question 20

You and your attorney have a very brief window to address this matter with our office. It would serve your best interest to contact our offices before close of business today or immediately upon receipt of this message. This message servers as a legal notification of a civil complaint filed against you.

Answer 20

Fear, urgency

Question 21

Cybersecurity Risk? A company website is down for two hours after a software update resulted in compatibility issues.

Answer 21

No

Question 22

Cybersecurity Risk? A staff accountant opened an email attachment that contained the CryptoLocker virus.

Answer 22

Yes

Question 23

Cybersecurity Risk? An employee lost an external hard drive while on a business trip. The hard drive contained corporate financial information.

Answer 23

Yes

Question 24

Cybersecurity Risk? The data center’s backup power failed to turn on during a power outage.

Answer 24

No

Question 25

Cybersecurity Risk? Three servers cannot be backed up due to the backup size exceeding a system’s storage capacity.

Answer 25

No

Question 26

Cybersecurity Risk? Employees have stated that they are receiving an increased number of pop-up ads on company computers.

Answer 26

Yes

Question 27

What type of cyber attack demands ransom payment after accessing files?

Answer 27

Ransomware

Question 28

What type of cyberattack shuts down the company’s network?

Answer 28

Denial-of-service

Question 29

What type of cyberattack shows a delayed attack?

Answer 29

Logic bomb

Question 30

NIST family: HR and IT collaborate to provide annual training on phishing emails.

Answer 30

Awareness and training

Question 31

NIST family: IT department conducts penetration testing annually.

Answer 31

Security assessment and authorization

Question 32

NIST family: System resources are monitored to ensure that sufficient resources exist to support unexpected network traffic.

Answer 32

System and communications protection

Question 33

NIST family: Corporate office requires two forms of ID for visitors to the data center.

Answer 33

Physical and environmental protection

Question 34

NIST family: System capacity, bandwidth and redundancy are managed proactively.

Answer 34

System communications protection

Question 35

NIST family: Malicious code protection mechanisms are employed at access points of the information system.

Answer 35

System and information integrity.

Question 36

NIST family: IT department scans for vulnerabilities randomly.

Answer 36

Risk assessment

Question 37

NIST family: Password requirements include 8 characters, a symbol, a number, and a capital letter.

Answer 37

Identification and authentication

Question 38

What job title provides a methodology for drawing conclusions from data? Is math oriented and focuses on collection/interpretation of quantitative data using scientific method.

Answer 38

Statistician

Question 39

What job title works with large volumes of data? Designs algorithms to collect and analyze data and conduct predictive analysis. Requires technical skills such as high lvl statistics.

Answer 39

Data scientist

Question 40

What job title builds a scalable, high-performing infrastructure for collecting and managing raw data.

Answer 40

Data engineer

Question 41

What job title works with data to find trends and leverage that information to improve business operations? Evaluates business processes, analyzes key metrics, provides strategic recommendations.

Answer 41

Business intelligence analyst

Question 42

What job title collects, manipulates, and analyzes data from across a business? Understands both business and technical aspects of an organization. Expert in coding.

Answer 42

Data analyst

Question 43

Supervised/Unsupervised/Reinforcement learning:

Question 44

Supervised/Unsupervised/Reinforcement learning:

Question 45

Supervised/Unsupervised/Reinforcement learning: Monte Carlo simulation

Answer 45

Reinforcement

Question 46

Supervised/Unsupervised/Reinforcement learning: Clustering

Answer 46

Unsupervised

Question 47

Supervised/Unsupervised/Reinforcement learning: Forecasting

Answer 47

Either supervised or unsupervised

Question 48

Supervised/Unsupervised/Reinforcement learning: Process mining

Answer 48

either supervised or unsupervised

Question 49

Supervised/Unsupervised/Reinforcement learning: Regression

Answer 49

Supervised

Question 50

Supervised/Unsupervised/Reinforcement learning: Network analysis

Answer 50

Either supervised or unsupervised

Question 51

Supervised/Unsupervised/Reinforcement learning: Classification

Answer 51

supervised

Question 52

Supervised/Unsupervised/Reinforcement learning: Data summarization

Answer 52

non

Question 53

Supervised/Unsupervised/Reinforcement learning: Natural Language Processing (NLP)

Answer 53

Either supervised or unsupervised

Question 54

Supervised/Unsupervised/Reinforcement learning: Geospatial analytics

Answer 54

Either supervised or unsupervised

Question 55

Data analytics technique: Project management; managers can predict project costs, schedules, and more using random values such as resource availability, project funding, and more.

Answer 55

Monte Carlo simulation

Question 56

Data analytics technique: Managerial Accounting; Managerial accountants can perform a break-even analysis to predict the point of loss, break-even point, and profitability of costs.

Answer 56

Forecasting

Question 57

Data analytics technique: Cost accounting; cost accountants can simulate cash flows, costs, variances, and more to understand and plan budgets.

Answer 57

Monte Carlo simulation

Question 58

Data analytics technique: Accounting; an accountant in the insurance industry might group unlabeled customer data based on average claim costs or premium payments.

Answer 58

Clustering

Question 59

Data analytics technique: Banking; Banks analyze credit card transactions to investigate relationships between people, accounts, transactions, and events.

Answer 59

Network analysis

Question 60

Data analytics technique: Journal entries; Auditors analyze the chain of command in journal entries, including originator, poster, approver, in order to identify segregation of duties.

Answer 60

Process mining

Question 61

Data analytics technique: Identify undetermined patterns among store locations that are performing below average.

Answer 61

Clustering

Question 62

Data analytics technique: Calculate fixed and variables times of store supply chain to determine how long the products will take to ship to their storefronts.

Answer 62

Regression

Question 63

Data analytics technique: Group the demographics of the top-performing store locations, such as customer age, income lvl, to determine similarities among customers.

Answer 63

Classification

Question 64

Data analytics technique: Review general ledger entries to see if any employees posted or approved entries outside of business hours or weekends.

Answer 64

Anomaly detection

Question 65

Data analytics technique: Auditors want to see what risks can be identified in the corporate board meeting minutes by analyzing the transcripts of the meetings for emotional content.

Answer 65

Sentiment Analysis

Question 66

What is the most widely used international standard for IT governance?

Answer 66

COBIT

Question 67

Which item is not an objective of the IT Evaluate, Direct, and Monitor domain?

Answer 67

Manage an IT system of internal control.

Question 68

Which of these access roles would you assign to the internal audit manager of a public company?

Answer 68

Read-only

Question 69

Eleanor Rigby’s Crematorium and Pet Custodian Services wants to choose the strongest control method for accessing its systems. Eleanor should choose

Answer 69

Biometrics

Question 70

Which of the following best characterizes the function of a physical access control?

Answer 70

Separates unauthorized individuals from computer resources

Question 71

A controller is developing a disaster recovery plan for a corporation’s computer systems. In the event of a disaster that makes the company’s facilities unusable, the controller has arranged for the use of an alternative location and the delivery of duplicate computer hardware to this alternative location. Which of the following recovery plans would best describe this arrangement?

Answer 71

Cold Site

Question 72

Which is true of the differential backup strategy?

Answer 72

It backs up all data since the last full backup.

Question 73

Only ___________ have access to the test environment.

Answer 73

developers

Question 74

Corruption fraud schemes include

Answer 74

bribery, conflicts of interest, economic extortion, and illegal gratuities.

Question 75

Which of the following is correct concerning a fraud risk factor?

Answer 75

It has been observed in circumstances where frauds have occurred.

Question 76

The first behavioral element in the fraud triangle is

Answer 76

perceived pressure

Question 77

The most difficult asset misappropriation fraud scheme to detect, because it leaves no starting point or audit trail for auditors to investigate, is

Answer 77

skimming

Question 78

The major classes of asset misappropriation are

Answer 78

skimming, larceny, and fraudulent disbursements.

Question 79

The fraud in which a company inflates its sales revenue by forcing more products through a distribution channel than the channel is capable of selling is called

Answer 79

channel stuffing.

Question 80

Managing cyber risks requires attempting to prevent cyber breaching but addressing those that occur through ____ and ____ controls.

Answer 80

Detective and Corrective

Question 81

In ________ tailgating, the authorized user holds the door open for the tailgater.

Answer 81

polite

Question 82

Which of the following is true about denial-of-service attacks?
Option 1: A denial-of-service attack takes advantage of a network communications protocol to tie up the server’s communication ports so that legitimate users cannot gain access to the server.
Option 2: If the denial-of-service attack is successful, the attacker can gain access to unprotected resources on the server.

Answer 82

1 only

Question 83

What is the primary difference between a virus and a worm?

Answer 83

Viruses require human interaction, but worms replicate without assistance.

Question 84

The primary difference between classification and clustering is that classification uses __________ machine learning and clustering uses ___________ machine learning.

Answer 84

supervised; unsupervised

Question 85

____________ is a consistent movement in time series data that does not repeat itself, while ____________ is a consistent movement in the time series data that repeats itself regularly.

Answer 85

A time trend; seasonality

Question 86

Which statement best describes data visualization?

Answer 86

It is the display of data in charts.

Question 87

The difference between a static dashboard and an interactive dashboard is that interactive dashboards

Answer 87

are useful for drilling down to the underlying data.