P1.E.2 Systems Controls & Security Measures Flashcards

1
Q

Information System Controls

P1.E.2 Systems Controls & Security Measures

A
  1. Software
  2. Hardware
  3. Data security
  4. Administrative
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Threats to Information Systems

P1.E.2 Systems Controls & Security Measures

A
  1. Input manipulation
  2. Program alteration: trap-door
  3. Direct file alteration
  4. Data theft
  5. Hardware theft
  6. Sabotage
  7. Virus: replicates data
  8. Trojan Horse: appears useful but contains malicious code
  9. Phishing: social engineering
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Threats to Information Systems
(Internet-Specific System Risks)

(P1.E.2 Systems Controls & Security Measures)

A
  1. Interception data
  2. User judgement
  3. Direct attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Application Controls

P1.E.2 Systems Controls & Security Measures

A
  1. Input controls: inputs are accurate, complete and valid.
  2. Processing controls: ensures the security, safety and validity of the data that has been input into the system. Ensures data is processed with no loss, deterioration or manipulation.
  3. Output controls: maintain completeness and accuracy of data as well as ensuring no unauthorized users accessed data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Hot Site

P1.E.2 Systems Controls & Security Measures

A

Replication of company’s data center. Used as a back up to switch over in case of a regular system fail.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Warm Site

P1.E.2 Systems Controls & Security Measures

A

Site where hardware and software are kept.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cold Site

P1.E.2 Systems Controls & Security Measures

A

Contains infrastructure to support company’s data processing equipment but doesn’t contain hardware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How does segregation of duties enhance system security?

P1.E.2 Systems Controls & Security Measures

A
  1. Authorization: should be separate from recording transactions
  2. Recordkeeping: should be separate from authority to take custody of assets
  3. Custody: should be separate from reconcilement
    4 Reconciliation: should be separate from other functions responsibilities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Firewalls

P1.E.2 Systems Controls & Security Measures

A
  1. Security system that restricts access between networks
  2. Deters unauthorized access to a network
  3. Used to limit traffic that is allowed on a network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Most appropriate control to verify user is authorized to execute a particular online transaction

(P1.E.2 Systems Controls & Security Measures)

A

Compatibility check. It verifies user access information, such as user ID, password and security profile is correct.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly