Unit 13 System Control Flashcards
1
Q
Regression testing
A
- is a means of curing the reappearance of problems brought to have been rectified in program code.
2
Q
Mapping program
A
- are used to search application programs for code that is not used in the version of the program that is in used by production system
3
Q
scanning routines
A
- cannot reveal unauthorized program code
4
Q
Test data
A
- involves executing a new or revised application program using a set of data that is specially designed to see how the program handles errors.
5
Q
input control
A
- not a processing control,
- input control would not allow the information into the system.
- if a processing/transaction/output control were used instead, the improper information would have already been allowed into the system.
- not a transaction control,
- Input control provide reasonable assurance that data submitted for processing are: 1-authorized;2-complete;3-accurate
- if the company had an input control that looked for unreasonable amount, it would have flagged the 400 as an unreasonable number before the data were processed into the system. The input control would not have allowed this amount
- not an output control.
6
Q
Limited of physical access
A
- Physical controls limited physical access and environment damage to computer equipment and important documents.
- In order to protect access to hardware, the director should consider limitation of physical access, since hardware is a tangible object.
7
Q
Logical controls
A
- established to limit access in accordance with the principle that all persons should have access only those elements of the organization’s information system that are necessary to perform their job duties.
- Logical controls focus on system and software, not hardware.
8
Q
Application control
A
- refer to transaction processing controls, sometimes called “input-processing -output” controls.
9
Q
Authentication controls
A
- is a focus of logical control, which protects access to system information and software, not hardware.
- This type of control would be better suited to protect the information found within the hardware, not the actual hardware itself.