Exam 3

Question 1

Identification

Answer 1

Users assigning a unique identifier to the user

Question 2

Authentication

Answer 2

Process of associating user/name with other identifier (making sure is legit)

Question 3

Authorization

Answer 3

Associating user with objects/data they’re allowed to access.

Question 4

Methods for authentication and multifactor authentication

Answer 4

Something user should KNOW, HAS, and IS

Question 5

Multifactor authentitication

Answer 5

When more than one unique identifier is required by system, to authenticate

Question 6

Role-based authorization, why’s it used?

Answer 6

To restrict network access by assigning individual specific roles that have predefined criteria, for what can/can’t be accessed to.

Question 7

Role

Answer 7

Predefined permission users are assigned

Question 8

Permission

Answer 8

Right/privilege user has once assigned to a role

Question 9

Administrator role

Answer 9

Highest role in the hierchary, has premission for all objects

Question 10

Principle of leas privileged

Answer 10

Users should be assigned only necessary privileges to do their job

Question 11

Provisioning

Answer 11

Process of assigning access to users

Question 12

De-Provisioning

Answer 12

Process of removing access when user changes jobs/leaves organizations

Question 13

Access Creep

Answer 13

Additional roles are assigned to users that are needed temporarily, but not removed

Question 14

User access reviews

Answer 14

Compare user job responsibilties with a role assigined

Question 15

dormant access review

Answer 15

Compare access logs to user permissions to identify permissions that have not been used, and may need to be removed

Question 16

Dormant user review

Answer 16

Compare access logs to users, identify users that have not accessed the system and may need to be removed

Question 17

Data Center

Answer 17

Physical location where servers, network appliances and other hardware to make core IT infrastructure is stored.

Question 18

Importance of data center control

Answer 18

Important because it runs all of IT

Question 19

SOC 2 Audit

Answer 19

Covers security, availability, processing integrity or privacy for the cloud provider is required. Used when data center is outsourced.

Question 20

Outside environment

Answer 20

Near bottom floors of physical building, building will be on high ground

Question 21

Inside environment

Answer 21

Own A/C to avoid overheating, non-water fire suppression system presents.

Question 22

Physical security

Answer 22

only employees involved with operation allowed, single entry point.

Question 23

Relationship between incident response, disaster recovery, business continuity.

Answer 23

Ensures business and process continue running smoothly.

Question 24

Data Prioritization

Answer 24

Companies’ categories systems and data based on importance, they do this in case of disaster recovery and business continuity.

Question 25

Hot backup site

Answer 25

immediately operational after disaster, runs continuously

Question 26

Warm backup site

Answer 26

Equipped with certain servers/equipment need to ramp up operations and takes time to start,

Question 27

Cold backup site

Answer 27

Almost empty room with no servers, equipment needs to be brought in, only has power, AC

Question 28

Full backup startegy

Answer 28

Copying all existing data in its entirety every time

Question 29

Differential backup strategy

Answer 29

Copying data created since most recent full backup everytime

Question 30

Incremental

Answer 30

Copying only new and updated data with each backup.

Question 31

Change Manegement

Answer 31

Process that changes implementation to a system

Question 32

Types of enviorments

Answer 32

Test, Model, Production

Question 33

Test

Answer 33

Developer writes the code user requested

Question 34

Model

Answer 34

User reviews outcome of the code when it runs model environment.

Question 35

Production

Answer 35

Production control employee implements code into production.

Question 36

Purchase requsition

Answer 36

Document that initares purchase

Question 37

Supplier selection

Answer 37

Suppliers identified, best is chosen

Question 38

Purchase order

Answer 38

sent to supplier, specific goods ordered

Question 39

Goods recipt

Answer 39

Goods/services are recieved

Question 40

Purchase invoice

Answer 40

Bill identifying amount to pay and payment terms is received

Question 41

Cash Payment

Answer 41

Supplier is paid

Question 42

Recording (Accounting activites)

Answer 42

Information as transaction takes place

Question 43

Processing (Acctg activties)

Answer 43

Processing inform to make it available in a useful format

Question 44

Sorting (acctg activties)

Answer 44

Data is an organized way

Question 45

Reporting (Acctg activties)

Answer 45

reporting information to decision making

Question 46

Control actitvies

Answer 46

Proper authorization, segregation of duty, physical control

Question 47

IT general control

Answer 47

Logical access control, data center control

Question 48

Organization-wide control

Answer 48

Control environment, risk assessment monitoring.

Question 49

Preventative

Answer 49

reducing chance of outcome will happen (Likelihood)

Question 50

Detectove:

Answer 50

Abke to detect situation quickly (Impact)

Question 51

Corrective

Answer 51

Reduce the effect of the outcome (Impact)

Question 52

Steps in revenue process

Answer 52

Estimate Sales Order Delivery Sales invoice Cash Reciept Bank deposit

Question 53

Steps in revenue recognition

Answer 53

Identify- contract with customer Identify- Performance obligations in contract Determine- transaction price Allocate- transaction price to performance obligations in contract Recognize- revenue when satisfies performance obligations.

Question 54

What Journal entries are a part of the revenue process

Answer 54

At sale: Recognize rvenue and cost At collection: Record cash receipt and reduce A/R

Question 55

General Journal

Answer 55

Book of original entry, all journal entires are recorded here.

Question 56

Special Journal

Answer 56

Simplify recording process for frequent transactions, group similar entries.

Question 57

Subsidiary Ledger

Answer 57

Detailed information on individual accounts for business, slows effect on accounts

Question 58

General Ledger

Answer 58

Master record that holds all accounts for business, slows effect on account’s.

Question 59

Process of recording and posting in manual system

Answer 59

-Analyze transactions -Records in the Journal -Post to GL -Prepaid trial balance -Adjust entries -prepaid financial statements -close temporary accounts

Question 60

Special journals used in revenue process

Answer 60

Simply recording and speed posting by allowing posting of totals for all transactions to commonly used accounts, rather than posting individually.

Question 61

Control account

Answer 61

General ledger account associated with a subsidiary Ledger, all transactions end up getting posted twice.

Question 62

3 types of data

Answer 62

Configuration data, Master data, Transaction data

Question 63

Configuration data

Answer 63

Data that makes system work. (Tax rate, G.L.)

Question 64

Master data

Answer 64

Data about the people and resources including accounting transactions

Question 65

Transaction data

Answer 65

Data about the activities in the business process (Journal entries)

Question 66

Cost-Benefit constraints in implementing revenue system

Answer 66

Prepairing seperate estimate Sales orders Recieving recipts Not able to connect raw materials and finished goods.

Question 67

Bundle

Answer 67

I me composed of several other items

Question 68

Bill of materials

Answer 68

Including items that are part of the bundle

Question 69

Price (bundle)

Answer 69

Sum of the prices of its components

Question 70

What changes are made to the subsidiary ledger data

Answer 70

Customers balanced increased and open balance means unpaid A/R balance

Question 71

Payments to a deposit account

Answer 71

Is a cash account, used to record cash received, but not yet placed in the bank.