General Flashcards Preview

CISA > General > Flashcards

Flashcards in General Deck (25)
Loading flashcards...
1

what is continuous auditing

a real-time feed of information to management through automated reporting processes so that management may implement corrective actions more quickly.

2

WHAT IS AUTOMATED SYSTEMS BALANCING

Automated systems balancing checks any imbalance between total inputs and total outputs would be reported for investigation and correction.

3

what are validation controls

comparing for input and output

4

what is a VPN

. The most secure method is a virtual private network, using encryption, authentication and tunneling to allow data to travel securely from a private network to the Internet.

5

Which of the following would be BEST prevented by a raised floor in the computer machine room?

damage of wires around the computers and servers

6

what defines the strategy of a Disaster recovery strategies how

maximum tolerable downtime and data loss

7

what is RTO

It is the time within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in continuity.

8

what is RPO

Point in recovery where data has to be restored as the last backup was until then

9

what does Hash Algorithms does

It provides a finger print to ensure authentication. it does not provide encryption, authorization and identification.

10

governance of IT should be whose stakeholders

Board of Directors

11

what is the actual purpose of audit trails

It is to determine accountability and NOT help the IS auditor

12

what does row level and column level access controls do

they restrict access to certain types of information that require additional security.

13

what is the diff between Data warehouse and database

data warehouse pulls data from multiple sources

14

what is being considered the most for reciprocal agreements as a recovery alternative

they must not be in close proximity

15

what is most concern when orgn outsouces IS processing

the lack of right to audit

16

what ensures accountability when updating data in a production database

review of audit logs

17

what is a web site certificate

it is to prove the authenticity of the site

18

Digital signatures requires what keys

It requires the sender to have his private key and the receiver to have a public key

19

what is a IT project portfolio analysis

provides information of planned initiatives, and ongoing IT services

20

what is a table link / reference checks

table linking errors (completeness and accuracy of contents of the database

21

which is the greatest concern
1) DR is invalid and need to be revised
2) Data may be lost in event of system failure
3) new vendor is not familiar with orgn policies
4) application owners were not informed of the change

application owners were not informed of the change

22

what is the most impt thing for IS auditor to consider to faciliate new policy implementation

esiting IT mechanisms to enable compliance

23

in a change management process, what does a IS auditor look out for most

the test plans are followed and complied

24

what is the critical success factor of a succesful implementation
1) assimilation of the framweork and intent of the written policy by all appropriate parties
2) management support ?

1) assimilation of framework and intent of the written policy

25

what is a integriyt constraints in a database

set of parameteres in a predefined table which prevent undefined data from being entered