IT

Question 1

A business continuity plan is

Answer 1

designed to minimize disruptions to operations in the event of a disaster. Business continuity plans would help ensure a timely recovery.

Question 2

A value-added network

Answer 2

routes data transactions between trading partners. A value-added network is used to link different companies’ computer files together, helping to facilitate transactions between the trading partners.

A value added network links the computer files of different companies

provides increased security over data transmissions.

Question 3

private key

Answer 3

A disadvantage of using a private key for encryption is that both sender and receiver must have the key for this encryption method to be effective.

A private key can be broken into fragments and distributed to the receiver.

The private key must be used by both the sender for encryption and the receiver for decryption.

Question 4

greatest risk regarding an entity’s use of electronic data interchange (EDI)?

Answer 4

data is transmitted electronically, creating the risk that data may be inadvertently transmitted to an unauthorized or inappropriate user.

EDI transactions are formatted using standards that are uniform worldwide they can be transmitted among parties electronically.

must be GAAP.

conducted over the Internet

process of communication between suppliers and customers.

EDI uses strict communication standards, encryption, and access controls to ensure orders are placed and processed as expected.

Question 5

On-line analytical processing systems

Answer 5

enable users to interactively analyze data through operations such as consolidation, drill-down, and slicing and dicing.

Question 6

Transmission Control Protocol or Internet Protocol (TCP/IP) network

Answer 6

Every site connected to a Transmission Control Protocol or Internet Protocol (TCP/IP) network has a unique address.

can be used with all computers with access to the world wide web

may be an exchange of any type of data

Transmission control program/Internet protocol is a set of communications standards used for the internet and similar networks.

Question 7

An executive support system is designed to

Answer 7

support the work of executives including making nonroutine decisions, answering questions about competitors, and identifying new acquisitions.

Question 8

Decision support systems

Answer 8

process and present data to support management decision-making, but are not specific to the requirements of strategic levels of an organization.

Question 9

Management information systems

Answer 9

support day-to-day management decision making through pre-defined reports, and routine strategic level decision making.

Question 10

Transaction processing systems

Answer 10

support day-to-day operations, not strategic level decision making

Question 11

A virtual private network

Answer 11

establishes an encrypted point-to-point connection between sites and provides secure access to remote user

Question 12

An authority certificate

Answer 12

certifies the ownership of a public data encryption key and is not a method for creating encrypted communication over the internet.

Question 13

Packet-switching

Answer 13

is a communications method that groups all data into blocks for transmission and does not create secure access for remote users.

Question 14

integrated test facilities

Answer 14

auditor’s data + client data

client’s program

Question 15

test data

Answer 15

auditor’s data

client’s program

Question 16

parallel simulation

Answer 16

client’s data

auditor’s program

Question 17

Access control software

Answer 17

would prevent unauthorized individuals from accessing the system.

Question 18

Contingency planning

Answer 18

is designed to correct an error or irregularity and minimize any consequences.

Question 19

An echo check
and
hash total

Answer 19

is a detective control.

Question 20

The data librarian

Answer 20

is responsible for the collection, preservation, and maintenance of an entity’s data.

Question 21

Computer operators

Answer 21

oversee the running of computer systems. Their responsibilities should be segregated from the custody role of the data librarian.

Question 22

computer programmers

Answer 22

write computer software

Question 23

Systems analysts

Answer 23

examine business problems, recommend solutions, and coordinate the development of solutions.

Question 24

A limit check

Answer 24

is used to determine that data entered falls within acceptable limits, indicating a potential error when it does not.

Question 25

A validity check test

Answer 25

compares certain data to acceptable values, indicating a potential error when there is not a match.

Question 26

Creating hash totals from Social Security numbers is an example of a

Answer 26

processing control.

Question 27

Biometric devices restricting access to the computer center is an example of a

Answer 27

general control.

Question 28

Limiting entry of sales transactions to only valid credit card customers is an example of an

Answer 28

application control.

Question 29

Restricting entry of transactions to authorized users is an example of a

Answer 29

user control

Question 30

digital signature

Answer 30

used on files and emails to verify that the information sent is unaltered in transmission. Digital signatures can be used to verify the sender of a message and its content, but not the recipient.

Question 31

A local area network consists

Answer 31

of a group of computers, usually at the same location, that are linked together to enable users to share peripheral devices, programs, and data.

To enable this sharing, the computers must have a means of transmitting data to one another through common media.

Question 32

Capacity planning generally refers to

Answer 32

the IT function of optimizing IT infrastructure across the organization.

Question 33

Extensible business reporting language (XBRL)

Answer 33

is a global standard language specifically designed for the electronic communication of business information.

specifically designed to exchange financial information over the World Wide Web

Question 34

Hypertext markup language

HTML

Answer 34

is a language used to create web pages and other information for display in a web browser.

Question 35

Hypertext transfer protocol

HTTP

Answer 35

is the foundational protocol for data communication for the World Wide Web.

Question 36

Logic tests are

Answer 36

application-level control

Question 37

general control

Answer 37

A information system’s information technology infrastructure

Security management

Software acquisition procedures

Question 38

A byte is a

Answer 38

group of 8 bits representing a single character.

Several characters make up a field.

Question 39

A field is a

Answer 39

group of related characters representing a unit of information.

Several fields may be included in a record.

Question 40

A record is a

Answer 40

collection of related information treated as a unit,

which may be combined with others in a file.

Question 41

a file is

Answer 41

group of logically related records,

Question 42

Closed loop verification

Answer 42

is a means by which two parties can verify their identity to enable safe access to data.

Question 43

Redundant data checks

Answer 43

compare data from two or more files to determine if they match for the purpose of making certain that the computer has read the data properly

Question 44

A Trojan horse

Answer 44

is a computer program that appears to be legitimate but performs an illicit activity when run.

Question 45

The job control language in the computer’s operating system performs

Answer 45

scheduling, resource allocation, and data retrieval functions based on a set of instructions.

Question 46

Duties that are considered incompatible and should be segregated in an IT environment are

Answer 46

ARC

authorization
recording
custody

Question 47

An enterprise resource planning system

Answer 47

is software that integrates all the business processes of an organization.

The modules of an ERP system are interconnected and share data, thus increasing responsiveness and flexibility.

Integrate data from all aspects of an organization’s activities

Question 48

Three-tiered architecture for client/server applications consists of

Answer 48

a desktop client,
an application, and
a database.

Question 49

stakeholder

Answer 49

“Stakeholder” refers to anyone in the organization who creates or uses documents, data, or networks in the business information system. Stakeholders are not limited to management, IT personnel, or users.

Question 50

data mining

Answer 50

process that sifts through large amounts of data to discover previously unknown, meaningful patterns or trends.