The CISA Prep Guide Mastering the Certified Information Systems Auditor Exam phần 2 pot

... can trust the programmer who developed the tools of the CAATs C. Whether the source and object codes of the programs of the CAATs match D. The extent of the invasive access necessary to the production environment 24 . ... Give the auditor a view of the big picture of what the key control issue are based on the risk and management input B. Enable the auditor to...

Ngày tải lên: 13/08/2014, 12:21

... of the potential downside consequences Protection of Information Assets 183 16. In a media management system review, the IS auditor does not need to concern themselves with A. Whether the systems ... percent of the problem with the first solution at 20 percent of the cost, and 80 percent of the residual problem with another 20 percent of the cost, you will have solved...

Ngày tải lên: 13/08/2014, 12:21

... Passwords 21 5 Strong Authentication 21 8 PKI and Digital Signatures 21 9 Biometric Access Controls 22 2 Network User Access 22 3 Information Security Architecture 22 4 Security Plans and Compliance 22 5 Host-Based ... in the work papers and explained in the final report, should the auditor continue to be associated with the audit after these potential 30 Chapter 1 Maintai...

Ngày tải lên: 13/08/2014, 12:21

... here will build on the management oversight of these areas described in Chapter 2. In order to master these subject areas for the CISA exam and to perform the IS audits in these areas, you will need ... Questions Here is a sampling of questions in the format of the CISA exam. These questions are related to the management, planning, and the organization of information...

Ngày tải lên: 13/08/2014, 12:21

... process where the user, sitting inside the secure net- work, accesses the services on the untrusted Internet by using the proxy server as their surrogate and making the request for them. They are ... possible because the tools are designed by experts in these fields who built the items to make the job of the IS auditor simplified. However, Protection of Information Ass...

Ngày tải lên: 13/08/2014, 12:21

... roll back of the request and negating the signed transaction. Protection of Information Assets 29 5 Sample Questions Here is a sampling of questions in the format of the CISA exam. These questions ... sites in their cost but add the flexibility of putting the processing in the parking lot adjacent to the recovery process. Mobile sites thereby minimize the costs of sta...

Ngày tải lên: 13/08/2014, 12:21

... investigation of the need to customize the vendor application to meet the needs of the business ■■ The need to maintain the customized code with the application revi- sions in the future ■■ The need ... permissions There are many other examples, depending on the business processes being supported, the intended use cases of the solution being developed, and the operat...

Ngày tải lên: 13/08/2014, 12:21

... Organization of Information Systems. ” Like other manage- ment controls, their design and use will give the IS auditor some indica- tions of the effectiveness of the business process that the information Business ... of the vendors received more information about the bid request than the others did. D. Some of the bidders on the vendor list were not capable of respo...

Ngày tải lên: 13/08/2014, 12:21

... C. Whether the source and object codes of the programs of the CAATs match D. The extent of the invasive access necessary to the production environment Answer: D The correct answer is D. There ... aspect of the process? A. All of the relevant information is gathered about the person establishing the identity. B. Proof is provided to strongly tie the individual present...

Ngày tải lên: 13/08/2014, 12:21

... response, 26 3 26 5 logging and monitoring, 25 9 26 1 NIDS (Network Intrusion Detection System), 26 1 26 3 overview, 23 8 24 0 proxies, 24 6 24 7 testing tools, 26 5 26 7 third-party connections, evaluating, 27 0 virus ... connections, evaluating, 27 0 virus protection, 25 6 25 9 VPNs (Virtual Private Networks), 24 9 25 1 Web access controls, 25 1 25 4 network user access, 22 3 22...

Ngày tải lên: 13/08/2014, 12:21