Scribd Logo
Upload

Welcome to Scribd!

  • 4 views

    IT22 CH16 Quiz Key Answers

    Uploaded by

    PRADO, Zyra Mae D.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    IT22 CH16 Quiz Key Answers

    Uploaded by

    PRADO, Zyra Mae D.
    4 views5 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    4 views5 pages

    IT22 CH16 Quiz Key Answers

    Uploaded by

    PRADO, Zyra Mae D.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 5

    Name: ____________________________________ Score: _________

    IT22: IT Controls Part II – Security and Access

    I. Identification

    Transaction log (journal) Burst error Operating system

    Log-on procedure Call-back device Single-bit error Encryption

    __________ 1. Is the computer’s control program which allows users and their applications to
    share and access computer resources, such as processors, main memory, databases, and
    printers.

    __________ 2. Is the operating system’s first line of defense against unauthorized access.

    __________ 3. Provides an audit trail of all processed transactions.

    __________ 4. Requires the dial-in user to enter a password and be identified. The system then
    breaks the connection to perform user authentication.

    __________ 5. A data transmission error that occurs when several consecutive bits are mistakenly
    flipped, resulting in a series of successive incorrect values.

    Key Answers:

    1. operating system

    2. log-on procedure

    3. transaction log (journal)

    4. call-back devices

    5. burst error

    II. True or False.

    __________ 1. Access controls take on increased importance in a computerized environment


    because all of the records may be found in one place.

    __________ 2. Computer viruses usually spread throughout the system before being detected.

    __________ 3. A recovery module suspends all data processing while the system reconciles its
    journal files against the database.

    __________ 4. The Database Management System controls program files.

    __________ 5. Operating system integrity is not of concern to accountants because only


    hardware risks are involved.

    Key Answers:

    1. True

    2. True

    3. False
    4. False

    5. False

    III. Multiple Choice

    1. The operating system performs all of the following tasks except

    a. translates third-generation languages into machine language

    b. assigns memory to applications

    c. authorizes user access

    d. schedules job processing

    2. Which of the following is considered an unintentional threat to the integrity of the


    operating system?

    a. a hacker gaining access to the system because of a security flaw

    b. a hardware flaw that causes the system to crash

    c. a virus that formats the hard drive

    d. the systems programmer accessing individual user files

    3. A software program that allows access to a system without going through the normal
    logon procedures is called a

    a. logic bomb

    b. Trojan horse

    c. worm

    d. back door

    4. All of the following will reduce the exposure to computer viruses except

    a. install antivirus software

    b. install factory-sealed application software

    c. assign and control user passwords

    d. install public-domain software from reputable bulletin boards

    5. All of the following are objectives of operating system control except

    a. protecting the OS from users

    b. protesting users from each other

    c. protecting users from themselves

    d. protecting the environment from users

    6. Passwords are secret codes that users enter to gain access to systems. Security can be
    compromised by all of the following except:
    a. failure to change passwords on a regular basis

    b. using obscure passwords unknown to others

    c. recording passwords in obvious places

    d. selecting passwords that can be easily detected by computer criminals

    7. Audit trails cannot be used to

    a. detect unauthorized access to systems

    b. facilitate reconstruction of events

    c. reduce the need for other forms of security

    d. promote personal accountability

    8. Which method is most likely to detect unauthorized access to the system?

    a. message transaction log

    b. data encryption standard

    c. vertical parity check

    d. request-response technique

    9. Audit objectives for the database management include all of the following except

    a. verifying that the security group monitors and reports on fault tolerance violations

    b. confirming that backup procedures are adequate

    c. ensuring that authorized users access only those files they need to perform their duties

    d. verifying that unauthorized users cannot access data files

    10. When auditors examine and test the call-back feature, they are testing which audit
    objective?

    a. incompatible functions have been segregated

    b. application programs are protected from unauthorized access

    c. physical security measures are adequate to protect the organization from natural
    disaster

    d. illegal access to the system is prevented and detected

    11. Which of the following is not a test of access controls?

    a. biometric controls

    b. encryption controls

    c. backup controls

    d. inference controls

    12. All of the following are designed to control exposures from subversive threats except

    a. Firewalls
    b. one-time passwords

    c. field interrogation

    d. data encryption

    13. Many techniques exist to reduce the likelihood and effects of data communication
    hardware failure. One of these is

    a. hardware access procedures

    b. antivirus software

    c. parity checks

    d. data encryption

    14. Which of the following deal with transaction legitimacy?

    a. transaction authorization and validation

    b. access controls

    c. EDI audit trail

    d. all of the above

    15. Firewalls are

    a. special materials used to insulate computer facilities

    b. a system that enforces access control between two networks

    c. special software used to screen Internet access

    d. none of the above

    16. Are logs that record activity at the system, application, and user level.

    a. system audit trails

    b. detailed logs of individual keystrokes

    c. event-oriented logs

    d. keystroke monitoring

    17. Which is not an objective of setting audit trail?

    a. detecting unauthorized access to the system

    b. facilitating the reconstruction of events

    c. promoting personal accountability

    d. forgetting passwords and being locked out of the system

    18. It uses the logs and backup files to restart the system after a failure.

    a. recovery modules

    b. checkpoint feature
    c. transaction log

    d. database backup

    19. Two general approaches to encryption are:

    a. access control and backup control

    b. private key and public key encryption

    c. smurf attacks and syn flood attacks

    d. network level firewalls and application-level firewalls

    20. Is an electronic authentication that cannot be forged.

    a. digital certificate

    b. message sequence numbering

    c. message transaction log

    d. digital signatures

    You might also like