Professional Documents
Culture Documents
Chapter 3 - Polytechnic University of The Philippines
Chapter 3 - Polytechnic University of The Philippines
Email *
lizettesumanting@gmail.com
Course/Year/Campus/Branch *
True or False
1. In a computerized environment, the audit trail log must be printed onto paper documents. *
TRUE
FALSE
2. A formal log-on procedure is the operating system’s last line of defense against unauthorized *
access.
TRUE
FALSE
3. Computer viruses usually spread throughout the system before being detected. *
TRUE
FALSE
4. Operating system controls are of interest to system professionals but should not concern *
accountants and auditors.
TRUE
FALSE
TRUE
FALSE
TRUE
FALSE
TRUE
FALSE
8. The message authentication code is calculated by the sender and the receiver of a data *
transmission.
TRUE
FALSE
9. Electronic data interchange customers may be given access to the vendor’s data files. *
TRUE
FALSE
10. The audit trail for electronic data interchange transactions is stored on magnetic media. *
TRUE
FALSE
11. A firewall is a hardware partition designed to protect networks from power surges. *
TRUE
FALSE
12. The standard format for an e-mail address is DOMAIN NAME@USER NAME. *
TRUE
FALSE
13. The network paradox is that networks exist to provide user access to shared resources while *
one of its most important objectives is to control access.
TRUE
FALSE
14. Cookies are files created by user computers and stored on Web servers. *
TRUE
FALSE
15. Because of network protocols, users of networks built by different manufacturers are able to *
communicate and share data.
TRUE
FALSE
16. The client-server model can only be applied to ring and star topologies. *
TRUE
FALSE
17. Only two types of motivation drive DoS attacks: (1) to punish an organization with which the *
perpetrator had a grievance; (2) to gain bragging rights for being able to do it.
TRUE
FALSE
18. A distributed denial of service (DDoS) attack may take the form of a SYN flood but not a smurf *
attack.
TRUE
FALSE
19. A digital signature is a digital copy of the sender’s actual signature that cannot be forged. *
TRUE
FALSE
20. A smurf attack involves three participants: a zombie, an intermediary, and the victim. *
TRUE
FALSE
Multiple Choice
21. Which method will render useless data captured by unauthorized receivers? *
a. Echo check
b. message sequencing
c. parity bit
22. Which method is most likely to detect unauthorized access to the system? *
d. request-response technique
25. When auditors examine and test the call-back feature, they are testing which audit objective? *
c. Physical security measures are adequate to protect the organization from natural
disaster
26. Audit objectives in the electronic data interchange (EDI) environment include all of the *
following except
27. In determining whether a system is adequately protected from attacks by computer viruses, all *
of the following policies are relevant except
b. The policy that all software upgrades are checked for viruses before they are
implemented
c. The policy that current versions of antivirus software should be available to all
users
d. The policy that permits users to take files home to work on them
28. Which of the following is not a test of access controls? *
a. Biometric controls
b. encryption controls
c. backup controls
d. inference controls
29. All of the following are designed to control exposures from subversive threats except *
a. Firewalls
b. one-time passwords
c. field interrogation
d. data encryption
30. Many techniques exist to reduce the likelihood and effects of date communication hardware *
failure, one of these is
b. antivirus software
c. parity checks
d. data encryption
31. An integrated group of programs that supports the applications and facilitates their access to *
specified resources is called
a. Operating system
c. utility system
d. facility system
e. object system
32. Transmitting numerous SYN packets to a targeted receiver, but NOT responding to an ACK, is *
a. A smurf attack
b. IP spoofing
d. a ping attack
33. A software program that allows access to a system without going through the normal log on *
procedures is called a
a. Logic bomb
b. Trojan horse
c. back door
d. worm
a. Retina prints
b. passwords
c. voice prints
d. signature characteristics
35. All of the following are objectives of operating system control except *
This content is neither created nor endorsed by Google. Report Abuse - Terms of Service - Privacy Policy
Forms