Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

6. Holly would like to run an annual major disaster recovery test that is as tho

ID: 3803083 • Letter: 6

Question

6. Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario? A. Checklist test B. Full interruption test C. Parallel test D. Simulation test

16. Which one of the following is NOT a commonly accepted best practice for password security? A. Use at least six alphanumeric characters. B. Do not include usernames in passwords. C. Include a special character in passwords. D. Include a mixture of uppercase characters, lowercase characters, and numbers in passwords.

17. Alan is evaluating different biometric systems and is concerned that users might not want to subject themselves to retinal scans due to privacy concerns. Which characteristic of a biometric system is he considering? A. Accuracy B. Reaction time C. Dynamism D. Acceptability

18. Which one of the following is NOT an advantage of biometric systems? A. Biometrics require physical presence. B. Biometrics are hard to fake. C. Users do not need to remember anything. D. Physical characteristics may change.

19. Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following? A. Least privilege B. Security through obscurity C. Need to know D. Separation of duties

20. Which of the following is NOT a benefit of cloud computing to organizations? A. On-demand provisioning B. Improved disaster recovery C. No need to maintain a data center D. Lower dependence on outside vendors

35. Which item is an auditor least likely to review during a system controls audit? A. Resumes of system administrators B. Incident records C. Application logs D. Penetration test results

36. Which audit data collection method helps ensure that the information-gathering process covers all relevant areas? A. Checklist B. Interviews C. Questionnaires D. Observation

37. Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit? A. Does the organization have an effective password policy? B. Does the firewall properly block unsolicited network connection attempts? C. Who grants approval for access requests? D. Is the password policy uniformly enforced?

38. What information should an auditor share with the client during an exit interview? A. Draft copy of the audit report B. Final copy of the audit report C. Details on major issues D. The auditor should not share any information with the client at this phase

39. What type of security monitoring tool would be most likely to identify an unauthorized change to a computer system? A. Network IDS B. System integrity monitoring C. CCTV D. Data loss prevention

40. When should an organization's managers have an opportunity to respond to the findings in an audit? A. Managers should write a report after receiving the final audit report. B. Managers should include their responses to the draft audit report in the final audit report. C. Managers should not have an opportunity to respond to audit findings. D. Managers should write a letter to the Board following receipt of the audit report.

41. Which activity is an auditor least likely to conduct during the information-gathering phase of an audit? A. Vulnerability testing B. Report writing C. Penetration testing D. Configuration review

Explanation / Answer

6. Holly would like to run an annual major disaster recovery test that is as thorough and realistic as possible. She also wants to ensure that there is no disruption of activity at the primary site. What option is best in this scenario?

Ans: D. Simulation test

16. Which one of the following is NOT a commonly accepted best practice for password security?

Ans: B. Do not include usernames in passwords.

18. Which one of the following is NOT an advantage of biometric systems?

Ans: D. Physical characteristics may change.

36. Which audit data collection method helps ensure that the information-gathering process covers all relevant areas?

Ans: A. Checklist

Related Questions

6. Give an example where the instantaneous rate of change equals the average rat
Question #3199211
6. Give the 12 pts) contrapositive, converse and inverse of the original stateme
Question #3209790
6. Give the 16-bit 2\'s complement form of the following 8-bit 2\'s complement n
Question #3787465
6. Give the 16-bit 2\'s complement form of the following 8-bit 2\'s complement n
Question #3787689
6. Give three examples of condensation reactions that occur in the cell to form
Question #313962
6. Give two separate definitions of the Michaelis constant. Discuss what each te
Question #1020584
6. Given a nonpipelined processor A that requires 50 units of time to complete a
Question #3733784
6. Given a nonpipelined processor A that requires 50 units of time to complete a
Question #3734160
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
6. Hexoses are transported from the cytosol of enterocytes into capillary circul
Next
6. Home pregnancy tests, like all medical tests, are not perfectly accurate. Sup

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.