Isaca CISA Quiz 178 Topic 8 Questions 886-890

Question: 1

A business application system accesses a corporate database using a single ID and password embedded in a program. Which of the following would provide efficient access control over the organization's data?

AIntroduce a secondary authentication method such as card swipe

BApply role-based permissions within the application system

CHave users input the ID and password for each database transaction

DSet an expiration period for the database password embedded in the program

Show Answer

Question: 2

Which of the following is the BEST practice to ensure that access authorizations are still valid?

Ainformation owner provides authorization for users to gain access

Bidentity management is integrated with human resource processes

Cinformation owners periodically review the access controls

DAn authorization matrix is used to establish validity of access

Show Answer

Question: 3

A technical lead who was working on a major project has left the organization. The project manager reports suspicious system activities on one of the servers that is accessible to the whole team. What would be of GREATEST concern if discoveredduring a forensic investigation?

AAudit logs are not enabled for the system

BA logon ID for the technical lead still exists

CSpyware is installed on the system

DA Trojan is installed on the system

Show Answer

Question: 4

An organization is using an enterprise resource management (ERP) application. Which of the following would be an effective access control?

AUser-level permissions

BRole-based

CFine-grained

DDiscretionary

Show Answer

Question: 5

What should be the GREATEST concern to an IS auditor when employees use portable media (MP3 players, flash drives)?

AThe copying of sensitive data on them

BThe copying of songs and videos on them

CThe cost of these devices multiplied by all the employees could be high

DThey facilitate the spread of malicious code through the corporate network

Show Answer

Isaca CISA Quiz:178 Topic:8 Questions:886-890