Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 15: Monitoring and Auditing Ais

Full screen (f)
exit full mode
Question
What is the man-in-the-middle threat for wireless LANs?

A)The attacker impersonates an authorized user and gains certain unauthorized privileges to the wireless network.
B)The attacker passively monitors wireless networks for data,including authentication credentials.
C)The attacker steals or makes unauthorized use of a service.
D)The attacker actively intercepts communications between wireless clients and access points to obtain authentication credentials and data.
Use Space or
up arrow
down arrow
to flip the card.
Question
A data warehouse is for daily operations and often includes data for the current fiscal year only.
Question
Parallel simulation attempts to simulate the firm's key features or processes.
Question
Which of the following is not an approach used for online analytical processing (OLAP)?

A)Exception reports.
B)What-if simulations.
C)Consolidation.
D)Data mining.
Question
Which of the statements regarding a data warehouse is incorrect?

A)It is a centralized collection of firm-wide data.
B)The purpose of a data warehouse is to provide a rich data set for management to identify patterns and to examine trends of business events.
C)Includes data for the current fiscal year only.
D)The data in a data warehouse is pulled from each of the operational databases periodically.
Question
Data governance is the convergence of data quality,data management,data policies,business process management,and risk management surrounding the handling of data in a company.
Question
A wireless network is comprised of access points and stations.Access points logically connect stations to a firm's network.
Question
An embedded audit module is a programmed audit module that is added to the system under review.
Question
Parallel simulation uses an independent program to simulate a part of an existing application program,and is designed to test the validity and to verify the accuracy of an existing application program.
Question
Computer-assisted audit techniques (CAAT)are often used when auditing a company's IT infrastructure.
Question
The data in a data warehouse are updated when transactions are processed.
Question
Firewalls are security systems comprised of hardware and software that is built using routers,servers,and a variety of software.
Question
The Generally Accepted Auditing Standards (GAAS)issued by PCAOB provide guidelines for conducting an IS/IT audit.
Question
Accountants increasingly participate in designing internal controls and improving business and IT processes in a database environment.
Question
A Virtual private network (VPN)is a private network,provided by a third party,for exchanging information through a high capacity connection.
Question
Which of the following describes a group of computers that connects the internal users of a company distributed over an office building?

A)Internet.
B)LAN.
C)Virtual private network (VPN).
D)Decentralized network.
Question
Which of the following statements about switches is correct?

A)A hub is smarter than Switch.
B)Switches provide more security protections than hubs do for a company's internal network.
C)Switches are widely used in WANs.
D)A Switch contains multiple ports.
Question
The purpose of a company's firewall is to:

A)Guard against spoofing.
B)What-if simulations.
C)Deny computer hackers access to sensitive data.
D)All of the choices are correct.
Question
An Integrated test facility (ITF)is an automated technique that enables test data to be continually evaluated during the normal operation of a system.
Question
Which of the following is not a management control for wireless networks?

A)Assigning roles and responsibilities of employees for access control.
B)Conducting risk assessment on a regular basis.
C)Conducting appropriate awareness training on wireless networks.
D)Creating policies and procedures.
Question
One control objective for an operating system is that it must be protected from itself.Which of the following statements best explains this concept?

A)The operating system should be able to gracefully terminate activities,and later recover to its previous state.
B)No operating system module should be allowed to corrupt or destroy another operating system module.
C)User applications must not be allowed to gain control of or damage the operating system.
D)The operating system must be able to prevent unauthorized users from accessing,corrupting,or destroying other users' data.
Question
The results of a generalized audit software simulation of the aging of accounts receivable revealed substantial differences in the aging contribution,even though grand totals reconciled.Which of the following should the IS auditor do first to resolve the discrepancy?

A)Recreate the test,using different software.
B)List a sample of actual data to verify the accuracy of the test program.
C)Ignore the discrepancy because the grand totals reconcile and instruct the controller to correct the program.
D)Create test transactions and run test data on both the production and simulation program.
Question
LAN is the abbreviation for:

A)Large Area Network.
B)Local Area Network.
C)Longitudinal Analogue Network.
D)Low Analytical Nets.
Question
Which of the following is least likely to be considered a component of a computer network?

A)Application programs.
B)Computers.
C)Servers.
D)Routers.
Question
Which of the following statements about firewalls is wrong?

A)A firewall is a security system comprised of hardware and software that is built using routers,servers,and a variety of software.
B)A firewall allows individuals on the corporate network to send and receive data packets from the Internet.
C)A firewall can filter through packets coming from outside networks to prevent unauthorized access.
D)A firewall connects different LANs,software-based intelligent devices,and examines IP addresses.
Question
Which statements are incorrect about virtual private network (VPN)?

A)It is a way to use the public telecommunication infrastructure in providing secure access to an organization's network.
B)It enables the employees to work remotely by accessing their firm's network securely using the Internet.
C)The packets sent through VPN are encrypted and with authentication technology.
D)The VPN model requires leased lines.
Question
Which of the following is not a benefit of using wireless technology?

A)Mobility.
B)Rapid deployment.
C)Flexibility and Scalability.
D)Security.
Question
Which type of audit test would utilize the computer-assisted audit technique (CAATs)white-box approach?

A)Test hubs and switches.
B)Compare expected results to output results.
C)User acceptance testing.
D)Insertion of test transactions.
Question
The masquerading threat for wireless LANs is:

A)The attacker actively intercepts communications between wireless clients and access points to obtain authentication credentials and data.
B)The attacker alters a legitimate message sent via wireless networks by deleting,adding to,changing,or reordering it.
C)The attacker passively monitors wireless networks for data,including authentication credentials.
D)The attacker impersonates an authorized user and gains certain unauthorized privileges to the wireless network.
Question
Which of the following is a key reason an operating system is the most important system software?

A)It is the centralized collection of firmwide data.
B)It manages computer-assisted audit techniques (CAATs).
C)It manages interfaces with the computer.
D)None of the choices are correct.
Question
An auditor should be most concerned about which of the following when reviewing the risks of a company's wireless network:

A)Confidentiality.
B)Integrity.
C)Availability.
D)All of the choices are correct.
Question
Most threats involving a wireless local area network (LAN)involve which of the following?

A)The attacker has access to the operating system.
B)The attacker has access to the radio link between a station and an access point.
C)The attacker has accessed the premises of the company.
D)The attacker has access to the virtual private network (VPN).
Question
Which of the following strategies will a CPA most likely consider in auditing an entity that processes most of its financial data only in electronic form,such as a paperless system?

A)Continuous monitoring and analysis of transaction processing with an embedded audit module.
B)Increased reliance on internal control activities that emphasize the segregation of duties.
C)Verification of encrypted digital certificates used to monitor the authorization of transactions.
D)Extensive testing of firewall boundaries that restrict the recording of outside network traffic.
Question
Within a WAN,a router would perform which of the following functions?

A)Provide the communication within the network.
B)Select network pathways within a network for the flow of data packets.
C)Amplify and rebroadcast signals in a network.
D)Forward data packets to their internal network destination.
Question
IT governance over operating systems includes establishing proper policies and procedures.These policies and procedures over operating systems should cover all of the following except:

A)Which computing hardware to use.
B)Who can access the operating system.
C)Which actions users can take.
D)Which resources users can use.
Question
An auditor reviewing the risks associated with a firm's Wide area network (WAN)should pay particular attention to which of the following?

A)Operating systems.
B)Computer-assisted auditing techniques (CAATs).
C)Segregation of duties.
D)Routers and firewalls.
Question
What is the test data technique?

A)It uses a set of input data to validate system integrity.
B)It requires auditors to prepare both valid and invalid data to examine critical logics and controls of the system.
C)It is an automated technique that enables test data to be continually evaluated during the normal operation of a system.
D)"It uses a set of input data to validate system integrity" and "It requires auditors to prepare both valid and invalid data to examine critical logics and controls of the system" are correct.
E)None of the choices are correct.
Question
Which of the following statements regarding the black-box approach for systems auditing is correct?

A)The auditors need to gain detailed knowledge of the systems' internal logic.
B)The black-box approach could be adequate when automated systems applications are complicated.
C)The auditors first calculate expected results from the transactions entered into the system.Then,the auditors compare these calculations to the processing or output results.
D)All of the choices are correct.
Question
Which of the following statements regarding the purposes of an operating system is correct?

A)To ensure the integrity of a system.
B)To control the flow of multiprogramming and tasks of scheduling in the computer.
C)To allocate computer resources to users and applications.
D)All of the choices are correct.
Question
Which of the following is not a use of CAATs in auditing?

A)Test of details of transactions and balances.
B)Analytical review procedures.
C)Fraud examination.
D)Automated generation of final audit report.
Question
Which of the following is an example of using the test data technique?

A)Create a statistical data sample.
B)Embed an audit module in the source system.
C)Reprocessing actual data.
D)Input both valid and invalid transactions.
Question
Identify which fundamental control objective belongs with the following statement: "One user must not be able to access,destroy,or corrupt the data or programs of another user."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Question
Which of the following tool advancements has made continuous auditing more feasable?

A)COBIT.
B)XBRL.
C)OLAP.
D)VPN.
Question
Which of the following would not assist in continuous auditing?

A)Transactions can be tested and analyzed closer in time to when they actually occur.
B)Better compliance with laws and regulations.
C)It can reduce the effort required for routine testing.
D)It can be costly and time consuming to set up continuous auditing processes.
Question
ACL and IDEA are two prominent examples of which of the following?

A)ITF.
B)GAS.
C)EAM.
D)DBMS.
Question
Which of the following is not one of the reasons auditors should consider the use of CAATs?

A)ISACA standards require IS auditors to obtain sufficient,reliable,and relevant evidence,and should perform appropriate analysis of this evidence.
B)GAAP stipulates that audits should be performed using tools and techniques appropriate to the evidence being reviewed.
C)The IIA professional practices state that auditor must consider the use of technology-based auditing tools when conducting audits.
D)GAAS requires auditors to gather sufficient and appropriate evidence in the course of audit field work.
Question
Identify which fundamental control objective belongs with the following statement: "In the event of a power failure or other disaster,the operating system should be able to achieve a controlled termination of activities from which it can later recover."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Question
Identify which fundamental control objective belongs with the following statement: "User applications must not be able to gain control of or damage the operating system."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Question
Identify which fundamental control objective belongs with the following statement: "No module should be allowed to destroy or corrupt another module."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Question
Which of the following is not considered one of the primary CAAT approaches?

A)The black-box approach.
B)Encryption testing.
C)Auditing through the computer.
D)The white-box approach.
Question
Which of the following is not one of the categories of security controls for wireless networks?

A)Operational controls.
B)Application controls.
C)Management controls.
D)Technical controls.
Question
Accounting professionals should understand database systems for all of the following reasons except:

A)Accountants have a strong understanding of risks,controls and business processes.
B)Accountants increasingly participate in creating internal control systems.
C)Accountants typically manage organizations' operational databases.
D)Accountants frequently help improve business and IT processes.
Question
If an auditor wanted to test the accuracy of a computer generated report they might use which of the the following approaches?

A)An access point approach.
B)The black-box approach.
C)A continuous audit.
D)A pentration test.
Question
CAATs are commonly used in all of the following situations except:

A)Transaction testing.
B)Network penetration testing.
C)Encryption testing.
D)Operating system vulnerability assessments.
Question
Which of the following approaches and/or tools are not typically used as part of a CAAT approach to auditing?

A)Integrated testing facility (ITF).
B)Generalized audit software (GAS).
C)Audit calculation engine (ACE).
D)Embedded audit module (EAM).
Question
Which of the following is not one of the benefits of using a wireless network?

A)Flexibility and scalability.
B)Mobility.
C)Greater security.
D)Rapid deployment.
Question
Which of the following best describes continuous auditing?

A)Audit-related activities are peformed throughout the period under review.
B)The full audit team remains on the client site for the entire fiscal year.
C)The database extracts every 10th transaction and flags it for audit review.
D)Auditors can generate greater fees by increasing the amount of manual testing performed for the client.
Question
Which of the following is not a use of generalized audit software (GAS)?

A)Substantive testing.
B)Security testing.
C)Control testing.
D)Transaction data analysis.
Question
Identify which fundamental control objective belongs with the following statement: "A user's application may consist of several modules stored in separate memory locations,each with its own data.One module must not be allowed to destroy or corrupt another module."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Question
Which of the following uses best describes the use of a VPN?

A)Connect computers,printers,and file servers in an office building.
B)Lease dedicated communication lines to guarantee connection performance between remote office locations.
C)Allow employees traveling for business to connect to home office computing resources.
D)Allocates computing resources among multiple processors and operating systems.
Question
What are the benefits of conducting continuous audits (or monitoring)?
Question
Categorize the following scenario below as management,operational,or technical controls for wireless networks' security controls. "Providing regular updates in organizational policies and procedures to employees."

A)Operational controls
B)Technical Controls
C)Management Controls
Question
Categorize the following scenario below as management,operational,or technical controls for wireless networks' security controls. "Configuring all access points with encryption."

A)Operational controls
B)Technical Controls
C)Management Controls
Question
What are the general security objectives for both wired LANs and wireless LANs?
Question
What are the differences between LANs and WANs? Have you ever used any LANs and WANS?
Question
List common security threats for wireless LANs.Find a specific case in which the security of wireless LANs was threatened.Given the case you find,comment on how to prevent or mitigate the threats?
Question
Categorize the following scenario below as management,operational,or technical controls for wireless networks' security control. "Deciding how transmissions over wireless networks should be protected."

A)Operational controls
B)Technical Controls
C)Management Controls
Question
Categorize the following scenario below as management,operational,or technical controls for wireless networks' security controls. "Conducting risk assessment on a regular basis."

A)Operational controls
B)Technical Controls
C)Management Controls
Question
Discuss five significant barriers that are often encountered in implementing continuous auditing?
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/69
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 15: Monitoring and Auditing Ais
1
What is the man-in-the-middle threat for wireless LANs?

A)The attacker impersonates an authorized user and gains certain unauthorized privileges to the wireless network.
B)The attacker passively monitors wireless networks for data,including authentication credentials.
C)The attacker steals or makes unauthorized use of a service.
D)The attacker actively intercepts communications between wireless clients and access points to obtain authentication credentials and data.
D
2
A data warehouse is for daily operations and often includes data for the current fiscal year only.
False
3
Parallel simulation attempts to simulate the firm's key features or processes.
True
4
Which of the following is not an approach used for online analytical processing (OLAP)?

A)Exception reports.
B)What-if simulations.
C)Consolidation.
D)Data mining.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
5
Which of the statements regarding a data warehouse is incorrect?

A)It is a centralized collection of firm-wide data.
B)The purpose of a data warehouse is to provide a rich data set for management to identify patterns and to examine trends of business events.
C)Includes data for the current fiscal year only.
D)The data in a data warehouse is pulled from each of the operational databases periodically.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
6
Data governance is the convergence of data quality,data management,data policies,business process management,and risk management surrounding the handling of data in a company.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
7
A wireless network is comprised of access points and stations.Access points logically connect stations to a firm's network.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
8
An embedded audit module is a programmed audit module that is added to the system under review.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
9
Parallel simulation uses an independent program to simulate a part of an existing application program,and is designed to test the validity and to verify the accuracy of an existing application program.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
10
Computer-assisted audit techniques (CAAT)are often used when auditing a company's IT infrastructure.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
11
The data in a data warehouse are updated when transactions are processed.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
12
Firewalls are security systems comprised of hardware and software that is built using routers,servers,and a variety of software.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
13
The Generally Accepted Auditing Standards (GAAS)issued by PCAOB provide guidelines for conducting an IS/IT audit.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
14
Accountants increasingly participate in designing internal controls and improving business and IT processes in a database environment.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
15
A Virtual private network (VPN)is a private network,provided by a third party,for exchanging information through a high capacity connection.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
16
Which of the following describes a group of computers that connects the internal users of a company distributed over an office building?

A)Internet.
B)LAN.
C)Virtual private network (VPN).
D)Decentralized network.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
17
Which of the following statements about switches is correct?

A)A hub is smarter than Switch.
B)Switches provide more security protections than hubs do for a company's internal network.
C)Switches are widely used in WANs.
D)A Switch contains multiple ports.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
18
The purpose of a company's firewall is to:

A)Guard against spoofing.
B)What-if simulations.
C)Deny computer hackers access to sensitive data.
D)All of the choices are correct.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
19
An Integrated test facility (ITF)is an automated technique that enables test data to be continually evaluated during the normal operation of a system.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
20
Which of the following is not a management control for wireless networks?

A)Assigning roles and responsibilities of employees for access control.
B)Conducting risk assessment on a regular basis.
C)Conducting appropriate awareness training on wireless networks.
D)Creating policies and procedures.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
21
One control objective for an operating system is that it must be protected from itself.Which of the following statements best explains this concept?

A)The operating system should be able to gracefully terminate activities,and later recover to its previous state.
B)No operating system module should be allowed to corrupt or destroy another operating system module.
C)User applications must not be allowed to gain control of or damage the operating system.
D)The operating system must be able to prevent unauthorized users from accessing,corrupting,or destroying other users' data.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
22
The results of a generalized audit software simulation of the aging of accounts receivable revealed substantial differences in the aging contribution,even though grand totals reconciled.Which of the following should the IS auditor do first to resolve the discrepancy?

A)Recreate the test,using different software.
B)List a sample of actual data to verify the accuracy of the test program.
C)Ignore the discrepancy because the grand totals reconcile and instruct the controller to correct the program.
D)Create test transactions and run test data on both the production and simulation program.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
23
LAN is the abbreviation for:

A)Large Area Network.
B)Local Area Network.
C)Longitudinal Analogue Network.
D)Low Analytical Nets.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
24
Which of the following is least likely to be considered a component of a computer network?

A)Application programs.
B)Computers.
C)Servers.
D)Routers.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
25
Which of the following statements about firewalls is wrong?

A)A firewall is a security system comprised of hardware and software that is built using routers,servers,and a variety of software.
B)A firewall allows individuals on the corporate network to send and receive data packets from the Internet.
C)A firewall can filter through packets coming from outside networks to prevent unauthorized access.
D)A firewall connects different LANs,software-based intelligent devices,and examines IP addresses.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
26
Which statements are incorrect about virtual private network (VPN)?

A)It is a way to use the public telecommunication infrastructure in providing secure access to an organization's network.
B)It enables the employees to work remotely by accessing their firm's network securely using the Internet.
C)The packets sent through VPN are encrypted and with authentication technology.
D)The VPN model requires leased lines.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
27
Which of the following is not a benefit of using wireless technology?

A)Mobility.
B)Rapid deployment.
C)Flexibility and Scalability.
D)Security.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
28
Which type of audit test would utilize the computer-assisted audit technique (CAATs)white-box approach?

A)Test hubs and switches.
B)Compare expected results to output results.
C)User acceptance testing.
D)Insertion of test transactions.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
29
The masquerading threat for wireless LANs is:

A)The attacker actively intercepts communications between wireless clients and access points to obtain authentication credentials and data.
B)The attacker alters a legitimate message sent via wireless networks by deleting,adding to,changing,or reordering it.
C)The attacker passively monitors wireless networks for data,including authentication credentials.
D)The attacker impersonates an authorized user and gains certain unauthorized privileges to the wireless network.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
30
Which of the following is a key reason an operating system is the most important system software?

A)It is the centralized collection of firmwide data.
B)It manages computer-assisted audit techniques (CAATs).
C)It manages interfaces with the computer.
D)None of the choices are correct.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
31
An auditor should be most concerned about which of the following when reviewing the risks of a company's wireless network:

A)Confidentiality.
B)Integrity.
C)Availability.
D)All of the choices are correct.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
32
Most threats involving a wireless local area network (LAN)involve which of the following?

A)The attacker has access to the operating system.
B)The attacker has access to the radio link between a station and an access point.
C)The attacker has accessed the premises of the company.
D)The attacker has access to the virtual private network (VPN).
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
33
Which of the following strategies will a CPA most likely consider in auditing an entity that processes most of its financial data only in electronic form,such as a paperless system?

A)Continuous monitoring and analysis of transaction processing with an embedded audit module.
B)Increased reliance on internal control activities that emphasize the segregation of duties.
C)Verification of encrypted digital certificates used to monitor the authorization of transactions.
D)Extensive testing of firewall boundaries that restrict the recording of outside network traffic.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
34
Within a WAN,a router would perform which of the following functions?

A)Provide the communication within the network.
B)Select network pathways within a network for the flow of data packets.
C)Amplify and rebroadcast signals in a network.
D)Forward data packets to their internal network destination.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
35
IT governance over operating systems includes establishing proper policies and procedures.These policies and procedures over operating systems should cover all of the following except:

A)Which computing hardware to use.
B)Who can access the operating system.
C)Which actions users can take.
D)Which resources users can use.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
36
An auditor reviewing the risks associated with a firm's Wide area network (WAN)should pay particular attention to which of the following?

A)Operating systems.
B)Computer-assisted auditing techniques (CAATs).
C)Segregation of duties.
D)Routers and firewalls.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
37
What is the test data technique?

A)It uses a set of input data to validate system integrity.
B)It requires auditors to prepare both valid and invalid data to examine critical logics and controls of the system.
C)It is an automated technique that enables test data to be continually evaluated during the normal operation of a system.
D)"It uses a set of input data to validate system integrity" and "It requires auditors to prepare both valid and invalid data to examine critical logics and controls of the system" are correct.
E)None of the choices are correct.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
38
Which of the following statements regarding the black-box approach for systems auditing is correct?

A)The auditors need to gain detailed knowledge of the systems' internal logic.
B)The black-box approach could be adequate when automated systems applications are complicated.
C)The auditors first calculate expected results from the transactions entered into the system.Then,the auditors compare these calculations to the processing or output results.
D)All of the choices are correct.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
39
Which of the following statements regarding the purposes of an operating system is correct?

A)To ensure the integrity of a system.
B)To control the flow of multiprogramming and tasks of scheduling in the computer.
C)To allocate computer resources to users and applications.
D)All of the choices are correct.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
40
Which of the following is not a use of CAATs in auditing?

A)Test of details of transactions and balances.
B)Analytical review procedures.
C)Fraud examination.
D)Automated generation of final audit report.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
41
Which of the following is an example of using the test data technique?

A)Create a statistical data sample.
B)Embed an audit module in the source system.
C)Reprocessing actual data.
D)Input both valid and invalid transactions.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
42
Identify which fundamental control objective belongs with the following statement: "One user must not be able to access,destroy,or corrupt the data or programs of another user."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
43
Which of the following tool advancements has made continuous auditing more feasable?

A)COBIT.
B)XBRL.
C)OLAP.
D)VPN.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
44
Which of the following would not assist in continuous auditing?

A)Transactions can be tested and analyzed closer in time to when they actually occur.
B)Better compliance with laws and regulations.
C)It can reduce the effort required for routine testing.
D)It can be costly and time consuming to set up continuous auditing processes.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
45
ACL and IDEA are two prominent examples of which of the following?

A)ITF.
B)GAS.
C)EAM.
D)DBMS.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
46
Which of the following is not one of the reasons auditors should consider the use of CAATs?

A)ISACA standards require IS auditors to obtain sufficient,reliable,and relevant evidence,and should perform appropriate analysis of this evidence.
B)GAAP stipulates that audits should be performed using tools and techniques appropriate to the evidence being reviewed.
C)The IIA professional practices state that auditor must consider the use of technology-based auditing tools when conducting audits.
D)GAAS requires auditors to gather sufficient and appropriate evidence in the course of audit field work.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
47
Identify which fundamental control objective belongs with the following statement: "In the event of a power failure or other disaster,the operating system should be able to achieve a controlled termination of activities from which it can later recover."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
48
Identify which fundamental control objective belongs with the following statement: "User applications must not be able to gain control of or damage the operating system."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
49
Identify which fundamental control objective belongs with the following statement: "No module should be allowed to destroy or corrupt another module."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
50
Which of the following is not considered one of the primary CAAT approaches?

A)The black-box approach.
B)Encryption testing.
C)Auditing through the computer.
D)The white-box approach.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
51
Which of the following is not one of the categories of security controls for wireless networks?

A)Operational controls.
B)Application controls.
C)Management controls.
D)Technical controls.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
52
Accounting professionals should understand database systems for all of the following reasons except:

A)Accountants have a strong understanding of risks,controls and business processes.
B)Accountants increasingly participate in creating internal control systems.
C)Accountants typically manage organizations' operational databases.
D)Accountants frequently help improve business and IT processes.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
53
If an auditor wanted to test the accuracy of a computer generated report they might use which of the the following approaches?

A)An access point approach.
B)The black-box approach.
C)A continuous audit.
D)A pentration test.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
54
CAATs are commonly used in all of the following situations except:

A)Transaction testing.
B)Network penetration testing.
C)Encryption testing.
D)Operating system vulnerability assessments.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
55
Which of the following approaches and/or tools are not typically used as part of a CAAT approach to auditing?

A)Integrated testing facility (ITF).
B)Generalized audit software (GAS).
C)Audit calculation engine (ACE).
D)Embedded audit module (EAM).
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
56
Which of the following is not one of the benefits of using a wireless network?

A)Flexibility and scalability.
B)Mobility.
C)Greater security.
D)Rapid deployment.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
57
Which of the following best describes continuous auditing?

A)Audit-related activities are peformed throughout the period under review.
B)The full audit team remains on the client site for the entire fiscal year.
C)The database extracts every 10th transaction and flags it for audit review.
D)Auditors can generate greater fees by increasing the amount of manual testing performed for the client.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
58
Which of the following is not a use of generalized audit software (GAS)?

A)Substantive testing.
B)Security testing.
C)Control testing.
D)Transaction data analysis.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
59
Identify which fundamental control objective belongs with the following statement: "A user's application may consist of several modules stored in separate memory locations,each with its own data.One module must not be allowed to destroy or corrupt another module."

A)Protect the operating system from users.
B)The operating system must protect users from each other.
C)The operating system must be protected from itself.
D)The operating system must be protected from its environment.
E)The operating system must protect users from themselves.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
60
Which of the following uses best describes the use of a VPN?

A)Connect computers,printers,and file servers in an office building.
B)Lease dedicated communication lines to guarantee connection performance between remote office locations.
C)Allow employees traveling for business to connect to home office computing resources.
D)Allocates computing resources among multiple processors and operating systems.
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
61
What are the benefits of conducting continuous audits (or monitoring)?
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
62
Categorize the following scenario below as management,operational,or technical controls for wireless networks' security controls. "Providing regular updates in organizational policies and procedures to employees."

A)Operational controls
B)Technical Controls
C)Management Controls
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
63
Categorize the following scenario below as management,operational,or technical controls for wireless networks' security controls. "Configuring all access points with encryption."

A)Operational controls
B)Technical Controls
C)Management Controls
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
64
What are the general security objectives for both wired LANs and wireless LANs?
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
65
What are the differences between LANs and WANs? Have you ever used any LANs and WANS?
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
66
List common security threats for wireless LANs.Find a specific case in which the security of wireless LANs was threatened.Given the case you find,comment on how to prevent or mitigate the threats?
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
67
Categorize the following scenario below as management,operational,or technical controls for wireless networks' security control. "Deciding how transmissions over wireless networks should be protected."

A)Operational controls
B)Technical Controls
C)Management Controls
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
68
Categorize the following scenario below as management,operational,or technical controls for wireless networks' security controls. "Conducting risk assessment on a regular basis."

A)Operational controls
B)Technical Controls
C)Management Controls
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
69
Discuss five significant barriers that are often encountered in implementing continuous auditing?
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 69 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree