IS项目管理与审计模拟题
上传者:梅丽|上传时间:2015-04-26|密次下载
IS项目管理与审计模拟题
信息系统审计考题
A卷答案
内容需要下载文档才能查看
信息系统审计考题
同济大学经济与管理学院试卷 (B卷) 2010 -2011 学年第1 学期
课号: 课程名:信息系统审计 考试形式:开卷( )闭卷(√)
此卷选为:期中考试( )、期终考试( )、补考(√ )试卷
专业和年级 学号 姓名
答案请填写于下表
内容需要下载文档才能查看 内容需要下载文档才能查看A. be dynamic and change often to coincide with the changing nature of technology and the audit profession.
B. clearly state audit objectives for, and the delegation of, authority to the maintenance and review of internal controls.
C. document the audit procedures designed to achieve the planned audit objectives.
D. outline the overall authority, scope and responsibilities of the audit function.
2. The IT balanced scorecard (BSC) is a business governance tool intended to monitor IT performance evaluation indicators other than: A. financial results.
B. customer satisfaction.
信息系统审计考题
C. internal process efficiency. D. innovation capacity.
3. The reason for establishing a stop or freezing point on the design of a new system is to:
A. prevent further changes to a project in process.
B. indicate the point at which the design is to be completed.
C. require that changes after that point be evaluated for cost-effectiveness. D. provide the project management team with more control over the project design.
4. An IS auditor evaluating the resilience of a high-availability network should be MOST concerned if:
A. the setup is geographically dispersed.
B. the network servers are clustered in a site. C. a hot site is ready for activation.
D. diverse routing is implemented for the network.
5. Which of the following is the PRIMARY safeguard for securing software and data within an information processing facility? A. Security awareness
B. Reading the security policy C. Security committee D. Logical access controls
6. Which of the following is the MOST important criterion when selecting a location for an offsite storage facility for IS backup files? The offsite facility must be: A. physically separated from the data center and not subject to the same risks.
B. given the same level of protection as that of the computer data center. C. outsourced to a reliable third party. D. equipped with surveillance capabilities.
7. Which of the following sampling methods is MOST useful when testing for compliance?
A. Attribute sampling B. Variable sampling
C. Stratified mean per unit D. Difference estimation
8. Which of the following is the MOST important function to be performed by IS management when a service has been outsourced? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider’s fees
D. Monitoring the outsourcing provider’s performance
9. Which of the following system and data conversion strategies provides the GREATEST redundancy? A. Direct cutover B. Pilot study
C. Phased approach D. Parallel run
10.An IS auditor reviewing database controls discovered that changes to the
信息系统审计考题
database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls?
A. Allow changes to be made only with the DBA user account
B. Make changes to the database after granting access to a normal user account
C. Use the DBA user account to make changes, log the changes and review the change log the following day
D. Use the normal user account to make changes, log the changes and review the change log the following day
11.Which of the following is a feature of an intrusion detection system (IDS)? A. Gathering evidence on attack attempts
B. Identifying weaknesses in the policy definition C. Blocking access to particular sites on the Internet
D. Preventing certain users from accessing specific servers
12.During a business continuity audit, an IS auditor found that the business continuity plan covered only critical processes. The IS auditor should: A. recommend that the business continuity plan cover all business processes.
B. assess the impact of the processes not covered. C. report the findings to the IT manager. D. redefine critical processes.
13.While planning an audit, an assessment of risk should be made to provide: A. reasonable assurance that the audit will cover material items.
B. definite assurance that material items will be covered during the audit work.
C. reasonable assurance that all items will be covered by the audit.
D. sufficient assurance that all items will be covered during the audit work. 14.The management of an organization has decided to establish a security awareness program. Which of the following would MOST likely be a part of the program?
A. Utilization of an intrusion detection system to report incidents B. Mandating the use of passwords to access all software
C. Installing an efficient user log system to track the actions of each user D. Training provided on a regular basis to all current and new employees
15.An IS auditor finds that a system under development has 12 linked modules and each item of data can carry up to 10 definable attribute fields. The system
handles several million transactions a year. Which of these techniques could an IS auditor use to estimate the size of the development effort? A. Program evaluation review technique (PERT) B. Counting source lines of code (SLOC) C. Function point analysis D. White box testing
16.An organization has recently installed a security patch, which crashed the production server. To minimize the probability of this occurring again, an IS auditor should:
信息系统审计考题
A. apply the patch according to the patch’s release notes.
B. ensure that a good change management process is in place. C. thoroughly test the patch before sending it to production. D. approve the patch after doing a risk assessment.
17.Which of the following is the BEST way to handle obsolete magnetic tapes before disposing of them?
A. Overwriting the tapes B. Initializing the tape labels C. Degaussing the tapes D. Erasing the tapes
18.Which of the following findings should an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault? A. There are three individuals with a key to enter the area B. Paper documents are also stored in the offsite vault C. Data files that are stored in the vault are synchronized D. The offsite vault is located in a separate facility
19.When evaluating the collective effect of preventive, detective or corrective controls within a process, an IS auditor should be aware of which of the following?
A. The point at which controls are exercised as data flow through the system B. Only preventive and detective controls are relevant
C. Corrective controls can only be regarded as compensating
D. Classification allows an IS auditor to determine which controls are missing
20.Which of the following audit techniques would BEST aid an auditor in determining whether there have been unauthorized program changes since the last authorized program update? A. Test data run B. Code review
C. Automated code comparison
D. Review of code migration procedures
21.IT control objectives are useful to IS auditors since they provide the basis for understanding the:
A. desired result or purpose of implementing specific control procedures. B. best IT security control practices relevant to a specific entity. C. techniques for securing information. D. security policy.
22.Which of the following is the PRIMARY purpose for conducting parallel testing? A. To determine if the system is cost-effective
B. To enable comprehensive unit and system testing C. To highlight errors in the program interfaces with files D. To ensure the new system meets user requirements
23.A review of wide area network (WAN) usage discovers that traffic on one
communication line between sites, synchronously linking the master and standby database, peaks at 96 percent of the line capacity. An IS auditor should conclude that:
A. analysis is required to determine if a pattern emerges that results in a service loss for a short period of time.
下载文档
热门试卷
- 2016年四川省内江市中考化学试卷
- 广西钦州市高新区2017届高三11月月考政治试卷
- 浙江省湖州市2016-2017学年高一上学期期中考试政治试卷
- 浙江省湖州市2016-2017学年高二上学期期中考试政治试卷
- 辽宁省铁岭市协作体2017届高三上学期第三次联考政治试卷
- 广西钦州市钦州港区2016-2017学年高二11月月考政治试卷
- 广西钦州市钦州港区2017届高三11月月考政治试卷
- 广西钦州市钦州港区2016-2017学年高一11月月考政治试卷
- 广西钦州市高新区2016-2017学年高二11月月考政治试卷
- 广西钦州市高新区2016-2017学年高一11月月考政治试卷
- 山东省滨州市三校2017届第一学期阶段测试初三英语试题
- 四川省成都七中2017届高三一诊模拟考试文科综合试卷
- 2017届普通高等学校招生全国统一考试模拟试题(附答案)
- 重庆市永川中学高2017级上期12月月考语文试题
- 江西宜春三中2017届高三第一学期第二次月考文科综合试题
- 内蒙古赤峰二中2017届高三上学期第三次月考英语试题
- 2017年六年级(上)数学期末考试卷
- 2017人教版小学英语三年级上期末笔试题
- 江苏省常州西藏民族中学2016-2017学年九年级思想品德第一学期第二次阶段测试试卷
- 重庆市九龙坡区七校2016-2017学年上期八年级素质测查(二)语文学科试题卷
- 江苏省无锡市钱桥中学2016年12月八年级语文阶段性测试卷
- 江苏省无锡市钱桥中学2016-2017学年七年级英语12月阶段检测试卷
- 山东省邹城市第八中学2016-2017学年八年级12月物理第4章试题(无答案)
- 【人教版】河北省2015-2016学年度九年级上期末语文试题卷(附答案)
- 四川省简阳市阳安中学2016年12月高二月考英语试卷
- 四川省成都龙泉中学高三上学期2016年12月月考试题文科综合能力测试
- 安徽省滁州中学2016—2017学年度第一学期12月月考高三英语试卷
- 山东省武城县第二中学2016.12高一年级上学期第二次月考历史试题(必修一第四、五单元)
- 福建省四地六校联考2016-2017学年上学期第三次月考高三化学试卷
- 甘肃省武威第二十三中学2016—2017学年度八年级第一学期12月月考生物试卷
网友关注
网友关注视频
- 外研版英语三起6年级下册(14版)Module3 Unit1
- 苏科版数学七年级下册7.2《探索平行线的性质》
- 人教版历史八年级下册第一课《中华人民共和国成立》
- 沪教版牛津小学英语(深圳用) 五年级下册 Unit 10
- 沪教版八年级下册数学练习册21.3(3)分式方程P17
- 冀教版小学英语五年级下册lesson2教学视频(2)
- 第五单元 民族艺术的瑰宝_15. 多姿多彩的民族服饰_第二课时(市一等奖)(岭南版六年级上册)_T129830
- 【获奖】科粤版初三九年级化学下册第七章7.3浓稀的表示
- 小学英语单词
- 沪教版牛津小学英语(深圳用) 六年级下册 Unit 7
- 第12章 圆锥曲线_12.7 抛物线的标准方程_第一课时(特等奖)(沪教版高二下册)_T274713
- 【部编】人教版语文七年级下册《泊秦淮》优质课教学视频+PPT课件+教案,天津市
- 冀教版英语三年级下册第二课
- 30.3 由不共线三点的坐标确定二次函数_第一课时(市一等奖)(冀教版九年级下册)_T144342
- 外研版英语七年级下册module3 unit1第二课时
- 人教版二年级下册数学
- 三年级英语单词记忆下册(沪教版)第一二单元复习
- 冀教版小学数学二年级下册第二单元《租船问题》
- 冀教版英语四年级下册第二课
- 七年级下册外研版英语M8U2reading
- 冀教版小学数学二年级下册第二单元《有余数除法的整理与复习》
- 外研版英语三起5年级下册(14版)Module3 Unit2
- 沪教版八年级下册数学练习册一次函数复习题B组(P11)
- 沪教版牛津小学英语(深圳用)五年级下册 Unit 1
- 【部编】人教版语文七年级下册《逢入京使》优质课教学视频+PPT课件+教案,安徽省
- 青岛版教材五年级下册第四单元(走进军营——方向与位置)用数对确定位置(一等奖)
- 每天日常投篮练习第一天森哥打卡上脚 Nike PG 2 如何调整运球跳投手感?
- 冀教版小学英语四年级下册Lesson2授课视频
- 外研版英语三起6年级下册(14版)Module3 Unit2
- 冀教版小学数学二年级下册第二单元《余数和除数的关系》
精品推荐
- 2016-2017学年高一语文人教版必修一+模块学业水平检测试题(含答案)
- 广西钦州市高新区2017届高三11月月考政治试卷
- 浙江省湖州市2016-2017学年高一上学期期中考试政治试卷
- 浙江省湖州市2016-2017学年高二上学期期中考试政治试卷
- 辽宁省铁岭市协作体2017届高三上学期第三次联考政治试卷
- 广西钦州市钦州港区2016-2017学年高二11月月考政治试卷
- 广西钦州市钦州港区2017届高三11月月考政治试卷
- 广西钦州市钦州港区2016-2017学年高一11月月考政治试卷
- 广西钦州市高新区2016-2017学年高二11月月考政治试卷
- 广西钦州市高新区2016-2017学年高一11月月考政治试卷
分类导航
- 互联网
- 电脑基础知识
- 计算机软件及应用
- 计算机硬件及网络
- 计算机应用/办公自动化
- .NET
- 数据结构与算法
- Java
- SEO
- C/C++资料
- linux/Unix相关
- 手机开发
- UML理论/建模
- 并行计算/云计算
- 嵌入式开发
- windows相关
- 软件工程
- 管理信息系统
- 开发文档
- 图形图像
- 网络与通信
- 网络信息安全
- 电子支付
- Labview
- matlab
- 网络资源
- Python
- Delphi/Perl
- 评测
- Flash/Flex
- CSS/Script
- 计算机原理
- PHP资料
- 数据挖掘与模式识别
- Web服务
- 数据库
- Visual Basic
- 电子商务
- 服务器
- 搜索引擎优化
- 存储
- 架构
- 行业软件
- 人工智能
- 计算机辅助设计
- 多媒体
- 软件测试
- 计算机硬件与维护
- 网站策划/UE
- 网页设计/UI
- 网吧管理