Welcome to your IS Audit Advanced Course Exam

  • Read the full study material ... Click here
  • Start the exam ⇓

1 / 25

Spoofing is one type of online activity used to launch malicious attacks. Spoofing is:

2 / 25

Which of the following statements is false with respect to information security?

3 / 25

Which of the following passwords would be most difficult to crack?

4 / 25

A client is concerned that a power outage or disaster could impair the computer hardware’s ability to function as designed. The client desires off-site backup hardware facilities that are fully configured and ready to operate within several hours.

The client most likely should consider a:

5 / 25

What is a major disadvantage to using a private key to encrypt data?

6 / 25

A digital signature is used primarily to determine that a message is:

7 / 25

Which of the following does not present any risk for an entity under public-key encryption?

8 / 25

Passwords for personal computer software programs are designed to prevent:

9 / 25

Assigning passwords to computer users is a control to prevent unauthorized access. Because a password does not conclusively identify a specific individual, it must be safeguarded from theft. A method used to protect passwords is to:

10 / 25

Which of the following procedures should be included in the disaster recovery plan for an Information Technology department?

11 / 25

Which of the following statements best characterizes the function of physical access control?

12 / 25

Computer program libraries should be kept secure by:

13 / 25

Before implementing IT controls (general and application) and policies, an organization should:

14 / 25

Which of the following would not be appropriate to consider in the physical design of a data center?

15 / 25

Authentication is the process by which the:

16 / 25

The use of message encryption software:

17 / 25

To ensure privacy in a public-key encryption system, knowledge of which of the following keys would be required to decode the received message?

  1. Private
  2. Public

18 / 25

An organization creates an audit trail of when employees enter the building by having them use a key card to release a magnetic lock. A database records who enters when.

Which of the following reduces the risk that the audit trail is incomplete?

19 / 25

The basis of effective information security and cybersecurity are:

20 / 25

Select the cyberattack which is best associated with extorting an individual or an organization.

21 / 25

Which implemented control would best assist in meeting the control objective that a system has the capability to hold users accountable for functions performed?

22 / 25

An Internet firewall is designed to provide adequate protection against which of the following?

23 / 25

The best preventive measure against a computer virus is to:

24 / 25

Which of the following IT developments poses the least risk to organizational security?

25 / 25

When a user enters a certain entity’s system, a series of questions is asked of the user, including a name and mother’s birth date.

These questions are primarily intended to provide:


Contact Us