ACC 564 FINAL EXAM PART 1 LATEST THREE VERSIONS - 96676

Solution Posted by
olufunmilola

olufunmilola

Rating : (9)A+
Solution Detail
Price: $27.00
  • From: ,
  • Posted on: Tue 14 Jun, 2016
  • Request id: None
  • Purchased: 0 time(s)
  • Average Rating: No rating
Request Description
Question 1 The transaction cycle that includes the events of hiring employees and paying them is known as the Answer revenue cycle. expenditure cycle. human resources cycle. financing cycle. Question 2 Data must be converted into information to be considered useful and meaningful for decision-making. There are six characteristics that make information both useful and meaningful. If information is free from error or bias and accurately represents the events or activities of the organization, it is representative of the characteristic of Answer relevancy. timeliness. understandability. reliability. Question 3 The primary objective of accounting is to Answer implement strong internal controls. provide useful information to decision makers. prepare financial statements. ensure the profitability of an organization Question 4 The business owners obtain financing from outside investors, which results in an inflow of cash into the company. This transaction is considered to be part of which cycle? Answer the revenue cycle the payroll cycle the production cycle the financing cycle Question 5 Information that is free from error or bias and accurately represents the events or activities of the organization is Answer relevant. reliable. verifiable. timely Question 6 Hector Sanchez works in the accounting department of a multinational manufacturing company. His job includes updating accounts receivable based on sales orders and remittance advices. His responsibilities are part of the company's Answer revenue cycle. expenditure cycle. financing cycle. production cycle Question 7 An audit trail Answer provides the means to check the accuracy and validity of ledger postings. begins with the general journal. is automatically created in every computer-based information system. is a summary of recorded transactions Question 8 What usually initiates data input into a system? Answer The transaction system automatically checks each hour to see if any new data is available for input and processing. The performance of some business activity generally serves as the trigger for data input. A general ledger program is queried to produce a trial balance at the end of an accounting period. Data is only input when a source document is submitted to the accounting department Question 9 The general ledger account that corresponds to a subsidiary ledger account is known as a Answer dependent account. attribute account. entity account. control account. Question 10 The efficiency of recording numerous business transactions can be best improved by the use of Answer prenumbered source documents. specialized journals. posting references. subsidiary ledgers Question 11 Chas Mulligan has been hired by Yardley Security as an assistant to the internal auditor. He has been asked to document the existing accounting information system, and focus on the activities and flow of data between activities. He decides to begin with a summary description of the sources and uses of data in the organization and how they are processed by the system. The documentation tool that he should employ for this purpose is a Answer data flow diagram. document flowchart. system flowchart. program flowchart. Question 12 In general, a data destination will be shown by Answer an arrow pointing away. an arrow pointing in. arrows pointing both ways. no arrows, only two horizontal lines. Question 13 A data flow diagram Answer is a graphical description of the source and destination of data that shows how data flow within an organization. is a graphical description of the flow of documents and information between departments or areas of responsibility. is a graphical description of the relationship among the input, processing, and output in an information system. is a graphical description of the sequence of logical operations that a computer performs as it executes a program Question 14 A flowchart that depicts the relationships among the input, processing, and output of an AIS is Answer an internal control flowchart. a document flowchart. a system flowchart. a program flowchart. Question 15 Chuck and Jill Scruggs travel in their motor home six months of the year and buy unique artifacts. Within hours after the Scruggs make a purchase, they have photographed it, written a description of it, and posted it for sale on eBay with a reservation price. Anything that does not sell within a week is shipped back to Austin, Texas, for display in The House of Curiosities, a retail business that the Scruggs operate during the balance of the year. Which symbol should be used to represent the transfer of data to eBay in a context diagram of this process? Answer Question 16 The ________ handles the link between the way data are physically stored and each user's logical view of that data. Answer data warehouse data dictionary database management (DBMS) software schema Question 17 The logical structure of a database is described by the Answer data dictionary. schema. database management system. internal level. Question 18 The database requirement that foreign keys must be null or have a value corresponding to the value of a primary key in another table is formally called the Answer entity integrity rule. referential integrity rule. rule of keys. foreign key rule Question 19 A set of individual user views of the database is called the Answer conceptual-level schema. internal-level schema. external-level schema. meta-schema. Question 20 Inability to add new data to a database without violating the basic integrity of the database is referred to as the Answer update anomaly. insert anomaly. integrity anomaly. delete anomaly. Question 21 The US Justice Department defines computer fraud as Answer any crime in which a computer is used. an illegal act in which knowledge of computer technology is essential. any act in which cash is stolen using a computer. an illegal act in which a computer is an integral part of the crime Question 22 Which of the following is the greatest risk to information systems and causes the greatest dollar losses? Answer human errors and omissions physical threats such as natural disasters dishonest employees fraud and embezzlement Question 23 The most efficient way to conceal asset misappropriation is to Answer write-off a customer receivable as bad debt. alter monthly bank statements before reconciliation. alter monthly physical inventory counts to reconcile to perpetual inventory records. record phony payments to vendors. Question 24 Most fraud perpetrators are insiders because Answer insiders are more dishonest than outsiders. insiders know more about the system and its weaknesses than outsiders. outsiders are more likely to get caught than insiders. insiders have more need for money than outsiders Question 25 The simplest and most common way to commit a computer fraud is to Answer alter computer input. alter computer output. modify the processing. corrupt the database Question 26 Telefarm Industries is a telemarketing firm that operates in the Midwest. The turnover rate among employees is quite high. Recently, the information technology manager discovered that an unknown employee had used a Bluetooth-enabled mobile phone to access the firm's database and copy a list of customers from the past three years that included credit card information. Telefarm was a victim of Answer Bluesnarfing. splogging. vishing. typosquatting. Question 27 Illegally obtaining and using confidential information about a person for economic gain is known as Answer eavesdropping. identity theft. packet sniffing. piggybacking. Question 28 A fraud technique that slices off tiny amounts from many projects is called the ________ technique. Answer Trojan horse round down salami trap door Question 29 Computer fraud perpetrators that modify programs during systems development, allowing access into the system that bypasses normal system controls are using Answer a Trojan horse. a trap door. the salami technique. superzapping. Question 30 Which of the following is the easiest method for a computer criminal to steal output without ever being on the premises? Answer dumpster diving by use of a Trojan horse using a telescope to peer at paper reports electronic eavesdropping on computer monitors Question 31 What is one reason why AIS threats are increasing? Answer LANs and client/server systems are easier to control than centralized, mainframe systems. Many companies do not realize that data security is crucial to their survival. Computer control problems are often overestimated and overly emphasized by management. Many companies believe that protecting information is a strategic requirement. Question 32 The SEC and FASB are best described as external influences that directly affect an organization's Answer hiring practices. philosophy and operating style. internal environment. methods of assigning authority Question 33 According to the ERM, these objectives help ensure the accuracy, completeness and reliability of internal and external company reports. Answer Compliance objectives Operations objectives Reporting objectives Strategic objectives Question 34 According to the ERM, these deal with the effectiveness and efficiency of company operations, such as performance and profitability goals. Answer Compliance objectives Operations objectives Reporting objectives Strategic objectives Question 35 When undertaking risk assessment, the expected loss is calculated like this. Answer Impact times expected loss Impact times likelihood Inherent risk times likelihood Residual risk times likelihood Question 36 Compatibility tests utilize a(n) ________, which is a list of authorized users, programs, and data files the users are authorized to access or manipulate. Answer validity test biometric matrix logical control matrix access control matrix Question 37 In 2007, a major U.S. financial institution hired a security firm to attempt to compromise its computer network. A week later, the firm reported that it had successfully entered the system without apparent detection and presented an analysis of the vulnerabilities that had been found. This is an example of a Answer preventive control. detective control. corrective control. standard control Question 38 The process that allows a firewall to be more effective by examining the data in the body of an IP packet, instead of just the header, is known as Answer deep packet inspection. stateful packet filtering. static packet filtering. an intrusion prevention system Question 39 This protocol specifies the procedures for dividing files and documents into packets to be sent over the Internet. Answer Access control list Internet protocol Packet switching protocol Transmission control protocol Question 40 A special purpose hardware device or software running on a general purpose computer, which filters information that is allowed to enter and leave the organization's information system, is known as a(n) Answer demilitarized zone. intrusion detection system. intrusion prevention system. firewall. Question 41 Jeff Davis took a call from a client. "Jeff, I need to interact online and real time with our affiliate in India, and I want to make sure that our communications aren't intercepted. What do you suggest?" Jeff responded "The best solution will be to implement Answer a virtual private network." a private cloud environment." an asymmetric encryption system with digital signatures." multifactor authentication Question 42 On March 3, 2008, a laptop computer belonging to Folding Squid Technology was stolen from the trunk of Jiao Jan's car while he was attending a conference in Cleveland, Ohio. After reporting the theft, Jiao considered the implications of the theft for the company's network security and concluded there was nothing to worry about because Answer the computer was protected by a password. the computer was insured against theft. it was unlikely that the thief would know how to access the company data stored on the computer. the data stored on the computer was encrypted Question 43 One way to circumvent the counterfeiting of public keys is by using Answer a digital certificate. digital authority. encryption. cryptography Question 44 An electronic document that certifies the identity of the owner of a particular public key. Answer Asymmetric encryption Digital certificate Digital signature Public key Question 45 Which of the following descriptions is not associated with symmetric encryption? Answer A shared secret key Faster encryption Lack of authentication Separate keys for each communication party Question 46 This tests a numerical amount to ensure that it does not exceed a predetermined value. Answer Completeness check Limit check Range check Sign check Question 47 User reviews are an example of a(n) Answer data entry control. data transmission control. output control. processing control Question 48 A copy of a database, master file, or software that will be retained indefinitely as a historical record is known as a(n) Answer archive. cloud computing. differential backup. incremental backup Question 49 This determines the correctness of the logical relationship between two data items. Answer Range check Reasonableness test Sign check Size check Question 50 When I enter a correct customer number, the data entry screen displays the customer name and address. This is an example of Answer prompting. preformatting. closed-loop verification. error checking. Version 2 Question 1 Refer to the chart above. At what point, measured in terms of the net cost of information, does information overload begin? Answer 0 5 10 12 Question 2 Which of the following statements below shows the contrast between data and information? Answer Data is the output of an AIS. Information is the primary output of an AIS. Data is more useful in decision-making than information. Data and information are the same Question 3 The primary objective of accounting is to Answer implement strong internal controls. provide useful information to decision makers. prepare financial statements. ensure the profitability of an organization Question 4 Transaction cycles can be summarized on a high level as "give-get" transactions. An example of "give-get" in the revenue cycle would be Answer give cash, get goods. give goods, get cash. give cash, get labor. give cash, get cash. Question 5 An example of inbound logistics would consist of Answer the activities that transform inputs into final products or services. the activities that help customers to buy the organization's products or services. the activities that provide post-sale support to customers. the activities that consist of receiving, storing, and distributing the materials used as inputs by the organization to create goods and/or services it sells Question 6 Which of the following is an example of source data automation? Answer a utility bill POS (point-of-sale) scanners in retail stores a bill of lading a subsidiary ledger Question 7 A general journal Answer would be used to record monthly depreciation entries. simplifies the process of recording large numbers of repetitive transactions. records all detailed data for any general ledger account that has individual sub-accounts. contains summary-level data for every account of the organization Question 8 Hector Sanchez works in the accounting department of a multinational manufacturing company. His job includes updating accounts payable based on purchase orders and checks. His responsibilities are part of the company's Answer revenue cycle. expenditure cycle. financing cycle. production cycle Question 9 The efficiency of recording numerous business transactions can be best improved by the use of Answer prenumbered source documents. specialized journals. posting references. subsidiary ledgers. Question 10 To be effective, the chart of accounts must Answer be as concise as possible. begin with account 001. utilize only one coding technique. contain sufficient detail to meet the information needs of the organization. Question 11 The Union Soup Kitchen is a non-profit organization that collects, stores, prepares and provides food to the homeless in Erie, Pennsylvania. Donations of food are recorded in a database and a receipt is provided to the donor. When food is used, the database is updated so that it always reflects the amounts and types of food that are available. In a data flow diagram, which type of symbol would be used to represent the flow of data from the donor into the system? Answer Question 12 In a document flowchart of a manual payroll processing system, "update employee file" will be shown by a(n) ________ symbol, and "prepare payroll check" will be shown by a(n) ________ symbol. Answer input; output input; manual operation manual operation; output manual operation; manual operation Question 13 When preparing a document flowchart, the names of organizational departments or job functions should appear in the Answer column headings. right-hand margin. written narrative accompanying the flowchart. title of the flowchart. Question 14 Chas Mulligan has been hired by Yardley Security as an assistant to the internal auditor. He has been asked to thoroughly document the existing accounting information system in preparation for making recommendations for improvements to internal controls. He decides to begin with a description of the information stored in paper records, their sources, and their destinations. The documentation tool that he should employ for this purpose is a Answer data flow diagram. document flowchart. system flowchart. program flowchart Question 15 A DFD created at the highest-level or summary view is referred to as a Answer process diagram. overview diagram. content diagram. context diagram Question 16 The ________ acts as an interface between the database and the various application programs. Answer data warehouse database administrator database management system database system Question 17 The problem of changes (or updates) to data values in a database being incorrectly recorded is known as Answer an update anomaly. an insert anomaly. a delete anomaly. a memory anomaly Question 18 The update anomaly in file-based systems or unnormalized database tables Answer occurs because of data redundancy. restricts addition of new fields or attributes. results in records that cannot be updated. is usually easily detected by users. Question 19 When the human resources manager wants to gather data about vacation and personal day usage by employees and by departments, the manager would use which language? Answer Data Query Language Data Manipulation Language Data Report Language Data Definition Language Question 20 In a well-structured database, the constraint that ensures the consistency of the data is known as the Answer entity integrity rule. referential integrity rule. logical view. consistency integrity rule Question 21 In a ________ scheme, customer receipts are stolen and then subsequent payments by other customers are misapplied to cover the theft of the original receipts. Answer kiting laundering bogus expense lapping Question 22 Opportunity to commit fraud is comprised of three stages. The stage that often takes most time and effort would include Answer stealing inventory from the warehouse. selling stolen inventory to get cash. lapping accounts receivable. creating false journal entries to overstate revenue Question 23 Which characteristic of the fraud triangle often stems from a lack of internal controls within an organization? Answer pressure opportunity rationalization concealment Question 24 Intentional or reckless conduct that results in materially misleading financial statements is called Answer financial fraud. misstatement fraud. fraudulent financial reporting. audit failure fraud Question 25 Why is computer fraud often more difficult to detect than other types of fraud? Answer Rarely is cash stolen in computer fraud. The fraud may leave little or no evidence it ever happened. Computers provide more opportunities for fraud. Computer fraud perpetrators are just more clever than other types of criminals Question 26 In the 1960s, techniques were developed that allowed individuals to fool the phone system into providing free access to long distance phone calls. The people who use these methods are referred to as Answer phreakers. hackers. hijackers. superzappers Question 27 The call to tech support was fairly routine. A first-time computer user had purchased a brand new PC two months ago and it was now operating much more slowly and sluggishly than it had at first. Had he been accessing the Internet? Yes. Had he installed any "free" software? Yes. The problem is likely to be a(an) Answer virus. zero-day attack. denial of service attack. dictionary attack. Question 28 Developers of computer systems often include a user name and password that is hidden in the system, just in case they need to get into the system and correct problems in the future. This is referred to as a Answer Trojan horse. key logger. spoof. back door Question 29 I work in the information technology department of a company I'll call CMV. On Wednesday morning, I arrived at work, scanned in my identity card and punched in my code. This guy in a delivery uniform came up behind me carrying a bunch of boxes. I opened the door for him, he nodded and went on in. I didn't think anything of it until later. Then I wondered if he might have been Answer pretexting. piggybacking. posing. spoofing Question 30 When a computer criminal gains access to a system by searching records or the trash of the target company, this is referred to as Answer data diddling. dumpster diving. eavesdropping. piggybacking Question 31 Go-Go Corporation, a publicly traded company, has three brothers who serve as President, Vice President of Finance and CEO. This situation Answer increases the risk associated with an audit. must be changed before your audit firm could accept the audit engagement. is a violation of the Sarbanes-Oxley Act. violates the Securities and Exchange Act Question 32 A(n) ________ helps top-level managers with high-level activities that demand frequent and regular attention. Answer boundary system diagnostic control system interactive control system internal control system Question 33 When undertaking risk assessment, the expected loss is calculated like this. Answer Impact times expected loss Impact times likelihood Inherent risk times likelihood Residual risk times likelihood Question 34 Generally in a risk assessment process, the first step is to Answer identify the threats that the company currently faces. estimate the risk probability of negative events occurring. estimate the exposure from negative events. identify controls to reduce all risk to zero. Question 35 The primary purpose of the Foreign Corrupt Practices Act of 1977 was Answer to require corporations to maintain a good system of internal control. to prevent the bribery of foreign officials by American companies. to require the reporting of any material fraud by a business. All of the above are required by the act Question 36 A special purpose hardware device or software running on a general purpose computer, which filters information that is allowed to enter and leave the organization's information system, is known as a(n) Answer demilitarized zone. intrusion detection system. intrusion prevention system. firewall. Question 37 Multi-factor authentication Answer involves the use of two or more basic authentication methods. is a table specifying which portions of the systems users are permitted to access. provides weaker authentication than the use of effective passwords. requires the use of more than one effective password. Question 38 Which of the following is an example of a corrective control? Answer Physical access controls Encryption Intrusion detection Incident response teams Question 39 The Trust Services Framework reliability principle that states that users must be able to enter, update, and retrieve data during agreed-upon times is known as Answer availability. security. maintainability. integrity Question 40 In 2007, a major U.S. financial institution hired a security firm to attempt to compromise its computer network. A week later, the firm reported that it had successfully entered the system without apparent detection and presented an analysis of the vulnerabilities that had been found. This is an example of a Answer preventive control. detective control. corrective control. standard control Question 41 Which of the following is not one of the three important factors determining the strength of any encryption system? Answer Key length Key management policies Encryption algorithm Privacy Question 42 Jeff Davis took a call from a client. "Jeff, I need for my customers to make payments online using credit cards, but I want to make sure that the credit card data isn't intercepted. What do you suggest?" Jeff responded "The best solution will be to implement Answer a virtual private network." a private cloud environment." an encryption system with digital signatures." a data masking program Question 43 These are used to create digital signatures. Answer Asymmetric encryption and hashing Hashing and packet filtering Packet filtering and encryption Symmetric encryption and hashing Question 44 Which of the following is not one of the 10 internationally recognized best practices for protecting the privacy of customers' personal information? Answer Providing free credit report monitoring for customers Inform customers of the option to opt-out of data collection and use of their personal information Allow customers' browsers to decline to accept cookies Utilize controls to prevent unauthorized access to, and disclosure of, customers' information Question 45 Jeff Davis took a call from a client. "Jeff, I need to interact online and real time with our affiliate in India, and I want to make sure that our communications aren't intercepted. What do you suggest?" Jeff responded "The best solution will be to implement Answer a virtual private network." a private cloud environment." an asymmetric encryption system with digital signatures." multifactor authentication Question 46 Sequentially prenumbered forms is an example of a(n) Answer data entry control. data transmission control. processing control. input control. Question 47 Error logs and review are an example of Answer data entry controls. data transmission controls. output controls. processing controls Question 48 This determines if all required data items have been entered. Answer Completeness check Field check Limit check Range check Question 49 A facility that is pre-wired for necessary telecommunications and computer equipment, but doesn't have equipment installed, is known as a Answer cold site. hot site. remote site. subsidiary location Question 50 User reviews are an example of a(n) Answer data entry control. data transmission control. output control. processing control VERSION 3 LATEST Question 1 The process of creating value for customers is the result of nine activities that form a value chain. profitable operation. successful business. support system. Question 2 When two knowledgeable people acting independently each produce the same information, this information is said to be complete. relevant. reliable. verifiable. Question 3 Refer to the chart above. At what point, measured in terms of the net cost of information, does information overload begin? 0 5 10 Question 4 The value chain concept is composed of two types of activities known as primary and support. primary and secondary. support and value. technology and support. Question 5 Transaction cycles can be summarized on a high level as "give-get" transactions. An example of "give-get" in the expenditure cycle would be give cash, get cash. give cash, get goods. give cash, get labor. give goods, get cash. Question 6 The data processing method used by FedEx to track packages is an example of real-time processing. batch processing. online batch processing. real-time batch processing. Question 7 Changing an employee's hourly wage rate would be recorded in which file? Employee master file Employee transaction file Payroll master file Payroll transaction file Question 8 An audit trail provides the means to check the accuracy and validity of ledger postings. begins with the general journal. is automatically created in every computer-based information system. is a summary of recorded transactions. Question 9 In an ERP system, the module used to record data about transactions in the revenue cycle is called order to cash. purchase to pay. financial. customer relationship management. Question 10 When the sum of all entries in the subsidiary ledger equals the balance in the corresponding general ledger account, it is assumed that the recording processes were accurate. all source documents were recorded. adjusting entries are not required. no errors exist in the subsidiary ledger. Question 11 Chuck and Jill Scruggs travel in their motor home six months of the year and buy unique artifacts. Within hours after the Scruggs make a purchase, they have photographed it, written a description of it, and posted it for sale on eBay with a reservation price. Anything that does not sell is shipped back to Austin, Texas, for display in The House of Curiosities, a retail business that the Scruggs operate during the balance of the year. Which symbol should be used to represent the remote server that is used to store data while the Scruggs are traveling? Question 12 In a document flowchart of a manual payroll processing system, "update employee file" will be shown by a(n) ________ symbol, and "prepare payroll check" will be shown by a(n) ________ symbol. input; output input; manual operation manual operation; output manual operation; manual operation Question 13 The Union Soup Kitchen is a non-profit organization that collects, stores, prepares and provides food to the homeless in Erie, Pennsylvania. Donations of food are recorded in a database and a receipt is provided to the donor. When food is used, the database is updated so that it always reflects the amounts and types of food that are available. In a data flow diagram, which type of symbol would be used to represent the flow of data from the donor into the system? Question 14 Chas Mulligan has been hired by Yardley Security as an assistant to the internal auditor. He has been asked to thoroughly document the existing accounting information system in preparation for making recommendations for improvements to internal controls. He decides to begin with a description of the information stored in paper records, their sources, and their destinations. The documentation tool that he should employ for this purpose is a data flow diagram. document flowchart. system flowchart. program flowchart. Question 15 The Union Soup Kitchen is a non-profit organization that collects, stores, prepares and provides food to the homeless in Erie, Pennsylvania. Donations of food are recorded in a database and a receipt is provided to the donor. When food is used, the database is updated so that it always reflects the amounts and types of food that are available. In a data flow diagram, which type of symbol would be used to represent the storage location of data in the system? Question 16 The ________ acts as an interface between the database and the various application programs. data warehouse database administrator database management system database system Question 17 Using a file-oriented approach to data and information, data is maintained in a centralized database. many interconnected files. many separate files. a decentralized database Question 18 The logical structure of a database is described by the data dictionary. schema. database management system. internal level. Question 19 If a national sales tax were implemented, which language would be used to add a new field in the sales table to track the sales tax due? Data Definition Language Data Manipulation Language Data Query Language Data Update Language Question 20 The update anomaly in file-based systems or unnormalized database tables occurs because of data redundancy. restricts addition of new fields or attributes. results in records that cannot be updated. is usually easily detected by users. Question 21 Which characteristic of the fraud triangle relates to excuses that perpetrators use to justify their illegal behavior? pressure opportunity rationalization concealment Question 22 Opportunity to commit fraud is comprised of three stages. The stage that often takes most time and effort would include stealing inventory from the warehouse. selling stolen inventory to get cash. lapping accounts receivable. creating false journal entries to overstate revenue. Question 23 Which characteristic of the fraud triangle often stems from a lack of internal controls within an organization? pressure opportunity rationalization concealment Question 24 The simplest and most common way to commit a computer fraud is to alter computer input. alter computer output. modify the processing. corrupt the database. Question 25 Which of the following is the greatest risk to information systems and causes the greatest dollar losses? human errors and omissions physical threats such as natural disasters dishonest employees fraud and embezzlement Question 26 A fraud technique that slices off tiny amounts from many projects is called the ________ technique. Trojan horse round down salami trap door Question 27 When a computer criminal gains access to a system by searching records or the trash of the target company, this is referred to as data diddling. dumpster diving. eavesdropping. piggybacking. Question 28 During a routine audit, a review of cash receipts and related accounting entries revealed discrepancies. Upon further analysis, it was found that figures had been entered correctly and then subsequently changed, with the difference diverted to a fictitious customer account. This is an example of kiting. data diddling. data leakage. phreaking. Question 29 The unauthorized access to, and use of, computer systems is known as hacking. hijacking. phreaking. sniffing Question 30 Telefarm Industries is a telemarketing firm that operates in the Midwest. The turnover rate among employees is quite high. Recently, the information technology manager discovered that an unknown employee had used a Bluetooth-enabled mobile phone to access the firm's database and copy a list of customers from the past three years that included credit card information. Telefarm was a victim of Bluesnarfing. splogging. vishing. typosquatting. Question 31 According to the ERM, high level goals that are aligned with and support the company's mission are compliance objectives. operations objectives. reporting objectives. strategic objectives. Question 32 A ________ is created to guide and oversee systems development and acquisition. performance evaluation project development plan steering committee strategic master plan Question 33 The amount of risk a company is willing to accept in order to achieve its goals and objectives is Inherent risk Residual risk Risk appetite Risk assessment Question 34 ________ controls prevent, detect and correct transaction errors and fraud. Application Detective General Preventive Question 35 The process that a business uses to safeguard assets, provide accurate and reliable information, and promote and improve operational efficiency is known as a phenomenon. internal control. an AIS threat. a preventive control. Question 36 When new employees are hired by Folding Squid Technologies, they are assigned user names and appropriate permissions are entered into the information system's access control matrix. This is an example of a(an) authentication control. biometric device. remote access control. authorization control. Question 37 According to the Trust Services Framework, the reliability principle of integrity is achieved when the system produces data that is available for operation and use at times set forth by agreement. is protected against unauthorized physical and logical access. can be maintained as required without affecting system availability, security, and integrity. is complete, accurate, and valid. Question 38 Meaningful Discussions is a social networking site that boasts over a million registered users and a quarterly membership growth rate in the double digits. As a consequence, the size of the information technology department has been growing very rapidly, with many new hires. Each employee is provided with a name badge with a photo and embedded computer chip that is used to gain entry to the facility. This is an example of a(an) authentication control. biometric device. remote access control. authorization control. Question 39 The ________ disseminates information about fraud, errors, breaches and other improper system uses and their consequences. chief information officer chief operations officer chief security officer computer emergency response team Question 40 When new employees are hired by Folding Squid Technologies, they are assigned user names and passwords and provided with laptop computers that have an integrated fingerprint reader. In order to log in, the user's fingerprint must be recognized by the reader. This is an example of a(an) authorization control. biometric device. remote access control. defense in depth Question 41 In a private key system the sender and the receiver have ________, and in the public key system they have ________. different keys; the same key a decrypting algorithm; an encrypting algorithm the same key; two separate keys an encrypting algorithm; a decrypting algorithm Question 42 Encryption has a remarkably long and varied history. The invention of writing was apparently soon followed by a desire to conceal messages. One of the earliest methods, attributed to an ancient Roman emperor, was the simple substitution of numbers for letters, for example A = 1, B = 2, etc. This is an example of a hashing algorithm. symmetric key encryption. asymmetric key encryption. a public key. Question 43 The system and processes used to issue and manage asymmetric keys and digital certificates are known as asymmetric encryption. certificate authority. digital signature. public key infrastructure. Question 44 Which of the following is not one of the 10 internationally recognized best practices for protecting the privacy of customers' personal information? Providing free credit report monitoring for customers Inform customers of the option to opt-out of data collection and use of their personal information Allow customers' browsers to decline to accept cookies Utilize controls to prevent unauthorized access to, and disclosure of, customers' information Question 45 Which of the following is not one of the three important factors determining the strength of any encryption system? Key length Key management policies Encryption algorithm Privacy Question 46 A data entry input control in which the application software sums the first four digits of a customer number to calculate the value of the fifth digit and then compares the calculated number to the number typed in during data entry is an example of a check digit verification. validity check. closed-loop verification. duplicate data check. Question 47 A facility that contains all the computing equipment the organization needs to perform its essential business activities is known as a cold site. hot site. remote site. subsidiary location. Question 48 A validity check is an example of a(n) data entry control. data transmission control. output control. input control. Question 49 This ensures that the input data will fit into the assigned field. Limit check Range check Size check Validity check Question 50 When a computer system's files are automatically duplicated on a second data storage system as they are changed, the process is referred to as real-time mirroring. batch updating. consistency control. double-secure storage.
Solution Description

SEE ATTA

Attachments
FINAL_EXAM_PART_1_ANSWER.docx
FINAL_EXAM_PART...