21 Aug CS Quiz, Due In 1 Hour…..Need A+ Grade
Question 13
Of the following frameworks available from ISACA, which one governs IT investments?
| [removed] | COBIT | |
| [removed] | Val IT | |
| [removed] | Risk IT | |
| [removed] | IT Assurance Framework |
Question 14
Applying controls is a direct result of the risk assessment process combined with an analysis of the tradeoffs. Which one of the following is a tradeoff?
| [removed] | Operational impact | |
| [removed] | Security impact | |
| [removed] | User impact | |
| [removed] | Policy impact |
Question 15
Applying controls to a system helps eliminate or reduce the risks. In many cases, the goal is not to eliminate the risk but to reduce the risk to an acceptable level. Why? Applying controls is a direct result of the risk assessment process combined with an analysis of ___________.
| [removed] | the benefits | |
| [removed] | management | |
| [removed] | the tradeoffs | |
| [removed] | resources |
Question 16
The governing process for managing risks and opportunities is the definition of:
| [removed] | NIST Internal Reports (NISTIR) | |
| [removed] | Consensus Audit Guidelines (CAG) | |
| [removed] | Generally Accepted Privacy Principles (GAPP) | |
| [removed] | Enterprise risk management (ERM) |
Question 17
Analyzing potential threats requires the identification of all possible threats first. This is called
__________.
| [removed] | threat identification | |
| [removed] | policy identification | |
| [removed] | risk identification | |
| [removed] | risk analysis |
Question 18
During an IT audit, which of the following administrative safeguards needs to be tested and validated?
| [removed] | Assignment of responsibilities | |
| [removed] | Maintenance procedures | |
| [removed] | Rotation of duties | |
| [removed] | All of the above |
Question 19
When performing a security assessment, using a framework such as NIST 800-15, which is generally the first step?
| [removed] | Target identification | |
| [removed] | Document review | |
| [removed] | Target analysis | |
| [removed] | Exploit and validate vulnerabilities |
Question 20
What is generally not tracked in a change management database?
| [removed] | Operating system type | |
| [removed] | Cost of software | |
| [removed] | Hardware configuration | |
| [removed] | Access permissions |
Question 21
What is an example of multifactor authentication?
| [removed] | A fingerprint reader | |
| [removed] | A smart card with a PIN | |
| [removed] | A password | |
| [removed] | An acceptable use policy |
Question 22
Of the four elements of an audit finding, which one identifies the expected or desired state, which provides context for evaluating the evidence collected by the auditor and the subsequent procedures the auditor performs?
| [removed] | Criteria | |
| [removed] | Circumstance | |
| [removed] | Cause | |
| [removed] | Impact |
Question 23
For security controls, gap analysis involves comparing the present state of controls with a desired state of controls. At a minimum, common baseline security controls should be in place. Any gaps to various types of controls should be clearly documented, for example – “Business continuity management”, which:
| [removed] | Defines the program to provide initial and ongoing security education across the organization. | |
| [removed] | Defines how staff will execute upon the policies, assign responsibilities, and promote accountability. | |
| [removed] | Prevents errors and unauthorized misuse of applications. | |
| [removed] | Provides methods to continue critical operations in spite of business interruptions. |
Question 24
Which element does not constitute an audit finding?
| [removed] | Criteria | |
| [removed] | Circumstance | |
| [removed] | Summary | |
| [removed] | Impact |
Question 25
During an IT audit of a social networking site, the auditor finds that users do not have the option to opt out of a new program to share portions of users’ profiles automatically. Which privacy principle is most affected?
| [removed] | Choice and consent | |
| [removed] | Notice | |
| [removed] | Monitoring and enforcement | |
| [removed] | Quality |
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Wridemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.