All Matches
Solution Library
Expert Answer
Textbooks
Search Textbook questions, tutors and Books
Oops, something went wrong!
Change your search query and then try again
Toggle navigation
FREE Trial
S
Books
FREE
Tutors
Study Help
Expert Questions
Accounting
General Management
Mathematics
Finance
Organizational Behaviour
Law
Physics
Operating System
Management Leadership
Sociology
Programming
Marketing
Database
Computer Network
Economics
Textbooks Solutions
Accounting
Managerial Accounting
Management Leadership
Cost Accounting
Statistics
Business Law
Corporate Finance
Finance
Economics
Auditing
Ask a Question
Search
Search
Sign In
Register
study help
business
auditing assurance services
Questions and Answers of
Auditing Assurance Services
Which of the following is not a desirable control feature in a modem?a. Dynamic equalizationb. Automatic dial-up capabilitiesc. Multiple transmission speedsd. Attenuation amplification
Which of the following functions is unlikely to be performed by a portprotection device?a. Forward error correction of line errors that arise through noise and distortionb. Limiting calls to a host
Packet switching is an example of a:a. Multiplexing techniqueb. Line conditioning techniquec. Concentration techniqued. Modulation technique
Which of the following is not a control benefit that arises as a result of using concentration techniques in a communication network?a. There is a reduction in the amount of data available to a
Which of the following error detection controls has the most impact on the throughput of a communication line?a. Horizontal parity checkb. Cyclic redundancy codec. Vertical parity checkd. Loop check
Forward error correcting codes are most likely to be used to detect line errors with which of the following transmission media?a. Coaxial cableb. Infraredc. Optical fiberd. Satellite microwave
The primary purpose of flow controls is to:a. Detect and correct errors on a communication line caused by excessive traffic on the lineb. Regulate the rate at which a node in a communication network
In choosing a network topology, maximum reliability can be achieved using a:a. Star networkb. Ring networkc. Mesh networkd. Multidrop line network
Which of the following statements about bus topologies versus ring topologies is false?a. Encryption is a more important control in a bus topology compared with a ring topologyb. The taps used in a
Which of the following statements about star topologies is false?a. A star topology is more reliable than a mesh topologyb. The hub is the most critical node in a star networkc. Servicing and
Which of the following problems is unlikely to undermine the reliability of a token ring local area network?a. A node could fail to release the token after capturing it to read a messageb. Tokens
Which of the following is an advantage of using link encryption?a. Individual nodes in the network do not have to be protectedb. The exposure that results from compromise of an encryption key is
End-to-end encryption provides only limited protection against a subversive attack that uses:a. Message insertionb. Spurious associationsc. Change of message orderd. Traffic analysis
A characteristic of a stream cipher is that it:a. Transforms variable-length blocks of cleartext to ciphertextb. Uses a constant fixed-length key to produce ciphertextc. Transforms cleartext on a
When encryption is used in the communication subsystem, the primary purpose of an error propagation code is to protect against:a. Release of message contentsb. Spurious associationsc. Change of
A message authentication code is used to protect against:a. Changes to the content of a messageb. Traffic analysisc. Release of message contentsd. Exposures that arise when PINs are transmitted in
Which of the following controls does not protect against message sequence numbers being altered?a. Error propagation codesb. Cyclic redundancy check c.. Message authentication codesd. Stream ciphers
A request-response mechanism is most likely to be used in a:a. System where the receiver and sender are in constant communication with each other b Military data communication system where data
Which of the following is not a reason for establishing an internet?a. To improve the overall reliability of the networkb. To better exercise access controls over the various subnetworksc. To confine
In the context of the OSI communication architecture, in which of the following layers are encryption controls unlikely to be exercised?a. Presentationb. Data linkc. Physicald. Transport
Which of the following data items is most likely to appear in the operations audit trail and not the accounting audit trail for the communication subsystem?a. Time and date at which the message was
You are the external auditor for Centnet Pty. Ltd., a public electronic funds transfer network that operates switches in the capital cities of all states in Australia. Because Centnet has a large
Centnet Pty. Ltd. is a public electronic funds transfer network that operates switches in the capital cities of all states in Australia (see case 12-1). Because much of the data transmitted
During 1984-85, the credit union industry in Australia considered various ways of improving the electronic funds transfer services that it offered to its members. Most credit unions already provided
To provide more extensive services to their customers, financial institutions in some countries are becoming increasingly involved in using interchange network facilities. In an interchange network
You are the partner-in-charge of information systems auditing for a large public accounting firm. One of your clients is a major insurance company that is a mature user of computer-based information
Which of the following actions is most likely to increase the number of errors made during data input to an application system:a. Direct entry of data captured during interaction between a clerk and
The factor most likely to affect the grade and weight of paper chosen for a source document is:a. The conditions under which the source document will be completedb. Whether the documents will be
In the layout of a source document:a. To prevent users from being confused, keying instructions should not appear on the formb. Instructions should not be combined with questionsc. Fields should be
The primary factor affecting the design of a data-entry screen is:a. The amount of data to be collected on the screenb. The expertise and experience of the keyboard operatorc. How frequently the
If a screen is used for direct entry of input data, it should be organized to:a. Maximize the number of vertical alignment points to decrease screen complexityb. Mirror the way in which data is to be
Which of the following is not a design guideline for captions on a data-entry screen?a. Use uppercase type font for captions and lowercase type font for dataentry fieldsb. Fully spell out captions if
Which of the following is not a design guideline for data-entry field design on a screen?a. Tab automatically to the next field when the current field is full of datab. In the case of a repeating
Which of the following is not a design guideline for using color on a dataentry screen?a. Use colors sparinglyb. Use bright colors so differences are highlightedc. Use colors that are widely spaced
Under what circumstances will a data-entry screen keyboard operator tolerate the slowest response time?a. The transition between one screen and the next screenb. The transition between one field and
If the product number A5723 is coded as A2753, this is an example of a:a. Truncation errorb. Double transposition errorc. Random errord. Transcription error
A strategy for reducing coding errors is to:a. Have only numeric codesb. Group more characters in a chunk of informationc. If a mixed alphabetic-numeric code is used, group alphabetics together and
The code AJB/156/7G is most likely to be an example of a(n):a. Hierarchical codeb. Block sequence codec. Alphabetic derivation coded. Serial code
Given the code 7215 , modulus 13 , and the weights \(2-1-2-1\), the check digit is:a. 1b. 10c. 0d. 3
Which of the following guidelines should not be used when designing a batch?a. Have only one type of document in the batchb. Have the batch small enough to facilitate locating errorsc. Have the batch
A check for missing data/blanks is an example of a:a. Record checkb. Set membership checkc. Field checkd. Batch check
A check for a valid sign (numerics) is an example of:a. Record checkb. Batch checkc. Field checkd. Alphabetics/numerics check
The purpose of an input validation sequence check is to:a. Check that input files are loaded in the correct orderb. Check that multiple physical records for a single logical record follow the
The purpose of a file retention date is to:a. Enable files with the same generation number to be distinguishedb. Indicate when the file should be recovered from production activitiesc. Prevent the
Novice users are most likely to make errors when they use a:a. Menu-driven languageb. Command languagec. Question-answer languaged. Forms-based language
To reduce errors, it is better to use a command language that has:a. Specification of arguments without having to use keywordsb. A small number of commands with a large number of argumentsc. A large
Which of the following is a strength of using a natural-language interface to an application system?a. It copes well with the ambiguity and redundancy inherent in natural languageb. The lexicon
Which of the following is a limitation in the use of direct manipulation interfaces to application systems?a. They are error-prone, even with experienced users, because they are not preciseb. It is
During lexical validation of instruction input, which of the following "words" would be classified as a literal?a. A reserved wordb. A mathematical operatorc. A labeld. A numerical constant
Which of the following is not a function of the syntax analyzer during instruction input?a. Identifies the sequence of operations to be performedb. Classifies identifiers as either labels or
Which of the following would be identified as an error during semantic validation of instruction input?a. Use of a reserved word as a literalb. A missing parenthesis in a mathematical equationc.
Which of the following data items is likely to be most useful as part of the operations audit trail (rather than the accounting audit trail) for the input subsystem?a. The identity of the person who
Which of the following statements about existence controls in the input subsystem is most likely to be false?a. Existence controls for instruction input are more important than existence bontrols for
Orchard Distributions Pte. Ltd. is a large, Singaporean-based distributor of clothing products to other companies throughout Southeast Asia. Orders are received from customers either by telephone,
Chang \& Co. is a Malaysian civil engineering firm based in Kuala Lumpur. It performs construction work throughout Southeast Asia. The firm employs 1,000 people at various offices and construction
You are the internal auditor for a large distributor participating in the design of a new order-filling system. The programmer responsible for the design of the input validation program asks your
Refer to case 10-1. Using the bill-payment-by-telephone system, customers enter the following data:a. customer numberb. account numberc. creditor numberd. amount to be paid to creditor in centse.
Keep-on-Truckin Corporation (KOTC) is a manufacturer and distributor of shoes. It has established electronic data interchange (EDI) links with most of its customers.The sequence of electronic
Canterbury Convenience Stores (CCS) is a newly formed organization in Christchurch, New Zealand. It comprises 10 moderately sized convenience stores that previously operated independently of each
You are an external auditor in a firm that undertakes the audit of Canadian Life and Mutual (CLM), a large, Montreal-based financial institution. CLM relies heavily on its computer-based information
Ferntree Products Limited (FPL) is a large New Zealand-based manufacturer of diverse products with headquarters in Auckland. It uses information technology extensively to support all aspects of its
Dayton Deliveries (DD) Plc. is a large Manchester-based distribution company with an extensive and diverse customer base scattered throughout England. DD is regarded as a market leader in the
You are an information systems auditor in the firm of external auditors for Black Snake Breweries (BSB) Ltd., a large Brisbane-based manufacturer and supplier of beer to Australia, New Zealand, Papua
Hunger-Payne (HP) Inc. is a medium-sized Atlanta-based manufacturer and distributor of snack-foods. It has sought to establish a niche in the marketplace by developing products aimed at
Briefly describe the functions of the boundary subsystem. Give two components that perform basic activities in the boundary subsystem.
Why are boundary subsystem controls becoming more important? Do you expect this trend to continue? If so, why?
Define the following terms:a. Cryptologyb. Cryptographyc. Cryptanalysisd. Cryptogram
Briefly explain the difference between transposition ciphers, substitution ciphers, and product ciphers. Which type of cipher is used most often in modern cryptosystems? Why?
What is meant by the "work factor" associated with a cipher system? Explain the relationship between the work factor and the size of the cryptographic key.
Briefly explain the difference between a strong-algorithm cryptosystem and a long-key cryptosystem. Why did the U.S. National Bureau of Standards choose a strong-algorithm cryptosystem for the data
Briefly explain the nature of public-key cryptography.
What functions must be carried out in cryptographic key management? Why is the evaluation of key management probably the most important aspect of evaluating an information system function's use of
How does the architecture of a cryptographic facility affect the method used to install cryptographic keys?
What is meant by an access control? Why are access controls needed in most computer systems? Can you think of any computer systems that might purposely decrease the level of access control they
What functions should an access control mechanism perform? Give two components in a computer system in which auditors are likely to find an access control mechanism. Describe the types of resources
Distinguish between identification and authentication. Is there a relationship between the two? In setting up an authentication scheme, what would be the major factor(s) influencing you to choose
Explain why authentication should be a two-way process: the access control mechanism authenticating itself and users authenticating themselves.
What are the three classes of authentication information? Give an example of each.
In the context of boundary-subsystem controls, what is a Trojan-horse threat?
Why is it important that object resources be identified uniquely in a computer system and that the identity of each object resource cannot be forged?
Which object resoutce typically has the most complex action privileges applying to its use? Briefly explain why this is the case.
Briefly explain the difference between conditional and unconditional action privileges. Give two examples of fields in an accounts receivable file where conditional action privileges might be
What is the difference between a discretionary access control policy and a mandatory access control policy? In commercial information systems environments, which type of access control policy is most
Briefly explain the nature of the simple security property and the confinement property associated with access controls under a mandatory access control policy.
What is the difference between a closed access control environment and an open access control environment?
Briefly explain the difference between a "ticket-oriented approach" and a "list-oriented" approach to access authorization. Outline the relative advantages and disadvantages of each approach.
What is meant by a "protection domain"? Why are small protection domains desirable? What performance requirement does the implementation of small protection domains place on an access control
Briefly explain the difference between derived PINs, random PINs, and customer-selected PINs. What are the relative advantages and disadvantages of each type of PIN?
How does the method of PIN issuance and delivery differ depending on the method used to generate PINs?
Briefly explain the nature of each of the following methods for eliciting PINs from customers:a. Mail solicitationb. Telephone solicitationc. PIN entry via a secure terminald. PIN entry at the
Briefly explain the difference between local PIN validation and interchange PIN validation. Why is a PIN checkdigit useful when interchange PIN validation must be used?
Why is it important that a unique cipher be generated each time a PIN is transmitted over a communications line? How might this objective be accomplished?
When an encrypted PIN must be stored for reference purposes, why must it be stored as a function of the account number to which it applies? Briefly discuss the relative advantages of using reversible
What is a digital signature? Why are digital signatures needed in data communication systems? How are digital signatures used to send signed, secret messages?
Why are arbitrated digital signature schemes sometimes needed?
In terms of the access coritrol mechanism used in an electronic funds transfer system, what function does a plastic debit or credit card fulfil? Why should cards be issued only after a formal
Why must basic inventory control procedures be used over the stock of plastic cards? If cards are produced by an outside vendor, what can auditors do to obtain some assurance about the reliability of
Why should plastic cards and PIN mailers never be mailed at the same time to a customer? What is the purpose of using premailers prior to mailing a PIN or a card? What actions should be taken by the
Why is customer education such a critical control in the use of plastic cards in an electronic funds transfer system?
Give four data items that might be recorded in the accounting audit trail and two items that might be recorded in the operations audit trail for the boundary subsystem. Briefly explain why these data
Showing 700 - 800
of 2558
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Last