New Semester
Started
Get
50% OFF
Study Help!
--h --m --s
Claim Now
Question Answers
Textbooks
Find textbooks, questions and answers
Oops, something went wrong!
Change your search query and then try again
S
Books
FREE
Study Help
Expert Questions
Accounting
General Management
Mathematics
Finance
Organizational Behaviour
Law
Physics
Operating System
Management Leadership
Sociology
Programming
Marketing
Database
Computer Network
Economics
Textbooks Solutions
Accounting
Managerial Accounting
Management Leadership
Cost Accounting
Statistics
Business Law
Corporate Finance
Finance
Economics
Auditing
Tutors
Online Tutors
Find a Tutor
Hire a Tutor
Become a Tutor
AI Tutor
AI Study Planner
NEW
Sell Books
Search
Search
Sign In
Register
study help
business
accounting information systems
Accounting Information Systems 13th Global Edition Marshall B. Romney, Paul John Steinbart - Solutions
Describe what a tuple in a database is. What does it consist of, and what function does it have in a database?
The constraint that all primary keys must have nonnull data values is referred to as which of the following?a. Referential integrity ruleb. Entity integrity rulec. Normalization ruled. Relational data model rule
The constraint that all foreign keys must have either null values or the value of a primary key in another table is referred to as which of the following?a. Referential integrity ruleb. Entity integrity rulec. Foreign key value ruled. Null value rule
Which of the following is not a basic requirement of a relational database?a. Primary keys cannot be null.b. Every column in a row must be single valuedc. Foreign keys cannot be null.d. All non-key attributes in a table must describe a characteristic of the object identified by the primary key.
Which of the following is a fraud in which employees use the company’s computer time to run their own data processing business?a. Input fraudb. Processor fraudc. Computer instructions fraudd. Output fraud
Do you agree that high penalty, such as losing good salaries or retirement benefits, is the most effective way to reduce employee fraud because the cost of dishonesty is excessive?
Which type of fraud is associated with 50% of all auditor lawsuits?a. Kitingb. Fraudulent financial reportingc. Ponzi schemesd. Lapping
Which of the following statements is false?a. The psychological profiles of white-collar criminals differ from those of violent criminals.b. The psychological profiles of white-collar criminals are significantly different from those of the general public.c. There is little difference between
Which of the following conditions is/are usually necessary for a fraud to occur? (Select all correct answers.)a. Pressureb. Opportunityc. Explanationd. Rationalization
Which of the following is not an example of computer fraud?a. Theft of money by altering computer recordsb. Obtaining information illegally using a computerc. Failure to perform preventive maintenance on a computerd. Unauthorized modification of a software program
For each of the following independent cases of employee fraud, recommend how to prevent similar problems in the future.a. Some customers found that the products of a prestigious brand sold at the retail shops in China are counterfeits. This explains why the customers prefer to buy the products in
Which of the following causes the majority of computer security problems?a. Human errorsb. Software errorsc. Natural disastersd. Power outages
An insurance company in Asia reported profit of $100 million for the financial year through the news-dissemination system of the stock exchange. Its stock price increased several times, as the announced profit was 10 times more than the previous year’s. A few days later, the company announced a
Which of the following is not one of the responsibilities of auditors in detecting fraud according to SAS No. 99?a. Evaluating the results of their audit testsb. Incorporating a technology focusc. Discussing the risks of material fraudulent misstatementsd. Catching the perpetrators in the act
Which of the following control procedures is most likely to deter lapping?a. Encryptionb. Continual update of the access controlc. Background check on employeesd. Periodic rotation of duties
Which of the following is the most important, basic, and effective control to deter fraud?a. Enforced vacationsb. Logical access controlc. Segregation of dutiesd. Virus protection controls
The ACFE periodically prepares an article called “What Is Your Fraud IQ?” It consists of 10 or more multiple choice questions dealing with various aspects of fraud. The answers, as well as an explanation of each answer, are provided at the end of the article. Visit the Journal of Accountancy
Once fraud has occurred, which of the following will reduce fraud losses? (Select all correct answers. )a. Insuranceb. Regular backup of data and programsc. Contingency pland. Segregation of duties
Explore the Fraud Prevention, Detection, and Response portion of the AICPA website (http://www.aicpa.org/INTERESTAREAS/FORENSICANDVALUATION/RESOURCES/FRAUDPREVENTIONDETECTIONRESPONSE/Pages/fraudpreventi-on-detection-response.aspx), and write a two-page report on the three most interesting things
A set of instructions to increase a programmer’s pay rate by 10% is hidden inside an authorized program. It changes and updates the payroll file. What is this computer fraud technique called?a. Virusb. Wormc. Trap doord. Trojan horse
Which computer fraud technique involves a set of instructions hidden inside a calendar utility that copies itself each time the utility is enabled until memory is filled and the system crashes?a. Logic bombb. Trap doorc. Virusd. Trojan horse
Interest calculations are truncated at two decimal places, and the excess decimals are put into an account the perpetrator controls. What is this fraud called?a. Typosquattingb. URL hijackingc. Chippingd. Round-down fraud
When a company stores your password for their business, they normally perform a mechanism called “hashing”. A hash is a one-way function which takes a word and gives it an apparently random string, such as “0571749e2ac330a7455809c6b0e7af90”’. Companies do this because if the function went
A customer of a bank received the following email:Dear Valued Customer!As part of our continuing commitment to protect your account, and to reduce instance of fraud on our website, we are a periodic review of the accounts of our customers. You are to visit our site by following the link given
A perpetrator attacks phone systems to obtain free phone line access or uses telephone lines to transmit viruses and to access, steal, and destroy data. What is this computer fraud technique called?a. Phishingb. Phreakingc. Pharmingd. Vishing
Computer Fraud and Abuse Techniques.Match the computer fraud and abuse technique in the left column with the scenario in the right column. Terms on the left may be used once, more than once, or not at all. - - - - 1. Address Resolu- tion Protocol (ARP) spoofing 2. Buffer overflow attack 3.
Fraud perpetrators threaten to harm a company if it does not pay a specified amount of money. What is this computer fraud technique called?a. Cyber-terrorismb. Blackmailingc. Cyber-extortiond. Scareware
Techniques used to obtain confidential information, often by tricking people, are referred to as what?a. Pretextingb. Posingc. Social engineeringd. Identity theft
What type of software secretly collects personal information about users and sends it to someone else without the user’s permission?a. Rootkitb. Torpedo softwarec. Spywared. Malware
What is the name of the computer attack which captures data from information items as it travels over networks?a. Packet sniffersb. Item sniffersc. Malwared. Adware
Which type of computer attack steals contact lists, images and other data using Bluetooth?a. Bluebuggingb. Bluesnarfingc. Buffer overflowd. Carding
Someone redirects a website’s traffic to a bogus website, usually to gain access to personal and confidential information. What is this computer fraud technique called?a. Vishingb. Phishingc. Pharmingd. Phreaking
Verifying the validity of credit or debit card numbers during an online transaction is an example ofa. Physical controls.b. Logical access controls.c. Application controls.d. General controls
In the ERM model, COSO specified four types of objectives that management must meet to achieve company goals. Which of the following is not one of those types?a. Responsibility objectives b. Strategic objectivesc. Compliance objectives d. Reporting objectivese. operations objectives
When you go to a private clinic, the doctor provides you with medical advice. After that, you settle the bill outside the consultation room. How would the doctor monitor any exchange of drugs, and the correct receipt of money from the patients? How would the tax authorities identify if there is any
All other things being equal, which of the following is true?a. Detective controls are superior to preventive controls.b. Corrective controls are superior to preventive controls.c. Preventive controls are equivalent to detective controls.d. Preventive controls are superior to detective controls.
Which of the following statements about the control environment is false?a. Management’s attitudes toward internal control and ethical behavior have little impact on employee beliefs or actions.b. An overly complex or unclear organizational structure may be indicative of problems that are more
Well-established restaurants use standardized recipes for the dishes they serve. Some even have a pre-set menu for different meals of the day. How does the use of standardized recipes and menus help restaurants control the use of raw material to make the food, and to identify irregularities? What
To achieve effective segregation of duties, certain functions must be separated. Which of the following is the correct listing of the accounting-related functions that must be segregated?a. Control, recording, and monitoringb. Authorization, recording, and custodyc. Control, custody, and
Which of the following is not an independent check?a. Bank reconciliationb. Periodic comparison of subsidiaryc. Trial balanced. Re-adding the total of a batch of invoices ledger totals to control accounts and comparing it with your first total
Which of the following is a control procedure relating to both the design and the use of documents and records?a. Locking blank checks in a drawerb. Reconciling the bank accountc. Sequentially prenumbering sales invoicesd. Comparing actual physical quantities with recorded amounts
Which of the following is the correct order of the risk assessment steps discussed in this chapter?a. Identify threats, estimate risk and exposure, identify controls, and estimate costs and benefits.b. Identify controls, estimate risk and exposure, identify threats, and estimate costs and
Bank cards are commonly used for payment in electronic commerce and in physical transactions. Customers are normally required to key in the card number as well as the expiry date and/or security code before processing is performed on the Internet. In physical transactions, a signature is required
Your current system is deemed to be 90% reliable. A major threat has been identified with an impact of $3,000,000. Two control procedures exist to deal with the threat. Implementation of control A would cost $100,000 and reduce the likelihood to 6%. Implementation of control B would cost $140,000
Which of the following statements is true?a. The concept of defense-in-depth reflects the fact that security involves the use of a few sophisticated technical controls.b. Information security is necessary for protecting confidentiality, privacy, integrity of processing, and availability of
Beccan Company is a discount tire dealer operating 25 retail stores in a large metropolitan area. The company purchases all tires and related supplies using the company’s central purchasing department to optimize quantity discounts. The tires and supplies are received at the central warehouse and
All of the following are guidelines that should be followed in naming DFD data elements EXCEPT:a. Process names should include action verbs such as update, edit, prepare, and record.b. Make sure the names describe all the data or the entire process.c. Name only the most important DFD elements.
The documentation skills that accountants require vary with their job function. However, they should at least be able to do which of the following?a. Read documentation to determine how the system works.b. Critique and correct documentation that others prepare.c. Prepare documentation for a
Which of the following statements is FALSE?a. A flowchart is an analytical techniqueb. Flowcharts use a standard set of symbols to describe pictorially the flow of documents and data through a system.c. Flowcharts are easy to prepare and used to describe some aspect of an revise when the designer
Which of the following statements is false?a. Flowcharts use a set of four symbols.b. Document flowcharts emphasize the flow of documents or records containing data.
All of the following are recommended guidelines for making flowcharts more readable, clear, concise, consistent, and understandable EXCEPT:a. Divide a document flowchart into columns with labels.b. Flowchart all data flows, especially exception procedures and error routines.c. Design the
How are data sources and destinations represented in a data flow diagram?a. As a Squareb. As a curved arrowc. As a circled. As two parallel linese. None of the above
Replicate the following DFD in Visio, Microsoft Word, Microsoft Excel, or some other documentation software package. Customer Order Data Shipping Acknowledgement Sales Order Billing 1.1 Take Order 1.3 Check Inventory Availability Sales Order Order 1.2 Approve Credit Approved Order Picking
It is important to periodically run a vulnerability scan to check the software on your computer. Secunia.com provides tools to either perform an online (Online Software Inspector) or offline (Personal Software Inspector) scan of your Windows machine. Use one of those tools to scan your computer.
Which of the following is a preventive control?a. Trainingb. Log analysis c. CIRTd. Virtualization
The U.S. Department of Defense has created a simulation called “CyberProtect” that teaches how various information security tools work together to provide effective information security, subject to resource constraints. Visit the department’s website
The following table lists the actions that various employees are permitted to perform: EMPLOYEE Able Baker Charley Denise Ellen PERMITTED ACTIONS Check customer account balances Check inventory availability Change customer credit limits Update inventory records for sales and purchases Add new
The control procedure designed to restrict what portions of an information system an employee can access and what actions he or she can perform is called _______________.a. Authenticationb. Authorizationc. Intrusion preventiond. Intrusion detection
A weakness that an attacker can take advantage of to either disable or take control of a system is called a(n) __________.a. Exploitb. Patchc. Vulnerabilityd. Attack
Which of the following is a corrective control designed to fix vulnerabilities?a. Virtualizationb. Patch managementc. Penetration testingd. Authorization
Which of the following is a detective control?a. Hardening endpointsb. Physical access controlsc. Penetration testingd. Patch management
Which of the following statements is true?a. “Emergency” changes need to be documented once the problem is resolved.b. Changes should be tested in a system separate from the one used to process transactions.c. Change controls are necessary to maintain adequate segregation of duties.d. All
Secure configuration of endpoints includes properly configuring your browser and your smartphone. Visit the Center for Internet Security’s website (www.cisecurity.org). Navigate to the “Configuration Benchmarks” and download the benchmark for either your favorite browser or your smartphone.
Which of the following techniques is the most effective way for a firewall to use to protect the perimeter?a. Deep packet inspectionb. Packet filteringc. Access control listd. All of the above are equally effective.
Read the article “19 Ways to Build Physical Security into a Data Center,’ which appeared in the November 2005 issue of CSO Magazine (you can find the article at www .csoonline.com/read/110105/datacenter.html). Which methods would you expect almost any major corporation to use? Which might
Which of the following combinations of credentials is an example of multifactor authentication?a. Voice recognition and a fingerprintb. A PIN and an ATM cardc. A password and a user ID readerd. All of the above
Modifying default configurations to turn off unnecessary programs and features to improve security is called _________.a. User account managementb. Defense-in-depthc. Vulnerability scanningd. Hardening
Which of the following statements is true? a. Encryption is sufficient to protect confidentiality and privacy. b. Cookies are text files that only store information. They cannot perform any actions. c. The controls for protecting confidentiality are not effective for protecting
With reference to the Edward Snowden case, explain why some companies disallow their employees from freely using Yahoo or Gmail at work, or forbid employees from forwarding company emails to such accounts?
Transmitting confidential information over the Internet is always a challenge. In the old days, people sent confidential information by hardcopy, and it was easy to control. This method is still being used. But it has loopholes. People can simply scan a hardcopy, and convert it into an electronic
A digital signature is __________.a. Created by hashing a document and then encrypting the hash with the signer's private key b. Created by hashing a document and then encrypting the hash with the signer's public keyc. Created by hashing a document and then encrypting the hash with the signer's
Which of the following statements is true?a. Encryption and hashing are both reversible (can be decoded). b. Encryption is reversible, but hashing is not.c. Hashing is reversible, but encryption is not. d. Neither hashing nor encryption is reversible.
Able wants to send a file to Baker over the Internet and protect the file so that only Baker can read it and can verify that it came from Able. What should Able do?a. Encrypt the file using Able's public key, and then encrypt it again using Baker's private key. b. Encrypt the file using Able's
Comment on the statement made by IT and marketing people: Data security and convenience move in opposite directions.
Confidentiality focuses on protecting ___________.a. Personal information collected from customers.b. A company's annual report stored on its website.c. Merger and acquisition plans.d. All of the above.
Which of the following statements about obtaining consent to collect and use a customer’s personal information is true?a. The default policy in Europe is opt-out, but in the United States the default is opt-in. b. The default policy in Europe is opt-in, but in the United States the default is
One of the ten Generally Accepted Privacy Principles concerns security. According to GAPP, what is the nature of the relationship between security and privacy?a. Privacy is a necessary, but not sufficient, precondition to effective security. b. Privacy is both necessary and sufficient to
Increased presence on social networking sites and use of the Internet has not only enabled us to communicate more effectively but has also allowed the online community to breach our privacy. Perform the following experiments, and write a report on what impression a person might get of you if they
Which of the following statements is true?a. Symmetric encryption is faster than asymmetric encryption and can be used to provide nonrepudiation of contracts. b. Symmetric encryption is faster than asymmetric encryption but cannot be used to provide nonrepudiation of contracts.c. Asymmetric
Which of the following statements is true?a. VPNs protect the confidentiality of in- formation while it is in transit over the Internet. b. Encryption limits firewalls' ability to filter traffic.c. A digital certificate contains that entity's public key. d. All of the above are true.
Explore and test various browser privacy settings.a. Open your favorite browser and print a screenshot of your current settings.b. Go to www.cisecurity.org and obtain the recommended best practices for privacy settings for your browser. Change your existing settings to those best practices.Use
Match the following terms with the appropriate definition or example: - - 1. Business continuity plan (BCP) 2. Completeness check 3. Hash total 4. Incremental daily backup 5. Archive 6. Field check 7. Sign check 8. Cold site 9. Limit check 10. Zero-balance test a. A file used to store information
Which of the following can organizations use to protect the privacy of a customer’s personal information when giving programmers a realistic data set with which to test a new application?a. Digital signatureb. Digital watermark c. Data loss preventiond. Data masking
Explain why digital certificates for enterprises are more important than for individuals. What types of digital certificates are usually issued by commercial certificate authorities, such as Thawte and Verisign? What is the process called?
Explore the power of the :bcc feature to protect privacy.a. Write a message and send it to yourself plus use the :cc feature to send it to a set of people, including one of your other e-mail accounts in the :cc list.b. Repeat step a, but this time send the e-mail only to yourself and then list
Batch totals summarize numeric values for a batch of input records. Name three commonly applied batch totals, and explain how they are used.
Which of the following measures the amount of data that might be potentially lost as a result of a system failure?a. Recovery time objective (RTO)b. Recovery point objective (RPO)c. Disaster recovery plan (DRP)d. Business continuity plan (BCP)
What is the difference between using check digit verification and using a validity check to test the accuracy of an account number entered on a transaction record?
Pre-numbering of all source documents is a mitigating control to preserve processing integrity at what stage of the process?a. Inputb. Processingc. Output
Automated controls supplement manual safeguards in checking source documents for reasonableness and propriety. Which of the following is not a data entry control?a. A sign checkb. A range checkc. A validity checkd. A stability check
Use the numbers 10 to 19 to show why transposition errors are always divisible by 9.
A reasonableness test checks the validity of the logical relationship between two data items. It is an application control that verifies that an account number entered in a transaction record matches an account number in the related master file.a. Trueb. False
The ABC Company is considering the following options for its backup plan: 1. Daily full backups: Time to perform backup = 60 minutes • Size of backup = 50 GB • Time to restore from backup = 30 minutes 2. Weekly full backups plus daily incremental backup: • Same requirements as option I to do
Which of the following statements is true?a. Incremental daily backups are faster to perform than differential daily back- ups, but restoration is slower and more complex.b. Incremental daily backups are faster to perform than differential daily backups, and restoration is faster and
A transposition error results when numbers of two adjacent columns are inadvertently exchanged (for example, 64 is written instead of 46). It can be mitigated witha. Input controls.b. Processing controls.c. Output controls.
Which of the following is an example of the kind of batch total called a hash total?a. The sum of the purchase amount fieldb. The sum of the purchase order numberc. The number of completed documents in a set of purchase orders in a set of purchase ordersd. All of the above field in a set of
Which of the following statements is true?a. Virtualization significantly reduces RTO for hardware problems.b. Cloud computing reduces the risk that a single catastrophe from either a natural disaster or terrorist attack would result in significant downtime and loss of availability.c. Backups
For each of the following scenarios, determine whether the company’s current backup procedures enable it to meet its recovery objectives, and explain why: a. Scenario 1: • Recovery point objective = 24 hours • Daily backups at 3:00 A.M., process takes 2 hours Copy of backup tapes picked up
What is the name of the basic option for replacing IT infrastructure that is an empty building, prewired for necessary telephone and Internet access, plus a contract with one or more vendors to provide all necessary equipment within a specified period of time?a. A hot site.b. A cold site.c. A
Organizations also need to implement controls designed to minimize the risk of data transmission errors. When data is transmitted, the sending device can calculate a hash of the file, called aa. Parity bit.b. Parity checking.c. Check sum.
Showing 4000 - 4100
of 5294
First
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
Last
Step by Step Answers
Get 50% OFF
Claim Now
