All Matches

Solution Library

Expert Answer

Textbooks

Search Textbook questions, tutors and Books

Oops, something went wrong!

Change your search query and then try again

Result Not Found

Books FREE
Tutors
Study Help
Hire a Tutor
AI Study Help New

Search
Sign In
Register

study help
business
auditing assurance services

Questions and Answers of Auditing Assurance Services

What conditions must exist before a grandfather, father, son backup strategy can be used? Briefly discuss the advantages and disadvantages of the strategy.
The dual recording/mirroring backup strategy does not allow recovery of the database from all types of failure. Briefly describe the situations where recovery can not be accomplished.
Briefly explain the differences between logical dumping and physical dumping. What are the relative advantages and disadvantages of each method of dumping?
Why is dumping only a partial backup strategy?
Briefly describe the various types of logs that can be used for recovery purposes. Why might a combination of logging strategies be used for recovery purposes?
When logging input transactions, why is it necessary to distinguish between transactions that have been processed successfully and those that have been processed in error? If this distinction is not
Briefly explain the process of rolling back the database using beforeimages of the records in the database. Why is it necessary to take beforeimages of records in a list file that are moved because
Explain the problems of using afterimages to roll back the database. Why might a decision have been made not to log beforeimages, even though the problems of rolling back the database were recognized
Briefly explain the residual dump backup and recovery strategy. Is it necessary to log both beforeimages and afterimages of records changed using a residual dump strategy?
Briefly explain the concept of a differential file. What advantages does a differential file have for backup and recovery purposes?
Briefly explain the shadow paging backup and recovery strategy. Give one advantage and one disadvantage of the shadow paging strategy.
Which of the following types of database access control will prevent personnel clerks from accessing the names of employees whose salaries exceed \(\$ 30,000\) unless they are seeking to perform some
Which of the following types of database access control is the most difficult to enforce?a. Name-dependent access controlb. Context-dependent access controlc. Content-dependent access controld.
The purpose of horizontal propagation controls is to:a. Restrict user views of the database only to relations that are used in multiple application systemsb. Limit the number of users to whom a user
Which of the following statements about polyinstantiation as a means of implementing mandatory access controls in the database subsystem is true?a. Conditional statements are applied to a single
If a minimal cardinality constraint applies to an entity in the entity-relationship model, it specifies:a. The minimum number of relationships that the entity can have with other entities in the
Which of the following statements best describes the meaning of a referential integrity constraint in the relational data model?a. The primary key of tuple in a relation must uniquely identify the
Incorrect end-of-file protocols in an application update program tend to result in:a. Transaction file records not being processedb. Standing data being corruptedc. Programs getting into loopsd. The
An application program that updates monetary data items should maintain a suspense account to:a. Act as a repository for monetary transactions that mismatch the master fileb. Allow postings if a
Which of the following data items is most likely to have its integrity protected by controls over standing data?a. A raw material issueb. A pay ratec. A customer's addressd. A quantity sold
Which of the following is not a condition for deadlock to arise?a. Additional requestb. Circular waitc. Lockoutd. Preemption
Which of the following properties of a transaction is not required for two phase locking to worka. Isolationb. Atomicityc. Consistencyd. Temporality
Which of the following statements about concurrency controls in a distributed database environment is true?a. Isolation of transactions is not required to effect two-phase lockingb. In a replicated
Which of the following statements about cryptographic controls in the database subsystem is false?a. If little or no sharing of data among users occurs, each user can protect their own data using a
Which of the following is least likely to be an objective of file handling controls?a. To prevent data items from being accidentally overwrittenb. To ensure the correct file has been loaded for a
Which of the following objectives will require an explosion operation in terms of the accounting audit trail in the database subsystem?a. To determine whether a transaction entered by one user
Which of the following objectives is least likely to be served by the operations audit trail in the database subsystem?a. To determine whether a new index needs to be established in the databaseb. To
Which of the following is not a disadvantage of the grandfather, father, son backup and recovery strategy?a. Precludes update in placeb. Consumes substantial resources to effect global recoveryc.
Dual protection/mirroring affords protection against:a. A procedural errorb. A system software errorc. An application program errord. A power loss
Relative to physical dumping, logical dumping:a. Is a faster backup strategyb. Is slower when localized recovery is neededc. Causes fewer problems with multilist file organizationsd. Is more
Which of the following is not a purpose of logging?a. To obviate the need for a dumpb. To provide a record of transactions in the time sequence in which they occurredc. To reduce the downtime needed
Which logging strategy facilitates rollforward of the database?a. Logging input transactionsb. Logging before imagesc. Logging valid transactions onlyd. Logging afterimages
A purpose of separating successful input transactions from unsuccessful input transactions on a log is to:a. Avoid control total problems when the data must be reprocessed for recoveryb. Facilitate
Which of the following is not a problem when rollback is needed as a means of recovery and concurrent update processes have altered the damaged database?a. All processes that update the corrupted
Residual dumping involves logging records that have not been changed since the:a. Last residual dumpb. Second-last residual dumpc. Last full dumpd. Second-last full dump
If a roll forward operation takes place using a residual dump, recovery involves:a. Going back to but not including the second-last residual dumpb. Going back to and including the last residual
Which of the following is a disadvantage of residual dumping?a. There is less flexibility in leveling system workloadsb. There is more duplicate backupc. It cannot take place as a background
A differential file facilitates rollback because:a. Record changes and beforeimages can be assigned to a high-speed storage deviceb. The primary file constitutes beforeimage versions of the updated
Which of the following statements about shadow paging is true?a. When processing of a transaction commences, the current page table is deletedb. Rollback involves overwriting the shadow page table
What are the major functions of the processing subsystem? What are the major components of the processing subsystem?
What factors can cause a central processor to fail? What controls can be used to detect and correct errors that occur in the central processor?
How does the existence of a multiple-state machine enhance control within the central processing unit?
What is the purpose of timing controls within the central processing unit?
Briefly distinguish between a multicomputer architecture and a multiprocessor architecture. What is the primary purpose of using these types of architectures when machines are built?
What factors cause errors in a real memory cell? How are errors often detected?
Distinguish between the real memory protection mechanisms used in a multiuser contiguous storage-allocation system and a multiuser noncontiguous storage-allocation system.
How does a "tagged" architecture enhance control over real memory cells?
Briefly explain the nature of virtual memory. How does the addressing mechanism work in a virtual memory system?
Briefly distinguish between a ticket-oriented and a list-oriented approach to access control over a virtual memory block.
List the five goals that a secure operating system must achieve.
Briefly explain the nature of the following types of operating system penetration techniques:a. Browsingb. Piggybackingc. Trojan horse
Briefly explain the nature of:a. Covert storage channelsb. Covert timing channels
Briefly explain the nature of the following types of operating system integrity flaws:a. Incomplete parameter validationb. Implicit sharing of datac. Asynchronous validation
Briefly explain what is meant by a reference monitor. What is the relationship between a security kernel and a reference monitor?
Briefly explain the nature of trusted processes within a security kernel. Why do trusted processes need special attention during the audit of an operating system?
What approach should be followed to the analysis, design, and implementation of an operating system?
Outline the nature of the four rating divisions described in the U.S. National Computer Security Center's Trusted Computer System Evaluation Criteria.
Briefly explain the nature of the following types of application program validation checks in the processing subsystem:a. Overflow checkb. Range checkc. Reasonableness checkd. Sign checke.
What is the purpose of minimizing human intervention during application system processing?
What are hardware/software numerical hazards? In what types of application systems should auditors be concerned about hardware/software numerical hazards?
Why is it sometimes useful to employ redundant calculations in a program? In what types of programs would redundant calculations be most useful?
What data must be available in the accounting audit trail so auditors can uniquely identify the process that has been executed on an input data item and the functions performed by that process?
What is a triggered transaction? What implications do triggered transactions have for the accounting audit trail in the processing subsystem?
What component in the processing subsystem usually collects data for the operations audit trail? How is this component activated to collect particular kinds of data?
List the four categories of events that are recorded on the operations audit trail. Which category is likely to have the most entries? Briefly explain why.
What interest do auditors have in the way in which resource consumption data is used to bill users?
List two types of events that auditors might wish to monitor using the exit facilities in the operations audit trail logging facility. Briefly explain why these events are of interest to us as
Outline the control problems posed by the existence of an operations audit trail logging facility that allows user exits. Give two strategies for overcoming these control problems.
Briefly explain the nature of checkpoint/restart controls. What situations can arise where checkpoint/restart controls are needed?
From an audit perspective, what are the important requirements of a checkpoint/ restart facility? How can auditors determine the adequacy of checkpoint/restart facilities?
Which of the following faults in a central processing unit is most likely to be detected by a parity checka. Corruption of data in a register by electromagnetic interferenceb. Failure of a
A multiple-state machine is one that provides:a. Multiple types of computational and logic validity checks in a single stateb. A mechanism for executing different processes in different partitionsc.
Which of the following statements about multicomputer and multiprocessor architectures is true?a. Only one copy of the operating system exists in a multicomputer architectureb. Voting procedures are
Real memory errors primarily are detected through:a. Valid character checksb. Read-after-write checksc. Boundary register checksd. Parity-based Hamming code checks
In which type of real memory access control system is a lock-and-key mechanism most likely to be used?a. Single-user, contiguous storage allocation systemb. Single-user, noncontiguous storage
Which of the following types of checks is not likely to be performed by a virtual memory addressing mechanism?a. The address translation table is examined to determine the real memory address for the
Which of the following is not likely to be a goal of a reliable operating system?a. The operating system must protect the environment from user processesb. The operating system must protect user
Which of the following operating system penetration techniques takes advantage of the time during which a legitimate user is still connected to the system but is inactive?a. Between lines entryb.
Which of the following is unlikely to be a technique used to implement a covert storage channel whereby one process can communicate sensitive information to another unauthorized process?a. Changing
If an operating system uses a subset of the memory allocated to a user program for a work space, this integrity flaw is called:a. Violable limitsb. Asynchronous validationc. Implicit sharing of
The difference between a security kernel and a reference monitor is that:a. A security kernel is a component implementation of a security policy, whereas a reference monitor is an abstract
Which of the following statements about trusted processes is false?a. Only trusted personnel, such as security administrators, should be authorized to use themb. They are not bound by all the
Which of the following statements about Division \(\mathrm{C} 2\) certification according to the U.S. National Computer Center's Trusted Computer Evaluation Criteria is true?a. Mandatory access
Match the following: I Field check II Record check III File check a III-C; II-D; I-B; II-A b I-C; II-B; III-A; III-D V c II-A; III-B; I-C; I-D d III-D; I-C; II-B; II-A A Control total B Sign test C
In the processing subsystem, hardware/software numerical hazards are most likely to arise because of:a. Incorrect program design relating to subroutines called in a computationb. Transient memory
Which of the following application program controls is most likely to mitigate expected losses associated with rounding errors in a calculation?a. Avoidance of closed routines when arithmetic
Which of the following events is most likely to be included in the accounting audit trail for the processing subsystem?a. Program start timeb. Attempted integrity violationc. A hardware malfunctiond.
Which of the following would not be a report that typically could be produced by generalized software that is available to interrogate the operations audit trail in the processing subsystem?a.
The logging software used to maintain the operations audit trail in the processing subsystem can cause control problems because:a. It can be used to modify or delete records accessed by an
Checkpoint/restart facilities would not permit recovery from which of the following problems?a. Loading the wrong tape reel in a multireel fileb. A temporary hardware errorc. Loading the wrong
You are an information systems auditor in a public accounting firm that has just taken over the audit of a medium-sized manufacturing company from another firm. The hardware/software platform used by
Bull and Bear Ltd. is a new, aggressive, Boston-based, medium-sized brokerage firm. It specializes in offering high-quality, personalized service to clients who have a relatively high level of
Sunshine Credit Union is a small credit union based in San Diego. In the past financial year, it has moved from using a microcomputer-based package to using the services of a computer service bureau
Wombat Ltd. is a Sydney-based company that specializes in gathering and processing seismic data. It is employed by oil companies all over the world to undertake work in support of their exploration
The information systems department in your organization has recently purchased a checkpoint/restart facility to support their batch processing operations. Although batch systems are only a small part
Briefly describe the three major types of exposure in the communication subsystem.
What is meant by noise on a communication line? What factors affect the amount of noise that exists on a line? What are the effects of noise?
Briefly distinguish between a passive threat and an active threat to the communication subsystem. Identify each of the following as active threats or passive threats:a. Traffic analysisb. Denial of
From a control viewpoint, do bounded transmission media or unbounded transmission media pose more of a problem? Why?
What control advantages do private communication lines offer over public communication lines?

Showing 700 - 800 of 2689

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Last

Services

Sitemap
Fun
Definitions
Become Tutor
Study Help Categories
Recent Questions
Expert Questions

Company Info

Security
Copyrights
Privacy Policy
Terms & Conditions
SolutionInn Fee
Scholarship

Get In Touch

About Us
Contact Us
Career
Jobs
FAQ
Campus Ambassador

Secure Payment

Download Our App

© 2024 SolutionInn. All Rights Reserved