AIS Exam #2 Questions With Complete Solutions
________ is a data entry input control that involves checking the
accuracy of input data by using it to retrieve and display other
related information. Correct Answers Closed-loop verification
Access Control List (ACL) Correct Answers a set of IF-THEN
rules used to determine what to do with arriving packets
Access Control Matrix Correct Answers a table used to
implement authorization controls
After the information that needs to be protected has been
identified, what step should be completed next? Correct
Answers The information needs to be classified in terms of its
value to the organization
An application control that compares the amount of an
employee's raise to that employee's existing salary is called a(n):
Correct Answers Reasonableness test
Asset misappropriation is ________ likely than fraudulent
financial reporting. The amounts involved in asset
misappropriation are much ________ than fraudulent financial
reporting. Correct Answers more; less
asymmetric encryption systems Correct Answers Encryption
systems that use two keys (one public, the other private); either
key can encrypt, but only the other matching key can decrypt.
,Audit Committee Correct Answers the outside, independent
board of director members responsible for financial reporting,
regulatory compliance, internal control, and hiring and
overseeing internal and external auditors
Authorization vs Authentication Correct Answers ●
authentication --> who are you, user and password
● authorization --> what rights do you have
Batch Check Correct Answers Summarize numeric values for
a batch of input records
Financial total
Hash total -never used with dollar value fields
Record count
biometric identifier Correct Answers a physical or behavioral
characteristic that is used as an authentication credential
Blue Snarfing Correct Answers stealing contact lists, images,
and other data using bluetooth
Border Router Correct Answers a device that connects an
organization's information system to the internet
Business Continuity Plan (BCP) Correct Answers a plan that
specifies how to resume not only IT operations but all business
processes in the event of a major calamity
Cancellation and storage of documents is one example of a(n)
Correct Answers input control
, CAR Correct Answers C - Custody
A - Authorization
R - Recording
Check Digit Correct Answers ID numbers (such as employee
number) can contain a check digit computed from the other
digits
Check Kiting Correct Answers creating cash using the lag
between the time a check is deposited and the time it clears the
bank
Checksum Correct Answers a data transmission control that
uses a hash of a file to verify accuracy
Ciphertext Correct Answers plaintext that was transformed
into unreadable gibberish using encryption
closed-loop verification Correct Answers checks the accuracy
of input data by using it to retrieve and display other related
information
COBIT Correct Answers A framework developed by the
Information Systems Audit and Control Association and the IT
Governance Institute. Defines the goals for the controls that
should be used to properly manage IT and ensure IT maps to
business needs. Four domains: Plan and Organize, Acquire and
Implement, Deliver and Support, and Monitor and Evaluate
cold site Correct Answers a disaster recovery option that relies
on access to an alternative facility that is prewired for necessary
________ is a data entry input control that involves checking the
accuracy of input data by using it to retrieve and display other
related information. Correct Answers Closed-loop verification
Access Control List (ACL) Correct Answers a set of IF-THEN
rules used to determine what to do with arriving packets
Access Control Matrix Correct Answers a table used to
implement authorization controls
After the information that needs to be protected has been
identified, what step should be completed next? Correct
Answers The information needs to be classified in terms of its
value to the organization
An application control that compares the amount of an
employee's raise to that employee's existing salary is called a(n):
Correct Answers Reasonableness test
Asset misappropriation is ________ likely than fraudulent
financial reporting. The amounts involved in asset
misappropriation are much ________ than fraudulent financial
reporting. Correct Answers more; less
asymmetric encryption systems Correct Answers Encryption
systems that use two keys (one public, the other private); either
key can encrypt, but only the other matching key can decrypt.
,Audit Committee Correct Answers the outside, independent
board of director members responsible for financial reporting,
regulatory compliance, internal control, and hiring and
overseeing internal and external auditors
Authorization vs Authentication Correct Answers ●
authentication --> who are you, user and password
● authorization --> what rights do you have
Batch Check Correct Answers Summarize numeric values for
a batch of input records
Financial total
Hash total -never used with dollar value fields
Record count
biometric identifier Correct Answers a physical or behavioral
characteristic that is used as an authentication credential
Blue Snarfing Correct Answers stealing contact lists, images,
and other data using bluetooth
Border Router Correct Answers a device that connects an
organization's information system to the internet
Business Continuity Plan (BCP) Correct Answers a plan that
specifies how to resume not only IT operations but all business
processes in the event of a major calamity
Cancellation and storage of documents is one example of a(n)
Correct Answers input control
, CAR Correct Answers C - Custody
A - Authorization
R - Recording
Check Digit Correct Answers ID numbers (such as employee
number) can contain a check digit computed from the other
digits
Check Kiting Correct Answers creating cash using the lag
between the time a check is deposited and the time it clears the
bank
Checksum Correct Answers a data transmission control that
uses a hash of a file to verify accuracy
Ciphertext Correct Answers plaintext that was transformed
into unreadable gibberish using encryption
closed-loop verification Correct Answers checks the accuracy
of input data by using it to retrieve and display other related
information
COBIT Correct Answers A framework developed by the
Information Systems Audit and Control Association and the IT
Governance Institute. Defines the goals for the controls that
should be used to properly manage IT and ensure IT maps to
business needs. Four domains: Plan and Organize, Acquire and
Implement, Deliver and Support, and Monitor and Evaluate
cold site Correct Answers a disaster recovery option that relies
on access to an alternative facility that is prewired for necessary
