AIS Exam 2 || QUESTIONS WITH CORRECT
ANSWERS 100% VERIFIED!!
Preventive, Detective, Corrective correct answers Internal Controls
-Internal environment
-Objective setting
-Event identification
-Risk assessment
-Risk response
-Control activities
-Information and communication
-Monitoring correct answers COSO-ERM
Threat or Event correct answers Any potential adverse occurrence or unwanted event that
could be injurious to either the AIS or the organization
Exposure or Impact correct answers The potential dollar loss should a particular threat
become a reality
Likelihood correct answers The probability that the threat will happen
Preventive Controls correct answers Deter problems from occurring
Uses segregation of duties with cash handling
Detective Controls correct answers Discover problems that are not prevented
-Log Analysis
-Intrusion Detection Systems
-Penetration Testing
-Continuous Monitoring
Corrective Controls correct answers -Identify and correct problems
-Recovers from those problems
+Computer Incident Response Team
+Chief Information Security Officer
+Patch Management
-Data Matching
-File Labels
-Recalculation of batch totals
-Cross-footing
-Zero-balance tests
-Write-protection mechanisms
-Concurrent update controls correct answers Processing controls for computer processing
Limit Check correct answers Tests numerical amount against a fixed value
Forms Design correct answers Source documents and other forms should be designed to
minimize the chances for errors and omissions
, Inherent Risk correct answers Susceptibility to significant control problems in the absence of
internal controls
Write-Protection Mechanisms correct answers Protect against overwriting or erasing of data
files stored on magnetic media
Compatibility Test correct answers Test that matches the user's authentication credentials
against the access control matrix to determine whether they should be allowed
Data Matching correct answers Two or more items of data must be matched before an action
can take place
Closed-Loop Verification correct answers Input validation method that uses data entered into
the system to retrieve and display other related information so that the data entry person can
verify the accuracy of the input data
Objectives of a Disaster Recovery Plan correct answers -Resume normal operations as soon
as possible
-Train employees for emergency operations
-Minimize the extent of the disruption, damage, or loss
Sequence Check correct answers Determines if a batch of input data is in the proper
numerical or alphabetical order
-Field Check
-Sign Check
-Limit Check
-Range Check
-Size Check
-Completeness Check
-Validity Check
-Reasonableness Check correct answers Source Data Entry Controls
Cancellation and storage of source document correct answers Source documents that have
been entered into the system should be canceled so they cannot be fraudulent reentered
Visual Scanning correct answers -Checklists
-Second Reviewer
Recalculation of Batch Totals correct answers Batch totals should be recomputed as each
transaction record is processed and the total of the batch should then be compared to the
values in the trailer record
File Labels correct answers Need to be checked to ensure that the correct and most current
files are being updated
-External Labels - Readable by humans
-Internal Labels - Readable by machine
ANSWERS 100% VERIFIED!!
Preventive, Detective, Corrective correct answers Internal Controls
-Internal environment
-Objective setting
-Event identification
-Risk assessment
-Risk response
-Control activities
-Information and communication
-Monitoring correct answers COSO-ERM
Threat or Event correct answers Any potential adverse occurrence or unwanted event that
could be injurious to either the AIS or the organization
Exposure or Impact correct answers The potential dollar loss should a particular threat
become a reality
Likelihood correct answers The probability that the threat will happen
Preventive Controls correct answers Deter problems from occurring
Uses segregation of duties with cash handling
Detective Controls correct answers Discover problems that are not prevented
-Log Analysis
-Intrusion Detection Systems
-Penetration Testing
-Continuous Monitoring
Corrective Controls correct answers -Identify and correct problems
-Recovers from those problems
+Computer Incident Response Team
+Chief Information Security Officer
+Patch Management
-Data Matching
-File Labels
-Recalculation of batch totals
-Cross-footing
-Zero-balance tests
-Write-protection mechanisms
-Concurrent update controls correct answers Processing controls for computer processing
Limit Check correct answers Tests numerical amount against a fixed value
Forms Design correct answers Source documents and other forms should be designed to
minimize the chances for errors and omissions
, Inherent Risk correct answers Susceptibility to significant control problems in the absence of
internal controls
Write-Protection Mechanisms correct answers Protect against overwriting or erasing of data
files stored on magnetic media
Compatibility Test correct answers Test that matches the user's authentication credentials
against the access control matrix to determine whether they should be allowed
Data Matching correct answers Two or more items of data must be matched before an action
can take place
Closed-Loop Verification correct answers Input validation method that uses data entered into
the system to retrieve and display other related information so that the data entry person can
verify the accuracy of the input data
Objectives of a Disaster Recovery Plan correct answers -Resume normal operations as soon
as possible
-Train employees for emergency operations
-Minimize the extent of the disruption, damage, or loss
Sequence Check correct answers Determines if a batch of input data is in the proper
numerical or alphabetical order
-Field Check
-Sign Check
-Limit Check
-Range Check
-Size Check
-Completeness Check
-Validity Check
-Reasonableness Check correct answers Source Data Entry Controls
Cancellation and storage of source document correct answers Source documents that have
been entered into the system should be canceled so they cannot be fraudulent reentered
Visual Scanning correct answers -Checklists
-Second Reviewer
Recalculation of Batch Totals correct answers Batch totals should be recomputed as each
transaction record is processed and the total of the batch should then be compared to the
values in the trailer record
File Labels correct answers Need to be checked to ensure that the correct and most current
files are being updated
-External Labels - Readable by humans
-Internal Labels - Readable by machine
