AIS test 4 EXAM REVIEW WITH
EXAM QUESTIONS AND CORRECT
SOLUTIONS A+ GRADED UPDATED
2025/2026||100% GUARANTEED
PASS!!<<LATEST EXAM>>
An entity doing business on the internet most likely could use any of the following
methods to prevent unauthorized intruders from accessing proprietary information
except:
A) Password management.
B) Data encryption.
C) Digital certificates.
D) Batch processing. - ANSWER ✓ D
When client's accounts payable computer system was relocated, the administrator
provided support through a dial-up connection to server. Subsequently, the
administrator left the company. No changes were made to the accounts payable
system at that time. Which of the following situations represents the greatest
security risk?
A) User passwords are not required to the in alpha-numeric format.
B) Management procedures for user accounts are not documented.
C) User accounts are not removed upon termination of employees.
D) Security logs are not periodically reviewed for violations. - ANSWER ✓ C
An information technology director collected the names and locations of key
vendors, current hardware configuration, names of team members, and an
alternative processing location. What is the director most likely preparing?
A) Data restoration plan.
B) Disaster recovery plan.
C) System security policy.
D) System hardware policy. - ANSWER ✓ B
Bacchus, Inc. is a large multinational corporation with various business units
around the world. After a fire destroyed the corporation headquarters and largest
,manufacturing site, plans for which of the following would help Bacchus ensure a
timely recovery?
A) Daily backup.
B) Network security.
C) Business continuity.
D) Backup power. - ANSWER ✓ C
Which of the following statements regarding authentication in conducting e-
business incorrect?
A) It is a process that establishes the origin of information or determines the
identity of a user, process, or device.
B) Only one key is used for encryption and decryption purposes in the
authentication process.
C) Successful authentication can prevent repudiation in electronic transactions.
D) We need to use asymmetric-key encryption to authenticate the sender of a
document or data set. - ANSWER ✓ B
Which of the following is not included in the remediation phase for vulnerability
management?
A) Risk Response Plan.
B) Policy and procedures for remediation.
C) Vulnerability Prioritization.
D) Control Implementation. - ANSWER ✓ C
Which of the following does not represent a viable data backup method?
A) Disaster recovery plan.
B) Redundant arrays of independent drives.
C) Virtualization.
D) Cloud computing. - ANSWER ✓ A
Which of the following statements about asymmetric- key encryption is correct?
A) When using asymmetric-key encryption method, a total of two keys are
necessary in electronic communication between two parties.
B) Employees in the same company share the same public key.
C) Most companies would like to manage the private keys for their employees.
D) Most companies would like to use a Certificate Authority to manage the public
keys of their employees.
E) Two of the above are correct. - ANSWER ✓ D
, 32) Which of the following statements is incorrect?
A) A fraud prevention program starts with a fraud risk assessment across the entire
firm
B) The audit committee typically has an oversight role in risk assessment process
C) Communicating a firm's policy file to employees is one of the most important
responsibilities of management
D) A fraud prevention program should include an evaluation on the efficiency of
business processes. - ANSWER ✓ D
Which of the following is a password security weakness?
A) Users are assigned passwords when accounts are created, but do not change
them.
B) Users have accounts on several systems with different passwords.
C) Users write down their passwords on a note paper, and carry it with them.
D) Users select passwords that are not part of an online password dictionary. -
ANSWER ✓ A
To prevent invalid data input, a bank added an extra number at the end of each
account number and subjected the new number to an algorithm. This technique is
known as:
A) A validation check.
B) check digit verification.
C) A dependency check.
D) A format check. - ANSWER ✓ B
Why do Certificate Authority (CA) play an important role in a company's
information security management?
A) Using a CA is required by SOX in managing information security.
B) A CA is responsible to generate session keys for encryption purposes.
C) Most companies use CA to manage their employees public keys.
D) CA creates and maintains both the public and private keys for a company's
employees. - ANSWER ✓ C
When computer programs or files can be accessed from terminals, users should be
required to enter a(n):
A) Parity check
. B) Password as a personal identification code.
C) Check digit.
D) Echo check. - ANSWER ✓ B
EXAM QUESTIONS AND CORRECT
SOLUTIONS A+ GRADED UPDATED
2025/2026||100% GUARANTEED
PASS!!<<LATEST EXAM>>
An entity doing business on the internet most likely could use any of the following
methods to prevent unauthorized intruders from accessing proprietary information
except:
A) Password management.
B) Data encryption.
C) Digital certificates.
D) Batch processing. - ANSWER ✓ D
When client's accounts payable computer system was relocated, the administrator
provided support through a dial-up connection to server. Subsequently, the
administrator left the company. No changes were made to the accounts payable
system at that time. Which of the following situations represents the greatest
security risk?
A) User passwords are not required to the in alpha-numeric format.
B) Management procedures for user accounts are not documented.
C) User accounts are not removed upon termination of employees.
D) Security logs are not periodically reviewed for violations. - ANSWER ✓ C
An information technology director collected the names and locations of key
vendors, current hardware configuration, names of team members, and an
alternative processing location. What is the director most likely preparing?
A) Data restoration plan.
B) Disaster recovery plan.
C) System security policy.
D) System hardware policy. - ANSWER ✓ B
Bacchus, Inc. is a large multinational corporation with various business units
around the world. After a fire destroyed the corporation headquarters and largest
,manufacturing site, plans for which of the following would help Bacchus ensure a
timely recovery?
A) Daily backup.
B) Network security.
C) Business continuity.
D) Backup power. - ANSWER ✓ C
Which of the following statements regarding authentication in conducting e-
business incorrect?
A) It is a process that establishes the origin of information or determines the
identity of a user, process, or device.
B) Only one key is used for encryption and decryption purposes in the
authentication process.
C) Successful authentication can prevent repudiation in electronic transactions.
D) We need to use asymmetric-key encryption to authenticate the sender of a
document or data set. - ANSWER ✓ B
Which of the following is not included in the remediation phase for vulnerability
management?
A) Risk Response Plan.
B) Policy and procedures for remediation.
C) Vulnerability Prioritization.
D) Control Implementation. - ANSWER ✓ C
Which of the following does not represent a viable data backup method?
A) Disaster recovery plan.
B) Redundant arrays of independent drives.
C) Virtualization.
D) Cloud computing. - ANSWER ✓ A
Which of the following statements about asymmetric- key encryption is correct?
A) When using asymmetric-key encryption method, a total of two keys are
necessary in electronic communication between two parties.
B) Employees in the same company share the same public key.
C) Most companies would like to manage the private keys for their employees.
D) Most companies would like to use a Certificate Authority to manage the public
keys of their employees.
E) Two of the above are correct. - ANSWER ✓ D
, 32) Which of the following statements is incorrect?
A) A fraud prevention program starts with a fraud risk assessment across the entire
firm
B) The audit committee typically has an oversight role in risk assessment process
C) Communicating a firm's policy file to employees is one of the most important
responsibilities of management
D) A fraud prevention program should include an evaluation on the efficiency of
business processes. - ANSWER ✓ D
Which of the following is a password security weakness?
A) Users are assigned passwords when accounts are created, but do not change
them.
B) Users have accounts on several systems with different passwords.
C) Users write down their passwords on a note paper, and carry it with them.
D) Users select passwords that are not part of an online password dictionary. -
ANSWER ✓ A
To prevent invalid data input, a bank added an extra number at the end of each
account number and subjected the new number to an algorithm. This technique is
known as:
A) A validation check.
B) check digit verification.
C) A dependency check.
D) A format check. - ANSWER ✓ B
Why do Certificate Authority (CA) play an important role in a company's
information security management?
A) Using a CA is required by SOX in managing information security.
B) A CA is responsible to generate session keys for encryption purposes.
C) Most companies use CA to manage their employees public keys.
D) CA creates and maintains both the public and private keys for a company's
employees. - ANSWER ✓ C
When computer programs or files can be accessed from terminals, users should be
required to enter a(n):
A) Parity check
. B) Password as a personal identification code.
C) Check digit.
D) Echo check. - ANSWER ✓ B
