ACCT 351
ACCT 351 Final Exam Review Questions
with Correct Answers 2025-2026
This network access control determines which IP packets are allowed entry to a
network and which are dropped. -Correct Answers ✔-access control list
Perimeter defense is an example of which of the following preventive controls that
are necessary to provide adequate security? -Correct Answers ✔-Controlling
remote access
COBIT 5 management practice APO01.08 stresses the importance of ________ of
both employee compliance with the organization's information security policies
and overall performance of a business process. -Correct Answers ✔-continuous
monitoring
Identify the primary means of protecting data stored in a cloud from unauthorized
access. -Correct Answers ✔-authentication
Sharelt is a social networking site that boasts over a million registered users and a
quarterly membership growth rate in the double digits. As a consequence, the size
of the information technology department has been growing very rapidly, with
many new hires. Each employee is provided with a name badge with a photo and
embedded computer chip that is used to gain entry into the facility. This is an
example of a(n) -Correct Answers ✔-authentication control
The steps that criminals take to trick an unsuspecting employee into granting them
access is called -Correct Answers ✔-social engineering
ACCT 351
, ACCT 351
The process that screens individual IP packets based solely on the contents of the
source and/or destination fields in the packet header is known as -Correct Answers
✔-packet filtering
The Trust Services Framework reliability principle that states personal information
should be protected from unauthorized disclosure is known as -Correct Answers
✔-privacy
The process that uses automated tools to identify whether a system possesses any
well-known security problems is known as a(n) -Correct Answers ✔-vulnerability
scan
Timely detection of problems is not enough to protect organization's information
resources -Correct Answers ✔-True
The most common input-related vulnerability is called the -Correct Answers ✔-
buffering attack
A demilitarized zone -Correct Answers ✔-permits controlled access from the
Internet to selected resources
Identify the statement below which is not a useful control procedure regarding
access to system outputs -Correct Answers ✔-allowing visitors to move through
the building without supervision
Multi-factor authentication -Correct Answers ✔-involves the use of two or more
basic authentication methods.
ACCT 351
ACCT 351 Final Exam Review Questions
with Correct Answers 2025-2026
This network access control determines which IP packets are allowed entry to a
network and which are dropped. -Correct Answers ✔-access control list
Perimeter defense is an example of which of the following preventive controls that
are necessary to provide adequate security? -Correct Answers ✔-Controlling
remote access
COBIT 5 management practice APO01.08 stresses the importance of ________ of
both employee compliance with the organization's information security policies
and overall performance of a business process. -Correct Answers ✔-continuous
monitoring
Identify the primary means of protecting data stored in a cloud from unauthorized
access. -Correct Answers ✔-authentication
Sharelt is a social networking site that boasts over a million registered users and a
quarterly membership growth rate in the double digits. As a consequence, the size
of the information technology department has been growing very rapidly, with
many new hires. Each employee is provided with a name badge with a photo and
embedded computer chip that is used to gain entry into the facility. This is an
example of a(n) -Correct Answers ✔-authentication control
The steps that criminals take to trick an unsuspecting employee into granting them
access is called -Correct Answers ✔-social engineering
ACCT 351
, ACCT 351
The process that screens individual IP packets based solely on the contents of the
source and/or destination fields in the packet header is known as -Correct Answers
✔-packet filtering
The Trust Services Framework reliability principle that states personal information
should be protected from unauthorized disclosure is known as -Correct Answers
✔-privacy
The process that uses automated tools to identify whether a system possesses any
well-known security problems is known as a(n) -Correct Answers ✔-vulnerability
scan
Timely detection of problems is not enough to protect organization's information
resources -Correct Answers ✔-True
The most common input-related vulnerability is called the -Correct Answers ✔-
buffering attack
A demilitarized zone -Correct Answers ✔-permits controlled access from the
Internet to selected resources
Identify the statement below which is not a useful control procedure regarding
access to system outputs -Correct Answers ✔-allowing visitors to move through
the building without supervision
Multi-factor authentication -Correct Answers ✔-involves the use of two or more
basic authentication methods.
ACCT 351
