User Account

All Pages

What is generally not tracked in change management database

Assignment Help Computer Engineering
Reference no: EM131271985

Question 1
Of the following frameworks available from ISACA, which one governs IT investments?
COBIT
Val IT
Risk IT
IT Assurance Framework

Question 2
Applying controls is a direct result of the risk assessment process combined with an analysis of the tradeoffs. Which one of the following is a tradeoff?
Operational impact
Security impact
User impact
Policy impact

Question 3
Applying controls to a system helps eliminate or reduce the risks. In many cases, the goal is not to eliminate the risk but to reduce the risk to an acceptable level. Why? Applying controls is a direct result of the risk assessment process combined with an analysis of ___________.
the benefits
management
the tradeoffs
resources

Question 4
The governing process for managing risks and opportunities is the definition of:
NIST Internal Reports (NISTIR)
Consensus Audit Guidelines (CAG)
Generally Accepted Privacy Principles (GAPP)
Enterprise risk management (ERM)

Question 5
Analyzing potential threats requires the identification of all possible threats first. This is called __________.
threat identification
policy identification
risk identification
risk analysis

Question 6
During an IT audit, which of the following administrative safeguards needs to be tested and validated?
Assignment of responsibilities
Maintenance procedures
Rotation of duties
All of the above

Question 7
When performing a security assessment, using a framework such as NIST 800-15, which is generally the first step?
Target identification
Document review
Target analysis
Exploit and validate vulnerabilities

Question 8
What is generally not tracked in a change management database?
Operating system type
Cost of software
Hardware configuration
Access permissions

Question 9
What is an example of multifactor authentication?
A fingerprint reader
A smart card with a PIN
A password
An acceptable use policy

Question 10
Of the four elements of an audit finding, which one identifies the expected or desired state, which provides context for evaluating the evidence collected by the auditor and the subsequent procedures the auditor performs?
Criteria
Circumstance
Cause
Impact

Question 11
For security controls, gap analysis involves comparing the present state of controls with a desired state of controls. At a minimum, common baseline security controls should be in place. Any gaps to various types of controls should be clearly documented, for example - "Business continuity management", which:
Defines the program to provide initial and ongoing security education across the organization.
Defines how staff will execute upon the policies, assign responsibilities, and promote accountability.
Prevents errors and unauthorized misuse of applications.
Provides methods to continue critical operations in spite of business interruptions.

Question 12
Which element does not constitute an audit finding?
Criteria
Circumstance
Summary
Impact

Question 13
During an IT audit of a social networking site, the auditor finds that users do not have the option to opt out of a new program to share portions of users' profiles automatically. Which privacy principle is most affected?
Choice and consent
Notice
Monitoring and enforcement
Quality

Reference no: EM131271985

Questions Cloud

What maximum and minimum data rates could be achieved : Find the data rate of an 802.11a system assuming half the available 48 subchannels use BPSK with a rate-1/2 channel code and the others use 64-QAM with a rate-3/4 channel code.
Maximum of three integers : You will have a main module and a function named max that accepts three integer values as arguments. The max function should return the value that is greater of the three. For example, if 7,12 and 9 are passed as arguments to the function, the fun..
Which auditing scopes is most likely to apply : A large organization's enterprise resource planning (ERP) system is being audited. Which of the following auditing scopes is most likely to apply?
Microsoft threat modeling tool : Conduct a threat analysis on Wal Mart using the Microsoft® Threat Modeling Tool. NOTE: MUST USE MICROSOFT THREAT MODELING TOOL
What is generally not tracked in change management database : What is generally not tracked in a change management database? When performing a security assessment, using a framework such as NIST 800-15, which is generally the first step?
Find the sum-rate capacity for a two-user broadcast fading : Find the sum-rate capacity for a two-user broadcast fading channel where each user experiences Rayleigh fading. Assume an average received power of P = 10 mW for each user, bandwidth B = 100 kHz, and N0 = 10-9 W/Hz.
Indentical insulators of self-capacitance : Each line of a 3-phase system is suspended by a string of 3 indentical insulators of self-capacitance C farad. The shunt capacitance of connecting metal work of each insulator is 0·2 C to earth and 0·1 C to line.
Create a pert chart for a hypothetical project : Using Microsoft Project or other similar software create a PERT Chart for a hypothetical project that involves at least 7 tasks, and two milestones. In your posting, include enough support material to describe the project, each of the tasks, and ..
Describe the relative strengths of windows dot net server : Describe the relative strengths and weakness of Windows .NET server, UNIX and Linux in each of the following scenarios. Which operating system would you recommend for each scenario?

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd