A software program that allows access to a system without going through the normal logon procedures is called back door.
A software program that replicates itself in areas of idle memory until the system fails is called a trojan horse.
It is called a worm.
The grandfather-parent-child (aka grandfather-father-son) backup technique is most appropriate for sequential batch systems.
Encryption is the conversion of data into a secret code for storage in databases and transmission over networks. For transmissions, the message is coded at the sending end using an encryption algorithm and is decoded at the receiving end.
Which of the following is not a form of contra password security behavior?
Using a simplistic password.
Failing to change your password on a frequent basis.
Not backing up files are according to policy.
Forgetting your password.
Writing your password down and displaying it so others can see it.
In an electronic data interchange environment, customers routinely access the vendor’s price list.
In an electronic data interchange (EDI) environment, when the auditor compares the terms of the trading partner agreement against the access privileges stated in the database authority table, the auditor is testing the audit objective that authorized trading partners have access only to approved data.
Audit objectives in the electronic data interchange (EDI) environment include all of the following except
all EDI transactions are authorized
unauthorized trading partners cannot gain access to database records
a complete audit trail of EDI transactions is maintained
backup procedures are in place and functioning properly
In determining whether a system is adequately protected from attacks by computer viruses, all of the following policies are relevant except
the policy on the purchase of software only from reputable vendors
the policy that all vendor software upgrades are checked for viruses before they are implemented
the policy that current versions of antivirus software should be available to all users
the policy that permits users to take files home to work on them
Which of the following is not an audit procedure for access privileges?
Review the organization’s policies regarding incompatible functions to insure that they promote reasonable security.
Review employee’s privileges to determine if their access rights are appropriate for their job.
Review data back up procedures to determine if they are adequate.
Review employee personnel records to determine whether privileged employees have a security check in compliance with company policy.