1.

Criteria for assessing the firewall effectiveness include the following except:
a. Filtering
b. Probe for weaknesses
c. Segregation of duties
d. Proxy services
2. This involves policies, procedures, and controls that determine who can
access the operating system, which resources they can use and what actions
they can take.
a. Operating security system
b. Operating system security
c. Access control system
d. Access control security
3. This technology employs a credit card-sized smart card that contains a
microprocessor programmed with an algorithm that generates, and
electronically displays a new and unique password every 60 seconds.
a. One-use passwords
b. One-time passwords
c. One-minute passwords
d. One-enter passwords
4. This is the basic protocol that permits communication between internet sites,
invented by Vinton Cerf and Bob Kahn.
a. TCP/IP
b. TP/ICP
c. CKP/ICP
d. CP/KIP
5. Which of the following is a benefit of EDI?
a. Reduction of paper
b. Manual procedures
c. Inventory increase
d. Data increase
6. In the late 1970s, an ANSI committee created the CODASYL, which formed a
database task group to develop standards for database design. CODASYL
developed the network model for databases. The most popular example of
the network model is IDMS (integrated database management system), which
Cullinane/Cullinet Software introduced into the commercial market
inthe1980s. What does CODASYL stands for?
a. Committee on Database Application and System Language
b. Committee on Database Application and Symbolic Languages
c. Committee on Development of Applied System Languages
d. Committee on Development of Applied Symbolic Languages
7. The criteria that influence the selection of the data structure includes the
following except:
a. Rapid file access and data retrieval
b. Efficient use of disk storage space
c. Low throughput for transaction processing
d. Protection from data loss
8. It is the most prevalent example of a hierarchical database. It was introduced
in 1968 and is still a popular database model over 40 years later.

a.
b.
c.
d.
9. What
a.

navigational database system

database management system
information management system
integrated database management system
audit procedure should be used for testing inference control?
The auditor should verify that sensitive data, such as passwords, are
properly encrypted.
b. The auditor should evaluate the costs and benefits of these controls.
c. The auditor can select a sample of users and verify that their access
privileges stored in the authority table are consistent with their job
descriptions organizational levels.
d. The auditor should verify that database query controls exist to
prevent unauthorized access via inference
10.This is the presence of complete and accurate data at all user sites.
a. Database concurrency
b. Database correspondence
c. Database concomitance
d. Database synchronism