Question 1Question Show
A subset of a data warehouse is called a Answer
Question 2Question A data warehouse may include: Answer
Question 3Question American Airlines may use business intelligence to: Answer
Question 4Question The computer-based technique to accumulate and analyze data is called: Answer
Question 5Question The steps in business intelligence include: Answer
Question 6Question A digital dashboard tracks, in a user-friendly way: Answer
Question 7Question XBRL facilitates business reporting of: Answer
Question 8Question The first person to propose using XML as a means to electronically deliver financial information was: Answer
Question 9Question XBRL GL, or XBRL Global Ledger Taxonomy, is different from XBRL U.S. GAAP because it facilitates: Answer
Question 10Question The stated advantages of XBRL GL do not include Answer
Question 11Question what is the mechanism called that firms may use to track their marketing efforts? Answer
Question 12Question XBRL assurance might include all but which of the following: Answer
Question 13Question The XBRL style sheet is made in conformance with which standardized language? Answer
Question 14Question Which body mandated that operating firms in its jurisdiction submit their financial reports using XBRL? Answer
Question 15Question Which technique or tool is used to analyze data for business intelligence purposes? Answer
Question 16Question According to COSO, which of the following components of the enterprise risk management addresses an entity's integrity and ethical values? Answer
Question 17Question which of the following items is one of the eight components of COSO's enterprise risk management framework? Answer
Question 18Question In a large public corporation, evaluation internal control procedures should be responsibility of: Answer
Question 19Question which of the following represents an inherent limitation of internal controls? Answer
Question 20Question which of the following is the best way to compensate for the lack of adequate segregation of duties in a small organization
Answer
Question 21Question Review of the audit log is an example of which of the following types of security control? Answer
Question 22Question which of the following is NOT a component of internal control as defined by COSO? Answer
Question 23Question Which of the following is considered an application input control? Answer
Question 24Question Which of the following control activities should be taken to reduce the risk of incorrect processing in a newly installed computerized accounting system? Answer
Question 25Question Which of the following statements is correct regarding internal control? Answer
Question 26Question Obtaining an understanding of an internal control involves evaluating the design of the control and determining whether the control has been Answer
Question 27Question A manufacturing firm identified that it would have difficulty sourcing raw materials locally, so it decided to relocate its production facilities. According to COSO, this decision represents which of the following response to the risk? Answer
Question 28Question Each of the following types of controls is considered to be an entity-level control, except those: Answer
Question 29Question Controls in the information technology area are classified into preventive, detective, and corrective categories. Which of the following is preventive control? Answer
Question 30Question All of the following are examples of internal control procedures except: Answer
Question 31Question The Public Company Accounting Oversight Board (PCAOB) is not responsible for standards related to: Answer
Question 32Question Which of the following most likely would not be considered as an inherent limitation of the effectiveness of a firm's internal control? Answer
Question 33Question According to COSO which of the following is NOT a component of internal control Answer
Question 34Question When considering internal control, an auditor should be aware of reasonable assurance, which recognizes that: Answer
Question 35Question Proper segregation of duties calls for separation of the following functions: Answer
Question 36Question An entity's ongoing monitoring activities often include: Answer
Question 37Question The overall attitude and awareness of a firm's top management and board of directors concerning the importance of internal control is often reflected in its: Answer
Question 38Question Management philosophy and operating style would have a relatively less significant influence on a firm's control environment when: Answer
Question 39Question According to AS 5, control risk should be assessed in terms of: Answer
Question 40Question An auditor assesses control risk because it: Answer
Question 41Question the framework to be used by management in its internal control assessment under requirements of SOX is the Answer
Question 42Question The internal control provisions of SOX apply to which companies in the United States? Answer
Question 43Question Reconciliation of cash accounts may be referred to as what type of control? Answer
Question 44Question Sound internal control dictates that immediately upon receiving checks from customers by mail, a responsible employee should: Answer
Question 45Question Tracing shipping documents to pre-numbered sales invoices provides evidence that Answer
Question 46Question Which of the following input controls is a numeric value computed to provide assurance that the original value has not been altered in construction or transmission Answer
Question 47Question A customer intended to order 100 units of a product A, but incorrectly ordered nonexistent product B. Which of the following controls most likely would detect this error? Answer
Question 48
Question Which of the following is an example of a validity check? Answer
Question 49Question Which of the following is a computer test made to ascertain whether a given characteristic belongs to the group? Answer
Question 50Question Ethical principles are derived from all of the following except: Answer
Question 51Question Which of the following best describes why firms choose to create codes of ethics? Answer
Question 52Question Which of the following best describes what is meant by corporate governance? Answer
Question 53Question The Sarbanes-Oxley Act (SOX) was passed as a response to which of the following events? Answer
Question 54Question In a computerized environment, internal controls can be categorized into which of the following? Answer
Question 55Question According to COSO ERM, which of the following is not one of the bases that should be used to analyze the risks of an identified event? Answer
Question 56Question Which of the following is not one of the responses to risk presented in COSO ERM? Answer
Question 57Question The COSO ERM framework encourages a review of risks as they apply to achieving firms’ objectives. Which of the following is not one of the listed categories of objectives to be considered? Answer
Question 58Question In the event identification component of the COSO ERM framework, management must classify events into which of the following? Answer
Question 59Question COBIT 5 takes the view that all IT processes should provide clear links between all of the following except: Answer
Question 60Question In addition to focusing on controls, COBIT 5 expands its scope by incorporating which of the following broad perspectives? Answer
Question 61Question Which of the following is not one of the key COBIT 5 principles for governance and management of enterprise IT? Answer
Question 62Question The IT Infrastructure Library (ITIL) is considered a de facto standard in which of the following regions? Answer
Question 63Question The ISO 27000 Series of standards are designed to address which of the following? Answer
Question 64Question Which of the following provides the advantage of incorporating other widely accepted standards and frameworks? Answer
Question 65Question Integrity of information means the information is: Answer
Question 66Question Which of the following statements is incorrect about digital signatures? Answer
Question 67Question What is the primary objective of data security controls? Answer
Question 68Question An entity doing business on the internet most likely could use any of the following methods to prevent unauthorized intruders from accessing proprietary information except: Answer
Question 69Question When client's accounts payable computer system was relocated, the administrator provided support through a dial-up connection to server. Subsequently, the administrator left the company. No changes were made to the accounts payable system at that time. Which of the following situations represents the greatest security risk? Answer
Question 70Question Which of the following statement present an example of a general control for a computerized system? Answer
Question 71Question Which of the following outcomes is a likely benefit of information technology used for internal control? Answer
Question 72Question In a large multinational organization, which of the following job responsibilities should be assigned to the network administrator? Answer
Question 73Question An information technology director collected the names and locations of key vendors, current hardware configuration, names of team members, and an alternative processing location. What is the director most likely preparing? Answer
Question 74Question Bacchus, Inc. is a large multinational corporation with various business units around the world. After a fire destroyed the corporation headquarters and largest manufacturing site, plans for which of the following would help Bacchus ensure a timely recovery? Answer
Question 75Question Which of the following statements regarding authentication in conducting e-business is incorrect? Answer
Question 76Question Which of the following is not included in the remediation phase for vulnerability management? Answer
Question 77Question Which of the following does NOT represent a viable data backup method? Answer
Question 78Question Which of the following statements about asymmetric-key encryption is correct? Answer
Question 79Question Which statement is incorrect? Answer
Question 80Question A disaster recovery approach should include which of the following elements? Answer
Question 81Question Which of the following passwords would be most difficult to crack? Answer
Question 82Question Which of the following is a password security weakness? Answer
Question 83Question To prevent invalid data input, a bank added an extra number at the end of each account number and subjected the new number to an algorithm. This technique is known as: Answer
Question 84Question Which of the following security controls would best prevent unauthorized access to a firm's internal network? Answer
Question 85Question Why do Certificate Authority (CA) play an important role in a company's information security management? Answer
Question 86Question When computer programs or files can be accessed from terminals, users should be required Answer
Question 87Question Which of the following controls would most likely assure that a company can reconstruct its financial records? Answer
Question 88Question Why would companies want to use digital signatures when conducting e-business? Answer
Question 89Question Select a correct statement regarding encryption methods? Answer
Question 90Question Which of the following describes the primary goals of the CIA approach to information security management? Answer
Question 91Question Which of the following is not one of the common techniques for information security risks and attacks? Answer
Question 92Question Encryption is a control that changes plain text into which of the following? Answer
Question 93Question Which of the following would most likely be used for a secure initial logon process? Answer
Question 94Question Asymmetric-key encryption uses which of the following techniques to allow users to communicate securely? Answer
Question 95Question A Public Key Infrastructure (PKI) provides the ability to do which of the following? Answer
Question 96Question Which of the following best illustrates the use of multifactor authentication? Answer
Question 97Question Which of the following groups is responsible for conducting fraud risk assessment for an organization? Answer
Question 98Question Both ISACA and the GTAG define vulnerability. Which of the following does not represent one of these definitions? Answer
Question 99Question Which of the following statements is true regarding risk management and vulnerability management? Answer
Question 100Question Which of the following describes the recommended prerequisites for managing vulnerabilities? Answer
Question 101Question Which of the following is NOT one of the main components of vulnerability management and assessment? Answer
Question 102Question For businesses considering a cloud computing solution, which of the following should they ask the cloud vendor to provide before entering into a contract for critical business operations? Answer
Question 103Question Which of the following statements is most accurate with regard to business continuity management (BCM) and disaster recovery planning (DRP)? Answer
Question 104Question A RAID array implemented in a data center is an example of which of the following? Answer
Question 105Question The three Vs of big data are volume, velocity, and veracity. Question 106Question Data analytics is best described as the science of reducing extremely large datasets down to more manageable databases that can then be processed using traditional tools. Question 107Question The process of scrubbing raw data to remove extraneous data and other noise in order to increase its usefulness is known as extract, transform, and load. Question 108Question According to the results of the PwC's 18th Annual Global CEO Survey, CEO's aren't yet ready to place a high value on data analytics. Question 109Question Data analytics are likely to play a significant role in future audit activities. Question 110Question Audit data standards (ADS) are standards for data files and fields typically needed to support an external audit in a given financial business process area. Question 111Question The Data Accountability and Trust Act of 2009 (DATA) is designed to standardize the format of files and fields typically used to support an external audit in given financial business processes. Question 112Question Tableau can be differentiated from traditional analysis tools such as Excel because it is specifically designed to perform data analysis and visualization. Question 113Question Which of the following is the best definition of the term big data? Answer
Question 114Question At its core, data analytics fits into the information value chain in which of the following ways? Answer
Question 115Question Which of the following areas of financial reporting is most suitable for applying data analytics techniques? Answer
Question 116Question Which of the following best describes the skill sets used in data analytics? Answer
Question 117Question The use of data analytics will likely result in significant changes to clients’ expectations of their auditors. Which of the following is most likely not one of those expected changes? Answer
Question 118Question Which of the following best describes how external auditors’ interactions with their clients is likely to change due to the use of data analytics in the audit process? Answer
Question 119Question Data analytics can help in accurately identifying organizational risks. All of the following are examples of such risk except: Answer
Question 120Question Which of the following best describes the AICPA’s Audit Data Standards (ADS)? Answer
Question 121Question The Data Accountability and Trust Act of 2009 (DATA) requires data owners to notify which of the following when a data breach has been discovered? Answer
Question 122Question Which of the following is not one of the Excel tools described as useful for data analytics? Answer
|