1) The best example of an effective payroll transaction file hash total would most likely beA) sum of net pay.
B) total number of employees.
C) sum of hours worked.
D) total of employees' social security numbers
D) total of employees' social security numbers.
2) Error logs and review are an example of
A) data entry controls.
B) data transmission controls.
C) output controls.
D) processing controls.
The difference in the control totals is 720,000. Which data entry control would best prevent similar data entry errors in the future?
A) Modules 11
B) validity check
C) check digit
D) sequence check
4) Which of the following data entry controls would not be useful if you are recording the checkout of library books by members?
A) sequence check
B) prompting
C) validity check
D) concurrent update control
5) A customer failed to include her account number on her check, and the accounts receivable clerk credited her payment to a different customer with the same last name. Which control could have been used to most effectively to prevent this error?
A) closed-loop verification
B) duplicate values check
C) validity check
D) reconciliation of a batch control total
A) closed-loop verification
6) If invoices are processed in groups of fifty, which fields from the document shown below would not be used to create a hash control total?
A) Amount
B) Item Number
C) Quantity Ordered
D) Sales Order number
7) ________ is a data entry input control that involves summing the first four digits of a customer number to calculate the value of the fifth digit, then comparing the calculated number to the number entered during data entry.
A) Validity check
B) Duplicate data check
C) Closed-loop verification
D) Check digit verification
D) Check digit verification
8) All of the following controls for online entry of a sales order would be useful exceptA) check digit verification on the dollar amount of the order.
B) validity check on the inventory item numbers.C) field check on the customer ID and dollar amount of the order.
D) concurrent update control.
A) check digit verification on the dollar amount of the order.
9) The inventory tracking system shows that 12 iPods were on hand before a customer brings three iPods to the register for purchase. The cashier accidentally enters the quantity sold as 30 instead of 3. Which data entry control would most effectively prevent this error?
A) limit check
B) sign check
C) field check
D) validity check
10) A payroll clerk accidently entered an employee's hours worked for the week as 380 instead of 38. The data entry control that would best prevent this error would be A) a limit check.B) a check digit. C) batch total reconciliation.D) a field check.
11) The data entry control that would best prevent entering an invoice received from a vendor who is not on an authorized supplier list is
A) a validity check.
B) an authorization check.
C) a check digit.
D) closed-loop verification.
12) Form design is one example of a(n)
A) output control.
B) processing control.
C) input control.
D) data entry control.
13) Sequentially prenumbered forms are an example of a(n)
A) data entry control.
B) data transmission control.
C) processing control.
D) input control.
14) Turnaround documents are an example of a(n)
A) data entry control.
B) output control.
C) processing control.
D) input control.
15) A validity check is an example of
A) a data entry control.
B) an output control.
C) a data transmission control.
D) an input control.
16) Parity checks are an example of a(n)
A) data entry control.
B) data transmission control.
C) output control.
D) processing control.
B) data transmission control.
17) A user review an example of
A) a data entry control.
B) a data transmission control.
C) an output control.
D) a processing control.
18) Data matching is an example of a(n)
A) data entry control.
B) data transmission control.
C) processing control.
D) input control.
19) A batch total is an example of which control below?
A) data entry control
B) data transmission control
C) processing control
D) output control
20) Cancellation and storage of documents means
A) documents are defaced and stored.
B) documents are defaced before being shredded.
C) cancellation data are copied from documents before they are stored.
D) data are copied from a document and stored, after which the document is shredded.
A) documents are defaced and stored.
21) Check digit verification is an example of a(n)A) data transmission control.
B) output control.
C) processing control.
D) input control.
22) A ________ ensures input data will fit into the assigned field.
A) limit check
B) size check
C) range check
D) validity check
23) This tests a numerical amount to ensure that it does not exceed a predetermined value nor fall below another predetermined value.
A) completeness check
B) field check
C) limit check
D) range check
24) This determines if all required data items have been entered.
A) completeness check
B) field check
C) limit check
D) range check
25) This determines the correctness of the logical relationship between two data items. A) range check
B) reasonableness test
C) sign check
D) size check
26) This determines if characters are of the proper type.
A) field check
B) alpha-numeric check
C) range check
D) reasonableness test
27) This tests a numerical amount to ensure that it does not exceed a predetermined value.
A) completeness check
B) limit check
C) range check
D) sign check
28) This batch processing data entry control sums a field that contains dollar values.
A) record count
B) financial total
C) hash total
D) sequence check
29) This batch processing data entry control sums a non-financial numeric field.
A) record count
B) financial total
C) hash total
D) sequence check
30) When I enter a correct customer number, the data entry screen displays the customer name and address. This is an example of
A) prompting.
B) preformatting.
C) closed-loop verification.
D) error checking.
C) closed-loop verification.
31) This control ensures that the correct and most current files are being updated.
A) cross-footing balance test
B) data matching
C) file labels
D) write-protect mechanism
32) This batch processing data entry control sums the number of items in a batch.
A) financial total
B) hash total
C) record count
D) sequence check
33) This data entry control compares the ID number in transaction data to a master file to verify that the ID number exists.
A) reasonableness test
B) user review
C) data matching
D) validity check
34) What control are file labels an example of?
A) data entry controls
B) output controls
C) processing controls
D) source data controls
35) A computer operator accidentally used the wrong master file when updating a transaction file. As a result, the master file data is now unreadable. Which control could best have prevented this from happening?
A) Internal header label
B) validity check
C) check digit
D) parity check
36) Sonja Greer called the IT Help Desk in a bad mood. "I'm trying to open an Excel file, but I get a message that says that the file is locked for editing. Why is this happening to me?" The answer is likely that
A) the file is corrupted due to a computer virus.
B) Sonja probably opened the file as read-only.
C) concurrent update controls have locked the file.
D) there is no problem. Sonja is editing the file, so it is locked.
C) concurrent update controls have locked the file.
37) This control protects records from errors that occur when two or more users attempt to update the same record simultaneously.
A) concurrent update controls
B) cross-footing balance test
C) data conversion controls
D) recalculation of batch totals
A) concurrent update controls
38) Modest Expectations Investment Services (MEIS) allows customers to manage their investments over the Internet. If customers attempt to sell more shares of a stock than they have in their account, an error message is displayed. This is an example of a
A) reasonableness test.
B) field check.
C) validity check.
D) limit check.
39) Modest Expectations Investment Services (MEIS) allows customers to manage their investments over the Internet. If customers attempt to spend more money than they have in their account, an error message is displayed. This is an example of a
A) reasonableness test.
B) field check.
C) validity check.
D) limit check.
40) The Spontaneous Combustion Rocket Shoppe in downtown Fargo, North Dakota, generates three quarters of its revenue from orders taken over the Internet. The revenue clearing account is debited by the total of cash and credit receipts and credited by the total of storefront and Internet sales. This is an example of a
A) data integrity test.
B) zero-balance test.
C) trial balance audit.
D) cross-footing balance test
41) This control entails verifying that the proper number of bits are set to the value 1 in each character received.
A) echo check
B) field check
C) parity check
D) trailer record
42) Which of the following is not a risk associated with the data input process?
A) Data is invalid.
B) Data is incomplete.
C) Data is inaccurate.
D) Data is corrupted.
43) Which of the following is an example of a turnaround document?
A) a receipt a customer must use to return the goods purchased
B) a telephone bill the customer must return with payment
C) a paycheck stub that must be used in the employee's tax return
D) a customer loyalty card used every time a customer purchases goods or services
B) a telephone bill the customer must return with payment
44) Which of the following is a control is an important way to prevent buffer overflow vulnerabilities?
A) limit check
B) size check
C) range check
D) field check
45) Prompting is a control that helps ensure
A) transaction data are not lost.
B) transactions data are accurate.
C) transactions data are complete.
D) transaction data are valid.
C) transactions data are complete.
1) What is the most effective way to ensure information system availability?
A) high bandwidth
B) maintain a hot site
C) maintain a cold site
D) frequent backups
2) Which of the following statements is true with regards to system availability?
A) Human error does not threaten system availability.
B) Threats to system availability can be completely eliminated.
C) Proper controls can maximize the risk of threats causing significant system downtime.D) Threats to system availability include hardware and software failures as well as natural and man-made disasters.
D) Threats to system availability include hardware and software failures as well as natural and man-made disasters.
3) Which of the following is not an objective of a disaster recovery plan?
A) Minimize the extent of the disruption, damage or loss.
B) Permanently establish an alternative means of processing information.
C) Resume normal operations as soon as possible.
D) Train employees for emergency operations.
B) Permanently establish an alternative means of processing information.
4) A disaster recovery plan typically does not include
A) scheduled electronic vaulting of files.
B) backup computer and telecommunication facilities.
C) a system upgrade due to operating system software changes.
D) uninterruptible power systems installed for key system components.
C) a system upgrade due to operating system software changes.
5) A facility that contains all the computing equipment the organization needs to perform its essential business activities is known as a
A) cold site.
B) hot site.
C) remote site.
D) subsidiary location.
6) A facility that is pre-wired for necessary telecommunications and computer equipment, but doesn't have equipment installed, is known as a
A) cold site.
B) hot site.
C) remote site.
D) subsidiary location
7) When a computer system's files are automatically duplicated on a second data storage system as they are changed, the process is referred to as
A) real-time mirroring.
B) batch updating.
C) consistency control.
D) double-secure storage.
8) ________ enables a system to continue functioning in the event that a particular component fails.
A) An incremental backup procedure
B) Fault tolerance
C) Preventive maintenance
D) A concurrent update control
9) A copy of a database, master file, or software that will be retained indefinitely as a historical record is known as a(n)
A) archive.
B) cloud computing.
C) differential backup.
D) incremental backup.
10) While this type of backup process takes longer than the alternative, restoration is easier and faster.
A) archive
B) cloud computing
C) differential backup
D) incremental backup
11) ________ involves copying only the data items that have changed since the last partial backup.
A) Archive
B) Cloud computing
C) Differential backup
D) Incremental backup
12) ________ copies all changes made since the last full backup.
A) Archive
B) Cloud computing
C) Differential backup
D) Incremental backup
13) The maximum amount of time between backups is determined by a company's
A) recovery time objective.
B) recovery point objective.
C) recovery objective.
D) maximum time recovery objective.
B) recovery point objective.
14) The maximumacceptable down time after a computer system failure is determined by acompany's
A)recovery time objective.
B)recovery point objective.
C)recovery objective.
D)maximum time recovery objective.
A) recovery time objective.
15) The accounting department at Synergy Hydroelectric records an average of 12,500 transactions per hour. By cost-benefit analysis, managers have concluded that the maximum acceptable loss of data in the event of a system failure is 25,000 transactions. If the firm's recovery time objective is 120 minutes, then the worst case recovery time objective is
A) 1 hour.
B) 2 hours.
C) 3 hours.
D) 4 hours.
16) The accounting department at Aglaya Telecom records an average of 5,000 transactions per hour. A cost-benefit analysis leads management to conclude that the maximum acceptable amount of data loss is 20,000 transactions. If the firm's recovery time objective is 60 minutes, then the worst case recovery time objective is
A) 1 hour.
B) 2 hours.
C) 3 hours.
D) 4 hours.
17) The accounting department at Aglaya Telecom records an average of 5,000 transactions per hour. By cost-benefit analysis, managers have concluded that the maximum acceptable loss of data in the event of a system failure is 50,000 transactions. The firm's recovery point objective is therefore
A) 50,000 transactions.
B) 5,000 transactions.
C) 10 hours.
D) 4 hours.
18) The accounting department at Aglaya Telecom records an average of 2,500 transactions per hour. Managers state that the maximum acceptable loss of data in the event of a system failure is 2,500 transactions. The firm's recovery point objective is therefore
A) 2,500 transactions.
B) 5,000 transactions.
C) 1 hour.
D) 2 hours.
19) Probably the most important change management control is
A) monitoring user rights and privileges during the change process.
B) testing all changes thoroughly prior to implementation on a stand-alone computer.C) updating all documentation to reflect changes made to the system.
D) management's careful monitoring and review.
D) management's careful monitoring and review.
20) Identify the statement below which is true.
A) Cloud computing is a control technique for system availability.
B) Cloud computing eliminates the need for backup of applications and data.
C) Cloud computing eliminates the need for companies to own their own software and servers.
D) Cloud computing refers to the practice of storing application files and backup data on satellites "in the clouds."
A) Cloud computing is a control technique for system availability.
23) What is the primary objective of ensuring systems and information are available for use whenever needed?
A) to minimize system downtime
B) to minimize system expense
C) to maximize system processing speed
D) to maximize sales
A) to minimize system downtime
24) True or False: It is impossible to eliminate the risk of downtime.
25) With regards to systems availability, deploying and using multiple components provides an AIS with
A) fault tolerance.
B) cost savings.
C) enhanced processing speed.
D) maximum sales.
26) Which of the following is not a common design feature of housing mission-critical servers and databases?
A) adequate air-conditioning systems to reduce the likelihood of damage due to overheating
B) overhead sprinklers to provide protection from fire
C) cables with special plugs that cannot be easily removed
D) surge-protection devices to provide protection against temporary power fluctuations
B) overhead sprinklers to provide protection from fire
27) To protect against malware, it is important that antivirus software automatically examine ________ introduced into a system.
A) CDs
B) e-mail
C) flash drives
D) all of the above
28) Which of the following is a key control regarding the minimization of system downtime?
A) fault tolerance
B) disaster recovery plans
C) backup procedures
D) all of the above
29) Which COBIT5 management practice addresses system backup procedures?
A) DSS01.06
B) DSS04.07
C) DSS03.05
D) DSS04.04
30) Whose responsibility is it to determine the amount of time an organization can afford to be without its information system?
A) the board of directors
B) senior management
C) external auditors
D) COBIT
31) Is it best practice for an organization to practice periodically restoring a system from its backup files?
A) No, doing so might introduce errors into the system's data.
B) No, doing so takes the system offline and prevents customers from being able to access the system.
C) Yes, doing so verifies the procedure and backup media are working correctly.
D) Yes, doing so improves the efficiency of the system.
C) Yes, doing so verifies the procedure and backup media are working correctly.
32) True or False: Best practice requires backups be retained indefinitely.
33) Which of the following is incorrect with regards to a data archive?
A) Archives can be a copy of a database.
B) Archives should be stored in different locations.
C) Archives are usually encrypted.
D) Physical and logical controls are the primary means of protecting archive files.
C) Archives are usually encrypted.
34) Loreen Tina is the chief lawyer for Tamara Incorporated. The CEO of Tamara Incorporated asks Loreen whether the company should periodically delete all company e-mail. If Loreen is well-versed in AIS best practices, she would mostly likely respond,
A) Yes, if we are ever sued, the other attorney will not be able to comb through our e-mail for evidence.
B) Yes, since e-mail requires a lot of storage space, deleting it periodically will reduce the amount of information we need to store.
C) No, deleting an organization's e-mail is against the law.
D) No, if we are ever sued we will not be able to draw upon our e-mail records to defend ourselves.
D) No, if we are ever sued we will not be able to draw upon our e-mail records to defend ourselves.
35) Identify the most important component of a disaster recovery plan below.
A) documentation
B) operating instructions
C) periodic testing
D) on-site and off-site storage
36) Identify one organization that quickly recovered from September 11th, 2001 due to its disaster recovery and business continuity plan. A) New York Stock Exchange B) NASDAQ C) New York Fire Department D) United Airlines
C) New York Fire Department