Chapter : IT GOVERNANCE

Question # Answer Comments

1 A Programmer should never access production / live system.
2 D
3 B Article or white paper is external information that may not be
applicable to the company.
4 A Application design is for analysts.
5 B Run manual contains operator instructions including problem
and error handling.
6 B
7 A B, C, D can be done as part of IS strategy review while A is
for a security review.
8 C Control risk assessment is performed before the field work is
done; after activities A,B and D have been done and the
contract if finalized.
9 D
10 B
11 B
12 C Degaussing is a special method of erasing by de-magnetizing
tapes.
13 C
14 A
15 B B is for the Security Officer.
16 B Not all incidents should be declared to users.
17 D
18 C Bonding is a control for hiring (not for termination).
19 A
20 D May raise issue of non-independence.
21 D
22 D It will be a disadvantage if an individual can master all parts.
23 A
24 C
Chapter : IT SERVICE DELIVERY

Question # Answer Comments

1 B Refer to definition keyword storage and forward device
2 A Refer to research materials.
3 C
4 C
5 C
6 B
7 B Protocol converter more specific. A gateway may have but
not always have protocol converter.
8 C Application gateway is a 3rd generation type of firewall
compared to the A, B and D which are earlier 1st and 2nd
generation types.
9 A
10 A
11 A
12 D
13 D
14 B
15 C
16 D This is the function of front end processor to relieve the
host or central computer.
17 D CRC is superior compared to parity check.
18 C
19 C Such as redundancy of hardware and telecommunication
devices.