1 A Programmer should never access production / live system. 2 D 3 B Article or white paper is external information that may not be applicable to the company. 4 A Application design is for analysts. 5 B Run manual contains operator instructions including problem and error handling. 6 B 7 A B, C, D can be done as part of IS strategy review while A is for a security review. 8 C Control risk assessment is performed before the field work is done; after activities A,B and D have been done and the contract if finalized. 9 D 10 B 11 B 12 C Degaussing is a special method of erasing by de-magnetizing tapes. 13 C 14 A 15 B B is for the Security Officer. 16 B Not all incidents should be declared to users. 17 D 18 C Bonding is a control for hiring (not for termination). 19 A 20 D May raise issue of non-independence. 21 D 22 D It will be a disadvantage if an individual can master all parts. 23 A 24 C Chapter : IT SERVICE DELIVERY
Question # Answer Comments
1 B Refer to definition keyword storage and forward device 2 A Refer to research materials. 3 C 4 C 5 C 6 B 7 B Protocol converter more specific. A gateway may have but not always have protocol converter. 8 C Application gateway is a 3rd generation type of firewall compared to the A, B and D which are earlier 1st and 2nd generation types. 9 A 10 A 11 A 12 D 13 D 14 B 15 C 16 D This is the function of front end processor to relieve the host or central computer. 17 D CRC is superior compared to parity check. 18 C 19 C Such as redundancy of hardware and telecommunication devices.