ISACA: Serving IT Governance Professionals

English
Chinese (Simplified)
Chinese (Traditional)
Deutsch
Espanol
Francais
Hebrew
Italiano
Japanese
Korean
Nederlands
Polski
Portuguese

Advanced Search

ABOUT
Membership
CERTIFICATION
Education
COBIT
Knowledge Center
Journal
Bookstore

What We Offer & Who We Serve

@ISACA Newsletter

Licensing and Promotion

Volunteering

IT Governance
Institute

	Professional Membership
	Student Membership
	Academic Membership

	Local Chapter Information
	Join Today
	Professional Growth Global Community Advance Your Career


What is CISA	What is CISM	What is CGEIT	What is CRISC
Benefits of CISA	Benefits of CISM	Benefits of CGEIT	Benefits of CRISC
How to Become Certified	How to Become Certified	How to Become Certified	How to Become Certified
Register for the Exam	Register for the Exam	Register for the Exam	Register for the Exam
Prepare for the Exam	Prepare for the Exam	Prepare for the Exam	Prepare for the Exam
Taking the Exam	Taking the Exam	Taking the Exam	Taking the Exam
Apply for Certification	Apply for Certification	Apply for Certification	Apply for Certification
Maintain Your CISA	Maintain Your CISM	Maintain Your CGEIT	Maintain Your CRISC

Why Certify

How to Earn CPE

Maintain Your Certification

Write an Exam Question

US DoD Information

Exam Registration

Online Learning

Upcoming Events

Conferences

COBIT Education

On-Site Training

Exam Review Courses

Sponsor & Exhibit Opportunities

Call for Papers


COBIT 5 Home
Product Family
Education and Training
News
Recognition
Join the Conversation
Looking for COBIT 4.1?

Browse Knowledge Center topics

Where networking and knowledge intersect.

	BMIS (Information Security)
	COBIT 5 \| COBIT 4.1
	ITAF (IT Assurance\Audit)
	Research (Deliverables\Projects)
	Risk IT (IT Risk Management)
	Standards (Assurance\Audit\Control)
	Val IT (Value Delivery)

Featured Resources

Career Centre

Legislative Reporting

Current Issue

Past Issues

Author Blog

CPE Quizzes

Submit an Article

COBIT 5

COBIT 5: Enabling Processes

COBIT 5: Enabling Processes

Top Sellers

Accounting Information Systems, 9th Edition

CISA Review Manual 2012

CRISC Review Manual 2012

CISM Practice Question Database v12

Security, Audit and Control Features Oracle PeopleSoft, 3rd Edition

Implementing Service Quality Based on ISO/IEC 20000

ISACA
My ISACA

Join ISACA
Feedback
Shopping Cart

Sign In

ISACA > Journal > Past Issues > 2003 > Volume 2 > Quiz 87

Quiz 87

Journal
- Current Issue
- JOnline
- Past Issues
  - 2012
  - 2011
  - 2010
  - 2009
  - 2008
  - 2007
  - 2006
  - 2005
  - 2004
  - 2003
  - 2002
  - 2001
  - 2000
- Journal Author Blog
- Submit an Article
- Advertise
- CPE Quizzes
- Current Digital Journal
- Journal Mobile Apps

Please note: In order to obtain your CPE certificate for having passed the quiz, you must turn off your pop-up blocker.

Sarup Article
Guldentops and De Haes Article
Guldentops, Van Grembergen and De Haes Article
Caldwell Article
Hasan Article
Stasiak Article
Greene Article

CPE Quiz # 87

Based on Information Systems Control Journal Volume 6, 2002

A passing score of 75 percent qualifies for one (1) hour of CISA/CISM/CGEIT Continuing Professional Education (CPE) Credit

Your results will appear in a new window.

Enter your name below so it displays on the quiz results page:

Name:

Sarup Article

1. Reasons cited by the author for failure of transformation change efforts include overcommunicating to the troops and ineffective leadership in driving change.
TrueFalse2. Control principles important in a governance framework for a change program include a project plan and charter, a tracking mechanism for monitoring the progress against plan, and a process to solicit feedback and address changes, among others.
TrueFalse3. Information technology generally is not germane to a transformational change effort.
TrueFalse

Guldentops and De Haes Article

4. COBIT is more likely to be used by smaller enterprises than larger ones, according to a survey conducted by ISACA and the IT Governance Institute.™
TrueFalse5. After COBIT, the most popular control methodologies in use among survey participants include COSO and ISO 9000.
TrueFalse

Guldentops, Van Grembergen and De Haes Article

6. Among industries, organizations responding to the ISACA and IT Governance Institute survey cited by the authors that had the most mature controls and governance program were in the retail and financial services industries.
TrueFalse7. Among geographies, organizations responding to the ISACA and IT Governance Institute survey cited by the authors that had the most mature controls and governance program were in the Americas and Europe.
TrueFalse

Caldwell Article

8. Security event management software is designed to correlate security event log data across multiple types of security devices.
TrueFalse9. To create a security event chain and correlate security event log data, systems must move security data to a consolidation point, they must be normalized to a common log format, and they must be reduced so they can be correlated more efficiently.
TrueFalse10. The following basic fields are among those most likely to be used for data correlation by security event management software: geography of device, device type and time threshold.
TrueFalse

Hasan Article

11. Benford's Law is based on certain assumptions about numbers that result from the same phenomenon. It states that the digits 1 through 9 are not equally likely to appear as a leading digit in multidigit numbers resulting from the phenomenon.
TrueFalse12. Examples of Benford's Law occurring in population statistics are that the number 9 is twice as likely to occur as a leading digit than the number 2 or 3.
TrueFalse13. Datasets must satisfy several conditions before applying Benford's Law. Some of these conditions include: the numbers must not be affected by minimum or maximum values, the numbers must occur naturally but not be assigned and the numbers must be related in some way.
TrueFalse

Stasiak Article

14. The first phase of a web application review is the crawl state, where the reviewer gathers information about the application under review.
TrueFalse15. Tools identified by the author for the attack phase of a web application review include AppScan, WebInspect and ScanDo.
TrueFalse

Greene Article

16. Standard-setting bodies that have published standards for application security include ISO, AICPA, ISACA and NIST.
TrueFalse

Your results will appear in a new window.

Please note: This quiz requires a JavaScript-enabled browser. If the quiz is not displayed above, you either do not have a browser which supports JavaScript or JavaScript support has been disabled.

© 2012 ISACA. All Rights Reserved

Site Map
Contact Us
Press Room
Terms of Use
ISACA PRIVACY POLICY – YOUR PRIVACY RIGHTS
IP Guidelines