ISACA: Serving IT Governance Professionals

English
Chinese (Simplified)
Chinese (Traditional)
Deutsch
Espanol
Francais
Hebrew
Italiano
Japanese
Korean
Nederlands
Polski
Portuguese

Advanced Search

ABOUT
Membership
CERTIFICATION
Education
COBIT
Knowledge Center
Journal
Bookstore

What We Offer & Whom We Serve

@ISACA Newsletter

Licensing and Promotion

Volunteering

IT Governance
Institute

	Professional Membership
	Student Membership
	Academic Membership

	Local Chapter Information
	Join Today
	Professional Growth Global Community Advance Your Career


What is CISA	What is CISM	What is CGEIT	What is CRISC
Benefits of CISA	Benefits of CISM	Benefits of CGEIT	Benefits of CRISC
How to Become Certified	How to Become Certified	How to Become Certified	How to Become Certified
Register for the Exam	Register for the Exam	Register for the Exam	Register for the Exam
Prepare for the Exam	Prepare for the Exam	Prepare for the Exam	Prepare for the Exam
Taking the Exam	Taking the Exam	Taking the Exam	Taking the Exam
Apply for Certification	Apply for Certification	Apply for Certification	Apply for Certification
Maintain Your CISA	Maintain Your CISM	Maintain Your CGEIT	Maintain Your CRISC

Why Certify

How to Earn CPE

Maintain Your Certification

Write an Exam Question

US DoD Information

Exam Registration

CONFERENCES

ONLINE LEARNING

World Congress: INSIGHTS	Training Week	Webinars
North America CACS	eLearning Campus	Virtual Conferences
EuroCACS / ISRM	On-Site Training
Governance, Risk and Control	Exam Review Courses	COBIT EDUCATION
North America ISRM
Latin America CACS / ISRM
Oceania CACS
Asia-Pacific CACS / ISRM

Call for Papers

Browse All Events

Exhibitors and Sponsors


COBIT 5 Home
Product Family
Training & Accreditation
Licensing
Join the Conversation
News
Recognition
FAQs

Browse Knowledge Center topics

Where networking and knowledge intersect.

	BMIS (Information Security)
	COBIT 5 \| COBIT 4.1
	ITAF (IT Assurance\Audit)
	Research (Deliverables\Projects)
	Risk IT (IT Risk Management)
	Standards (Assurance\Audit\Control)
	Val IT (Value Delivery)

Featured Resources

Career Centre

Legislative Reporting

Current Issue

Past Issues

Author Blog

CPE Quizzes

Submit an Article

COBIT Process Assessment Model (PAM): Using COBIT 5

A New Auditor's Guide to Planning, Performing and Presenting IT Audits

A New Auditor's Guide to Planning, Performing and Presenting IT Audits

Top Sellers

Security, Audit and Control Features SAP ERP, 3rd Edition

English: CISA Practice Question Database v12 (CD-ROM)

IT Project Management:30 Steps to Success

IT Governance: Policies & Procedures, 2012 Edition

The Operational Risk Handbook for Financial Companies

ISACA
My ISACA

Join ISACA
Feedback
Shopping Cart

Sign In

ISACA > Journal > Past Issues > 2005 > Volume 3 > Quiz 100

Quiz 100

Journal
- Current Issue
- JOnline
- Past Issues
  - 2013
  - 2012
  - 2011
  - 2010
  - 2009
  - 2008
  - 2007
  - 2006
  - 2005
  - 2004
  - 2003
  - 2002
  - 2001
  - 2000
- Journal Author Blog
- Submit an Article
- Advertise
- CPE Quizzes
- Current Digital Journal
- Journal Mobile Apps

Please note: In order to obtain your CPE certificate for having passed the quiz, you must turn off your pop-up blocker.

Pironti Article
Mookhey Article
Cerullo Article
Bhatia Article
Sarva Article

CPE Quiz # 100

Based on Information Systems Control Journal Volume 1, 2005

A passing score of 75 percent qualifies for one (1) hour of CISA/CISM/CGEIT Continuing Professional Education (CPE) Credit

Your results will appear in a new window.

Enter your name below so it displays on the quiz results page:

Name:

Pironti Article

1. The information security program allows an organization to achieve the goal of transforming information security incidents into operational anomalies.
TrueFalse2. Regulations like the Sarbanes-Oxley Act were put in place to maintain a baseline standard for security in organizations, since it was demonstrated that they had not been doing an adequate job of this without regulation.
TrueFalse3. To implement an effective governance structure for the information security program, it is important to identify the roles and key goal indicators (KGIs) for each element of the functional inventory.
TrueFalse4. The threat and vulnerability assessment role provides the business elements of the organization with an educated and analyzed view of the threat analysis methodology to accurately assess the existence, likelihood and business impact of threats to individual solutions within the organization as well as the organization as a whole.
TrueFalse5. In the author's opinion, the program governance function provides the technology and operational functions for the information security organization.
TrueFalse

Mookhey Article

6. A fully patched, securely configured server with an actively monitored audit trail can end up being a difficult target for an attacker to fully compromise.
TrueFalse7. Black box or penetration testing is a security evaluation carried out with good knowledge about the internal workings of the system.
TrueFalse8. The security target defines the functional (from part 1) and assurance (from part 2) requirements that the product satisfies.
TrueFalse9. The author states that Common Criteria compliance automatically ensures a high-security product.
TrueFalse

Cerullo Article

10. The authors argue that accountants are concerned that the information the firm needs to achieve its financial reporting objectives is reliable; hence, they need not be concerned about security measures in place.
TrueFalse11. Pareto's Law states that a small percentage of the items in a population represents the most significant items in the population.
TrueFalse

Bhatia Article

12. Web services are strongly coupled entities and can dynamically locate and interact with other components or services on the Internet to provide a new set of services.
TrueFalse13. The author argues that due to the absence of widely accepted security standards and technologies, implementing those standards and offering a completely scalable web service are not easy.
TrueFalse

Sarva Article

14. In the federated identity model, a consumer or business enters its password only once and is able to move to trusted sites without rekeying its identity information.
TrueFalse15. In an identity management implementation, the major source of security risk emanates from creating/deleting a user.
TrueFalse16. The author recommends that organizations adopt a practical path and an integrated approach in identity creation, administration and access benefits.
TrueFalse

Your results will appear in a new window.

Please note: This quiz requires a JavaScript-enabled browser. If the quiz is not displayed above, you either do not have a browser which supports JavaScript or JavaScript support has been disabled.

© 2013 ISACA. All Rights Reserved

Site Map
Contact Us
Press Room
Terms of Use
ISACA PRIVACY POLICY – YOUR PRIVACY RIGHTS
IP Guidelines