ISACA: Serving IT Governance Professionals

English
Chinese (Simplified)
Chinese (Traditional)
Deutsch
Espanol
Francais
Hebrew
Italiano
Japanese
Korean
Nederlands
Polski
Portuguese

Advanced Search

ABOUT
Membership
CERTIFICATION
Education
COBIT
Knowledge Center
Journal
Bookstore

What We Offer & Whom We Serve

@ISACA Newsletter

Licensing and Promotion

Volunteering

IT Governance
Institute

	Professional Membership
	Student Membership
	Academic Membership

	Local Chapter Information
	Join Today
	Professional Growth Global Community Advance Your Career


What is CISA	What is CISM	What is CGEIT	What is CRISC
Benefits of CISA	Benefits of CISM	Benefits of CGEIT	Benefits of CRISC
How to Become Certified	How to Become Certified	How to Become Certified	How to Become Certified
Register for the Exam	Register for the Exam	Register for the Exam	Register for the Exam
Prepare for the Exam	Prepare for the Exam	Prepare for the Exam	Prepare for the Exam
Taking the Exam	Taking the Exam	Taking the Exam	Taking the Exam
Apply for Certification	Apply for Certification	Apply for Certification	Apply for Certification
Maintain Your CISA	Maintain Your CISM	Maintain Your CGEIT	Maintain Your CRISC

Why Certify

How to Earn CPE

Maintain Your Certification

Write an Exam Question

US DoD Information

Exam Registration

CONFERENCES

ONLINE LEARNING

World Congress: INSIGHTS	Training Week	Webinars
North America CACS	eLearning Campus	Virtual Conferences
EuroCACS / ISRM	On-Site Training
Governance, Risk and Control	Exam Review Courses	COBIT EDUCATION
North America ISRM
Latin America CACS / ISRM
Oceania CACS
Asia-Pacific CACS / ISRM

Call for Papers

Browse All Events

Exhibitors and Sponsors


COBIT 5 Home
Product Family
Training & Accreditation
Licensing
Join the Conversation
News
Recognition
FAQs

Browse Knowledge Center topics

Where networking and knowledge intersect.

	BMIS (Information Security)
	COBIT 5 \| COBIT 4.1
	ITAF (IT Assurance\Audit)
	Research (Deliverables\Projects)
	Risk IT (IT Risk Management)
	Standards (Assurance\Audit\Control)
	Val IT (Value Delivery)

Featured Resources

Career Centre

Legislative Reporting

Current Issue

Past Issues

Author Blog

CPE Quizzes

Submit an Article

COBIT Process Assessment Model (PAM): Using COBIT 5

A New Auditor's Guide to Planning, Performing and Presenting IT Audits

A New Auditor's Guide to Planning, Performing and Presenting IT Audits

Top Sellers

Security, Audit and Control Features SAP ERP, 3rd Edition

English: CISA Practice Question Database v12 (CD-ROM)

IT Project Management:30 Steps to Success

IT Governance: Policies & Procedures, 2012 Edition

The Operational Risk Handbook for Financial Companies

ISACA
My ISACA

Join ISACA
Feedback
Shopping Cart

Sign In

ISACA > Journal > Past Issues > 2008 > Volume 2

Quiz 117

Journal
- Current Issue
- JOnline
- Past Issues
  - 2013
  - 2012
  - 2011
  - 2010
  - 2009
  - 2008
  - 2007
  - 2006
  - 2005
  - 2004
  - 2003
  - 2002
  - 2001
  - 2000
- Journal Author Blog
- Submit an Article
- Advertise
- CPE Quizzes
- Current Digital Journal
- Journal Mobile Apps

Please note: In order to obtain your CPE certificate for having passed the quiz, you must turn off your pop-up blocker.

Micallef Article
Emmett Article
Ramirez Article
Lawton Article
Moseley Article

CPE Quiz # 117

Based on Information Systems Control Journal Volume 6, 2007

A passing score of 75 percent qualifies for one (1) hour of CISA/CISM/CGEIT Continuing Professional Education (CPE) Credit

Your results will appear in a new window.

Enter your name below so it displays on the quiz results page:

Name:

Micallef Article

1. Tougher rules and regulations are the way to restore trust in the corporate world and stability in the financial markets.
TrueFalse2. Regulation is not a free commodity and ultimately adds to the cost of every single financial product.
TrueFalse3. Integrated risk management practices and corporate governance disciplines are not regulatory imperatives.
TrueFalse4. A silo-based approach to corporate governance, risk management practices and regulatory compliance (GRC) not only will be insufficient, but also will result in compliance processes layered one upon the other, adding cost and duplication and reducing the overall agility of the business—in effect, increasing risk.
TrueFalse

Emmett Article

5. A security information management (SIM) solution can be implemented regardless of differences in organizations and technology solutions, as these do not impact the ultimate security management goals and approach.
TrueFalse6. SIM is essentially a parser of aggregated data; getting the maximum amount of relevant data to it will yield the best results and facilitate more comprehensive and accurate audits.
TrueFalse7. If SIM does not see the source data, it cannot analyze the data or use them for correlation with other events it did see.
TrueFalse8. SIMs are perfect, so do not expect to see false positives and false negatives.
TrueFalse

Ramirez Article

9. Excessive load on the data network affecting the Voiceover Internet Protocol (VoIP) is a typical example of a denial-of-service attack.
TrueFalse10. Session hijacking refers to intruders being able to exploit vulnerabilities on the VoIP environment to impersonate a user, redirect calls to a secondary phone and gather information to support their process.
TrueFalse11. Protection of VoIP calls from unauthorized access will reduce the chances of unauthorized interception or modification of the calls.
TrueFalse12. Physical security is one of the countermeasures required for the VoIP network and applies to the network, data center, hardware and equipment used for the VoIP service.
TrueFalse

Lawton Article

13. IT professionals are now subject to numerous audits (both internal and external), with a focus on IT internal controls.
TrueFalse14. Change management cannot be used as an opportunity to enhance the process to automatically generate the chain of evidence.
TrueFalse15. Changing the IT culture is one of the simplest challenges facing IT management today.
TrueFalse16. The Control Objectives for Information and related Technology (COBIT) IT metrics can be of great assistance for organizations that have chosen the balanced scorecard approach.
TrueFalse

Moseley Article

17. Organizations must have a complete understanding of the complicated hierarchies and relationships that exist between them and their stakeholders to deliver the best experience to their stakeholders.
TrueFalse18. Organizations with understanding provided by hierarchical context can improve revenues, decrease costs, meet compliance requirements, mitigate risk and realize many other benefits.
TrueFalse19. The external data provider method has the security risks of placing corporate data beyond the corporate security perimeter.
TrueFalse20. There are many technology solutions that deliver performance and comprehensive features necessary to provide a complete, multidimensional organization view.
TrueFalse

Your results will appear in a new window.

Please note: This quiz requires a JavaScript-enabled browser. If the quiz is not displayed above, you either do not have a browser which supports JavaScript or JavaScript support has been disabled.

© 2013 ISACA. All Rights Reserved

Site Map
Contact Us
Press Room
Terms of Use
ISACA PRIVACY POLICY – YOUR PRIVACY RIGHTS
IP Guidelines