欢迎来到天天文库
浏览记录
ID:22838873
大小:110.50 KB
页数:22页
时间:2018-10-31
《控制自我评估讲义》由会员上传分享,免费在线阅读,更多相关内容在应用文档-天天文库。
1、CIA英文试题1.Client-serverarchitecturemaypotentiallyinvolveavarietyofhardware,systemssoftware,andapplicationsoftwarefrommanyvendors.Thebestwaytoprotectaclient-serversystemfromunauthorizedaccessisthroughAAcombinationofapplicationandgeneralaccesscontroltechni
2、quesBUseofacommerciallyavailableauthenticationsystemCEncryptionofallnetworktrafficDThoroughtestingandevaluationofremoteprocedurecalls.AcorrectSecurityismoredifficulttoachieveinaclient-serversystemthaninamainframeenvironment.Thesystemhasnumerousaccesspoi
3、nts,andusershavemanychancestoalterdata.Thus,applicationcontrolsmustbecombinedwithgeneralaccesscontrolstoprotectthesystem.BincorrectAuthenticationsystemsareonlyapartofthesolution.CincorrectEncryptionaffectsonlygeneralaccesscontroltechniques.DincorrectTes
4、tingandevaluationofRPC’smaybeonlyasmallpartofanoverallsecurityreview.Acompanywithseveralhundredstoreshasanetworkforthestorestotransmitsalesdatatoheadquarters.Thenetworkisalsousedfor2Theinformationsystemsandauditdirectorsalsoagreedthatmaintainingtheinteg
5、rityofthesystemthatkeptinventorydatawascrucialfordistributingcorrectproductquantitiestostores.ThebestwaytoensuretheintegrityoftheapplicationsoftwareisthroughAAccesscontrolsforterminalsinthereceivingdepartmentBAudittrailsforitemssoldandreceived.CChangeco
6、ntrolsforinventorysoftware.DMonitoringsoftwareforthenetwork.AincorrectAccesscontrolsforterminalsinthereceivingdepartmentensurethatonlyauthorizedreceivingpersonnelhaveaccesstospecificcategoriesofinformation.However,theydonotaffectpersonnelinotherfunction
7、alareas.BAudittrailspermitauditsoftransactionupdatestodatefilesbutdonotensuretheintegrityofapplicationsoftware.CChangecontrolisvitaltotheeffectivenessofinternalcontrol.Itisthesetofproceduresthatensurethatonlyauthorized,tested,anddocumentedprogramchanges
8、aremade.Suchproceduresincludenotonlysegregationofdutiesinthedevelopmentandimplementationprocesses,butalsodesignandcodewalk-through,coordinationofchanges,reviewandapprovalbyusersandmanagement,reviewofcompliancewithstandards,minimu
此文档下载收益归作者所有