INMT 341 - Final Exam Latest Update -

INMT 341 - Final Exam Latest Update - Actual Exam from Credible Source with 300 Questions and 100% Verified Detailed Correct Answers Guaranteed A+ Approved by Professor

2 factor authentication - CORRECT ANSWER: Something the user has and something

the user knows

3 factor authentication - CORRECT ANSWER: Something the user has, something the

user knows, biometric attribute

A Digital signature is created to provide: - CORRECT ANSWER: - Proof that document has not been altered (integrity)

• Proof of the creator of the document (authenticity)

Access Control List (ACL) - CORRECT ANSWER: Internal computerized table of access rules (permissions) regarding the levels of computer access permitted to logon IDs and computer terminals.Also referred to as access control tables, an ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects.

Algorithm - CORRECT ANSWER: A procedure or formula for solving a problem, based

on performing a sequence of specified actions

Annotation - CORRECT ANSWER: This symbol is used to include important

supplementary information or explanations that are difficult to describe graphically within the flowchart itself

Application Controls - CORRECT ANSWER: The policies, procedures and activities

designed to provide reasonable assurance that objectives relevant to a given application are achieved 1 / 4

Application Controls - CORRECT ANSWER: The policies, procedures and activities

designed to provide reasonable assurance that objectives relevant to a given application are achieved

Asymmetric (public key) encryption - CORRECT ANSWER: A cipher technique in which different cryptographic keys are used to encrypt and decrypt a message Uses two keys

• Public key—everyone has access
• Private key—used to decrypt (only known by owner)
• Public key can be used by all your trading partners

Can create digital signatures

Asymmetric (public key) encryption - CORRECT ANSWER: Uses two keys

Authentication - CORRECT ANSWER: The act of verifying identity (i.e., user, system) - Is the user who he/she says he/she is?

Authenticity - CORRECT ANSWER: Proof of the creator of the document

• The signature was created with a private key that doesn't correspond to the public key

presented by the signer (authentication).

Authorization - CORRECT ANSWER: Determines what a person can access once

he/she is authorized to use the system

Authorization Controls - CORRECT ANSWER: - Access control lists, ensure different user levels created

• Job roles/job descriptions match to ACL
• Privileges identified for each job role/description
• Enforcement of privileges provided to each job role/description 2 / 4

• Application hardening to remove possibility of bypassing authorization mechanisms to

elevate user levels

• Job change/termination policies and procedures

Authorization Risks - CORRECT ANSWER: - Excessive access or rights to application

• Excessive rights within applications
• Gain of excessive access by increasing authorization level
• Access or rights slow to update upon job change/termination
• Proxies who are not controlled

Availability - CORRECT ANSWER: Ensuring timely and reliable access to and use of information

Backup Procedures - CORRECT ANSWER: - Incremental Backup

• Differential Backup

Balancing - CORRECT ANSWER: When you balance a DFD it means you preserve the

inputs and outputs of a parent DFD at the next level of decomposition

Batch processing - CORRECT ANSWER: Input multiple source documents at once in a

group

Batch Total Recalculation - CORRECT ANSWER: Compare calculated batch total after processing to input totals

Batch totals - CORRECT ANSWER: Compare batch input totals to batch processing

output totals For example, if input is a batch of credit payments totaling $4500, the increase to cash and the decrease to accounts receivable should equal $4500

• / 4

Benefits of GRC - CORRECT ANSWER: A well-planned GRC strategy comes with lots

of benefits: improved decision-making, more optimal IT investments, elimination of silos, and reduced fragmentation among divisions and departments

Black hole - CORRECT ANSWER: No process can have only inputs.

If an object has only inputs, then it must be a sink

Buffer (cache) overflow attack - CORRECT ANSWER: Occurs when a program or

process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information—which has to go somewhere—can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Business continuity plan (BCP) - CORRECT ANSWER: Plan used by an enterprise to

respond to disruption of critical business processes. The goal is quick and complete recovery and resumption of normal operations. Depends on the contingency plan for restoration of critical systems

BYOD policy - CORRECT ANSWER: A BYOD policy specifies rules that permit partial or full integration of user‐owned mobile devices for business purposes

Categories of Controls - CORRECT ANSWER: - Preventive Controls

• Detective Controls
• Corrective Controls

CERT (Computer Emergency Response Team) - CORRECT ANSWER: A group of

people integrated at the enterprise with clear lines of reporting and responsibilities for standby support in case of an information systems emergency. This group will act as an efficient corrective control, and should also act as a single point of contact for all incidents and issues related to information systems

Certificate authority (CA) - CORRECT ANSWER: A trusted third party that issues

electronic digital certificates to verify a digital entity's identity on the Internet

• / 4