In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems?
Correct Answer: B
Section: Protection of Information Assets Explanation: Ensuring periodic dumps of transaction logs is the only safe way of preserving timely historical data. The volume of activity usually associated with an online system makes other more traditional methods of backup impractical.
Question 567
Physical access controls are usually implemented based on which of the following means (choose all that apply):
Correct Answer: A,B
In physical security, access control refers to the practice of restricting entrance to authorized persons. Human means of enforcement include guard, bouncer, receptionist ... etc. Mechanical means may include locks and keys.
Question 568
Which of the following refers to a primary component of corporate risk management with the goal of minimizing the risk of prosecution for software piracy due to use of unlicensed software?
Correct Answer: A
Software audits are a component of corporate risk management, with the goal of minimizing the risk of prosecution for software piracy due to use of unlicensed software. From time to time internal or external audits may take a forensic approach to establish what is installed on the computers in an organization with the purpose of ensuring that it is all legal and authorized and to ensure that its process of processing transactions or events is correct.
Question 569
During a routine internal software licensing review, an IS auditor discovers instances where employees shared license keys to critical pieces of business software. Which of the following would be the auditor's BEST course of action?
Correct Answer: D
The auditor's best course of action after discovering instances where employees shared license keys to critical pieces of business software is to verify whether the licensing agreement allows shared use. A licensing agreement is a contract between the software provider and the user that defines the terms and conditions of using the software, including the number, type, and scope of licenses granted. Some licensing agreements may allow shared use of license keys among multiple users or devices, while others may prohibit or restrict such use. By verifying the licensing agreement, the auditor can determine whether the employees violated the contract or not, and whether there are any legal or financial risks or implications for the organization. The other options are not as appropriate as option D, as they may not address the root cause of the issue or provide a comprehensive solution. Recommending the utilization of software licensing monitoring tools may help prevent or detect future instances of license key sharing, but it does not resolve the current situation or ensure compliance with the licensing agreement. Recommending the purchase of additional software license keys may be unnecessary or wasteful if the licensing agreement already allows shared use or if there are unused licenses available. Validating user need for shared software licenses may help identify the reasons or motivations behind license key sharing, but it does not justify or excuse such behavior if it violates the licensing agreement. References: * 9: Best License Management Software 2023 | Capterra * 10: Best 10 Software License Management Tools in 2023 | Zluri * 11: Top 10 Software License Tracking Tools | Zluri * 12: Top 5 Software License Tracking Solutions in 2023 - DNSstuff
Question 570
Why does the IS auditor often review the system logs?
Correct Answer: C
Explanation/Reference: When trying to determine the existence of unauthorized access to data by a user or program, the IS auditor will often review the system logs.
