INMT 341 - Final Exam Latest Update 2024-2025
Actual Exam from Credible Source with 300
Questions and 100% Verified Detailed Correct
Answers Guaranteed A+ Approved by Professor
2 factor authentication - CORRECT ANSWER: Something the user has and something
the user knows
3 factor authentication - CORRECT ANSWER: Something the user has, something the
user knows, biometric attribute
A Digital signature is created to provide: - CORRECT ANSWER: - Proof that document
has not been altered (integrity)
- Proof of the creator of the document (authenticity)
Access Control List (ACL) - CORRECT ANSWER: Internal computerized table of access
rules (permissions) regarding the levels of computer access permitted to logon IDs and
computer terminals.
Also referred to as access control tables, an ACL specifies which users or system
processes are granted access to objects, as well as what operations are allowed on
given objects.
Algorithm - CORRECT ANSWER: A procedure or formula for solving a problem, based
on performing a sequence of specified actions
Annotation - CORRECT ANSWER: This symbol is used to include important
supplementary information or explanations that are difficult to describe graphically within
the flowchart itself
Application Controls - CORRECT ANSWER: The policies, procedures and activities
designed to provide reasonable assurance that objectives relevant to a given
application are achieved
,Application Controls - CORRECT ANSWER: The policies, procedures and activities
designed to provide reasonable assurance that objectives relevant to a given
application are achieved
Asymmetric (public key) encryption - CORRECT ANSWER: A cipher technique in which
different cryptographic keys are used to encrypt and decrypt a message
Uses two keys
- Public key—everyone has access
- Private key—used to decrypt (only known by owner)
- Public key can be used by all your trading partners
Can create digital signatures
Asymmetric (public key) encryption - CORRECT ANSWER: Uses two keys
Authentication - CORRECT ANSWER: The act of verifying identity (i.e., user, system) -
Is the user who he/she says he/she is?
Authenticity - CORRECT ANSWER: Proof of the creator of the document
- The signature was created with a private key that doesn't correspond to the public key
presented by the signer (authentication).
Authorization - CORRECT ANSWER: Determines what a person can access once
he/she is authorized to use the system
Authorization Controls - CORRECT ANSWER: - Access control lists, ensure different
user levels created
- Job roles/job descriptions match to ACL
- Privileges identified for each job role/description
- Enforcement of privileges provided to each job role/description
,- Application hardening to remove possibility of bypassing authorization mechanisms to
elevate user levels
- Job change/termination policies and procedures
Authorization Risks - CORRECT ANSWER: - Excessive access or rights to application
- Excessive rights within applications
- Gain of excessive access by increasing authorization level
- Access or rights slow to update upon job change/termination
- Proxies who are not controlled
Availability - CORRECT ANSWER: Ensuring timely and reliable access to and use of
information
Backup Procedures - CORRECT ANSWER: - Incremental Backup
- Differential Backup
Balancing - CORRECT ANSWER: When you balance a DFD it means you preserve the
inputs and outputs of a parent DFD at the next level of decomposition
Batch processing - CORRECT ANSWER: Input multiple source documents at once in a
group
Batch Total Recalculation - CORRECT ANSWER: Compare calculated batch total after
processing to input totals
Batch totals - CORRECT ANSWER: Compare batch input totals to batch processing
output totals
For example, if input is a batch of credit payments totaling $4500, the increase to cash
and the decrease to accounts receivable should equal $4500
, Benefits of GRC - CORRECT ANSWER: A well-planned GRC strategy comes with lots
of benefits: improved decision-making, more optimal IT investments, elimination of silos,
and reduced fragmentation among divisions and departments
Black hole - CORRECT ANSWER: No process can have only inputs.
If an object has only inputs, then it must be a sink
Buffer (cache) overflow attack - CORRECT ANSWER: Occurs when a program or
process tries to store more data in a buffer (temporary data storage area) than it was
intended to hold. Since buffers are created to contain a finite amount of data, the extra
information—which has to go somewhere—can overflow into adjacent buffers,
corrupting or overwriting the valid data held in them.
Business continuity plan (BCP) - CORRECT ANSWER: Plan used by an enterprise to
respond to disruption of critical business processes. The goal is quick and complete
recovery and resumption of normal operations. Depends on the contingency plan for
restoration of critical systems
BYOD policy - CORRECT ANSWER: A BYOD policy specifies rules that permit partial or
full integration of user‐owned mobile devices for business purposes
Categories of Controls - CORRECT ANSWER: - Preventive Controls
- Detective Controls
- Corrective Controls
CERT (Computer Emergency Response Team) - CORRECT ANSWER: A group of
people integrated at the enterprise with clear lines of reporting and responsibilities for
standby support in case of an information systems emergency. This group will act as an
efficient corrective control, and should also act as a single point of contact for all
incidents and issues related to information systems
Certificate authority (CA) - CORRECT ANSWER: A trusted third party that issues
electronic digital certificates to verify a digital entity's identity on the Internet
Actual Exam from Credible Source with 300
Questions and 100% Verified Detailed Correct
Answers Guaranteed A+ Approved by Professor
2 factor authentication - CORRECT ANSWER: Something the user has and something
the user knows
3 factor authentication - CORRECT ANSWER: Something the user has, something the
user knows, biometric attribute
A Digital signature is created to provide: - CORRECT ANSWER: - Proof that document
has not been altered (integrity)
- Proof of the creator of the document (authenticity)
Access Control List (ACL) - CORRECT ANSWER: Internal computerized table of access
rules (permissions) regarding the levels of computer access permitted to logon IDs and
computer terminals.
Also referred to as access control tables, an ACL specifies which users or system
processes are granted access to objects, as well as what operations are allowed on
given objects.
Algorithm - CORRECT ANSWER: A procedure or formula for solving a problem, based
on performing a sequence of specified actions
Annotation - CORRECT ANSWER: This symbol is used to include important
supplementary information or explanations that are difficult to describe graphically within
the flowchart itself
Application Controls - CORRECT ANSWER: The policies, procedures and activities
designed to provide reasonable assurance that objectives relevant to a given
application are achieved
,Application Controls - CORRECT ANSWER: The policies, procedures and activities
designed to provide reasonable assurance that objectives relevant to a given
application are achieved
Asymmetric (public key) encryption - CORRECT ANSWER: A cipher technique in which
different cryptographic keys are used to encrypt and decrypt a message
Uses two keys
- Public key—everyone has access
- Private key—used to decrypt (only known by owner)
- Public key can be used by all your trading partners
Can create digital signatures
Asymmetric (public key) encryption - CORRECT ANSWER: Uses two keys
Authentication - CORRECT ANSWER: The act of verifying identity (i.e., user, system) -
Is the user who he/she says he/she is?
Authenticity - CORRECT ANSWER: Proof of the creator of the document
- The signature was created with a private key that doesn't correspond to the public key
presented by the signer (authentication).
Authorization - CORRECT ANSWER: Determines what a person can access once
he/she is authorized to use the system
Authorization Controls - CORRECT ANSWER: - Access control lists, ensure different
user levels created
- Job roles/job descriptions match to ACL
- Privileges identified for each job role/description
- Enforcement of privileges provided to each job role/description
,- Application hardening to remove possibility of bypassing authorization mechanisms to
elevate user levels
- Job change/termination policies and procedures
Authorization Risks - CORRECT ANSWER: - Excessive access or rights to application
- Excessive rights within applications
- Gain of excessive access by increasing authorization level
- Access or rights slow to update upon job change/termination
- Proxies who are not controlled
Availability - CORRECT ANSWER: Ensuring timely and reliable access to and use of
information
Backup Procedures - CORRECT ANSWER: - Incremental Backup
- Differential Backup
Balancing - CORRECT ANSWER: When you balance a DFD it means you preserve the
inputs and outputs of a parent DFD at the next level of decomposition
Batch processing - CORRECT ANSWER: Input multiple source documents at once in a
group
Batch Total Recalculation - CORRECT ANSWER: Compare calculated batch total after
processing to input totals
Batch totals - CORRECT ANSWER: Compare batch input totals to batch processing
output totals
For example, if input is a batch of credit payments totaling $4500, the increase to cash
and the decrease to accounts receivable should equal $4500
, Benefits of GRC - CORRECT ANSWER: A well-planned GRC strategy comes with lots
of benefits: improved decision-making, more optimal IT investments, elimination of silos,
and reduced fragmentation among divisions and departments
Black hole - CORRECT ANSWER: No process can have only inputs.
If an object has only inputs, then it must be a sink
Buffer (cache) overflow attack - CORRECT ANSWER: Occurs when a program or
process tries to store more data in a buffer (temporary data storage area) than it was
intended to hold. Since buffers are created to contain a finite amount of data, the extra
information—which has to go somewhere—can overflow into adjacent buffers,
corrupting or overwriting the valid data held in them.
Business continuity plan (BCP) - CORRECT ANSWER: Plan used by an enterprise to
respond to disruption of critical business processes. The goal is quick and complete
recovery and resumption of normal operations. Depends on the contingency plan for
restoration of critical systems
BYOD policy - CORRECT ANSWER: A BYOD policy specifies rules that permit partial or
full integration of user‐owned mobile devices for business purposes
Categories of Controls - CORRECT ANSWER: - Preventive Controls
- Detective Controls
- Corrective Controls
CERT (Computer Emergency Response Team) - CORRECT ANSWER: A group of
people integrated at the enterprise with clear lines of reporting and responsibilities for
standby support in case of an information systems emergency. This group will act as an
efficient corrective control, and should also act as a single point of contact for all
incidents and issues related to information systems
Certificate authority (CA) - CORRECT ANSWER: A trusted third party that issues
electronic digital certificates to verify a digital entity's identity on the Internet
