ISC S2 M1 BECKER EXAM QUESTIONS AND ANSWERS
/. IT infrastructure - Answer-the supporting IT architecture within most modern
companies has multiple, interconnected technological components, with the core
infrastructure involving a combination of:
-on-premises and outsourced hardware
-software
-specialized personnel
/.what has caused the focus on quality System and Organization Controls (SOC)2
engagements to grow aggressively in recent years - Answer-some organizations
manage this infrastructure themselves, but many are increasingly relying on third-party
providers to support their IT operations
/.IT infrastructure is applicable to: - Answer--an organization's internal employees
-individuals auditing the organization
(anyone looking from inside out or outside in)
/.SOC 2 engagements are examinations in which a third-party evaluates and reports on
a service organization's system controls as it relates to the AICPA's 5 trust services
criteria: - Answer-1. Security
2. Availability
3. Processing Integrity
4. Confidentiality
5. Privacy
/.Who do SOC 2 audits involve - Answer-they can involve any third-party company that
manages or has access to sensitive data, they typically involve companies that manage
the IT function of other organizations as their primary business
-third-party reports give users reasonable assurance that the service organization's
controls listed in its system description are accurately depicted and effective
/.SOC 2 engagements require auditors to have: - Answer--an advanced understanding
of information technology terminology
-technical expertise in the way in which key components of the modern IT landscape
function
/.Computers and End-User Devices (EUDs) - Answer-EUDs are electronic machines,
typically computers or mini-computers, that directly interact with employees or
, consumers at the "edge" of a network, meaning they are the point in a chain of
applications or an organization's IT architecture that interfaces with a human
/.Examples of EUDs: - Answer--company-issued laptops
-desktops
-tablets
-wearables that are used by an employee who is strictly the final consumer of that
device rather than intermediary
the end user may also be a customer to whom the manufacturer of that device sells to
allows for human infrastructure interface
/.Internal computer hardware:
Key hardware components within a computer include: - Answer--microprocessors - the
core/brain
-graphics and sound card - allows monitors and speakers to work
-hard drives (permanent storage)
-random access memory or RAM (temporary storage)
-power supply
-the motherboard - connects all these pieces to eachother
/.External Hardware - Answer-- Located outside the system unit
- Connect to the computer via a wired or wireless connection
mouse, keyboards, speakers, microphones, disk drives, printers, scanners, etc.
/.Infrastructure Housing - Answer-The facilities and the safeguards on those facilities
that contain hardware (data centers or offices, includes advanced security systems to
monitor and control access, includes ventilation and climate control to keep PCs cool
/.Network infrastructure hardware
traditional hardware found in most networks is as follows: - Answer--Modems
-Routers
-Switches
-Gateways
-Edge-enabled devices
-Servers
/.Modems - Answer-connects a network to an internet service provider's network usually
through a cable connection & each modem has a public IP address
/.Routers - Answer-manage network traffic by connecting to form a network & acts as a
link to modems and the organizations switches or EUDs
/. IT infrastructure - Answer-the supporting IT architecture within most modern
companies has multiple, interconnected technological components, with the core
infrastructure involving a combination of:
-on-premises and outsourced hardware
-software
-specialized personnel
/.what has caused the focus on quality System and Organization Controls (SOC)2
engagements to grow aggressively in recent years - Answer-some organizations
manage this infrastructure themselves, but many are increasingly relying on third-party
providers to support their IT operations
/.IT infrastructure is applicable to: - Answer--an organization's internal employees
-individuals auditing the organization
(anyone looking from inside out or outside in)
/.SOC 2 engagements are examinations in which a third-party evaluates and reports on
a service organization's system controls as it relates to the AICPA's 5 trust services
criteria: - Answer-1. Security
2. Availability
3. Processing Integrity
4. Confidentiality
5. Privacy
/.Who do SOC 2 audits involve - Answer-they can involve any third-party company that
manages or has access to sensitive data, they typically involve companies that manage
the IT function of other organizations as their primary business
-third-party reports give users reasonable assurance that the service organization's
controls listed in its system description are accurately depicted and effective
/.SOC 2 engagements require auditors to have: - Answer--an advanced understanding
of information technology terminology
-technical expertise in the way in which key components of the modern IT landscape
function
/.Computers and End-User Devices (EUDs) - Answer-EUDs are electronic machines,
typically computers or mini-computers, that directly interact with employees or
, consumers at the "edge" of a network, meaning they are the point in a chain of
applications or an organization's IT architecture that interfaces with a human
/.Examples of EUDs: - Answer--company-issued laptops
-desktops
-tablets
-wearables that are used by an employee who is strictly the final consumer of that
device rather than intermediary
the end user may also be a customer to whom the manufacturer of that device sells to
allows for human infrastructure interface
/.Internal computer hardware:
Key hardware components within a computer include: - Answer--microprocessors - the
core/brain
-graphics and sound card - allows monitors and speakers to work
-hard drives (permanent storage)
-random access memory or RAM (temporary storage)
-power supply
-the motherboard - connects all these pieces to eachother
/.External Hardware - Answer-- Located outside the system unit
- Connect to the computer via a wired or wireless connection
mouse, keyboards, speakers, microphones, disk drives, printers, scanners, etc.
/.Infrastructure Housing - Answer-The facilities and the safeguards on those facilities
that contain hardware (data centers or offices, includes advanced security systems to
monitor and control access, includes ventilation and climate control to keep PCs cool
/.Network infrastructure hardware
traditional hardware found in most networks is as follows: - Answer--Modems
-Routers
-Switches
-Gateways
-Edge-enabled devices
-Servers
/.Modems - Answer-connects a network to an internet service provider's network usually
through a cable connection & each modem has a public IP address
/.Routers - Answer-manage network traffic by connecting to form a network & acts as a
link to modems and the organizations switches or EUDs
