IT Service Delivery and Support Exam Questions and Answers Latest Update Graded A+
1 view 0 purchase
Course
IT Infrastructure
Institution
IT Infrastructure
IT Service Delivery and Support Exam Questions and Answers Latest Update Graded A+
A database administrator has detected a performance problem with some tables which
could be solved through denormalization. This situation will increase the risk of:
A. concurrent access.
B. deadlocks.
C. unauth...
IT Service Delivery and Support Exam Questions and Answers Latest Update Graded A+
A database administrator has detected a performance problem with some tables which
could be solved through denormalization. This situation will increase the risk of:
A. concurrent access.
B. deadlocks.
C. unauthorized access to data.
D. a loss of data integrity. - Answers D. A loss of data integrity.
Answer: D
Answer: D
Explanation:
Normalization is the removal of redundant data elements from the database structure.
Disabling normalization in relational databases will create redundancy and a risk of not
maintaining consistency of data, with the consequent loss of data integrity. Deadlocks are
not caused by denormalization. Access to data is controlled by defining user rights to
information, and is not affected by denormalization.
For locations 3a, 1d and 3d, the diagram indicates hubs with lines that appear to be open
and active. Assuming that is true, what control, if any, should be recommended to mitigate
this weakness?
A. Intelligent hub
B. Physical security over the hubs
C. Physical security and an intelligent hub
D. No controls are necessary since this is not a weakness - Answers C. Physical security and an intelligent
hub.
,Answer: C
Explanation:
Open hubs represent a significant control weakness because of the potential to access a
network connection easily. An intelligent hub would allow the deactivation of a single port
while leaving the remaining ports active. Additionally, physical security would also provide
reasonable protection over hubs with active ports.
When performing a database review, an IS auditor notices that some tables in the
database are not normalized. The IS auditor should next:
A. recommend that the database be normalized.
B. review the conceptual data model.
C. review the stored procedures.
D. review the justification. - Answers D. Review the justification.
Answer: D
Explanation:
If the database is not normalized, the IS auditor should review the justification since, in
some situations, denormalization is recommended for performance reasons. The IS auditor
should not recommend normalizing the database until further investigation takes place.
Reviewing the conceptual data model or the stored procedures will not provide information
about normalization
Which of the following types of firewalls provide the GREATEST degree and granularity of
control?
A. Screening router
B. Packet filter
C. Application gateway
,D. Circuit gateway - Answers C. Application gateway
Answer: C
Explanation:
The application gateway is similar to a circuit gateway, but it has specific proxies for each
service. To handle web services, it has an HTTP proxy that acts as an intermediary
between externals and internals, but is specifically for HTTP. This meansthat it not only
checks the packet IP addresses (layer 3) and the ports it is directed to (in this case port 80,
or layer 4), it also checks every HTTP command (layers 5 and 7). Therefore, it works in a
more detailed (granularity) way than the others. Screening router and packet filter (choices
A and BJ work at the protocol, service and/or port level. This means that they analyze
packets from layers 3 and 4, and not from higher levels. A circuit gateway (choice D) is
based on a proxy or programthat acts as an intermediary between external and internal
accesses. This means that during an external access, instead of opening a single
connection to the internal server, two connections are established-one from the external
server to the proxy(which conforms the circuit-gateway) and one from the proxy to the
internal server. Layers 3 and 4 (IP and TCP) and some general features from higher
protocols are used to perform these tasks.
When reviewing system parameters, an IS auditor's PRIMARY concern should be that:
A. they are set to meet security and performance requirements.
B. changes are recorded in an audit trail and periodically reviewed.
C. changes are authorized and supported by appropriate documents.
D. access to parameters in the system is restricted. - Answers A. They are set to meet security and
performance requirements.
Answer: A
Explanation:
, The primary concern is to find the balance between security and performance. Recording
changes in an audit trail and periodically reviewing them is a detective control; however, if
parameters are not set according to business rules, monitoring of changes may not be an
effective control. Reviewing changes to ensure they are supported by appropriate
documents is also a detective control, if parameters are set incorrectly, the related
documentation and the fact that these are authorized does not reduce the impact.
Restriction of access to parameters ensures that only authorized staff can access the
parameters; however, if the parameters are set incorrectly, restricting access will still have
an adverse impact.
When reviewing the configuration of network devices, an IS auditor should FIRST identify:
A. the best practices for the type of network devices deployed.
B. whether components of the network are missing.
C. the importance of the network device in the topology.
D. whether subcomponents of the network are being used appropriately. - Answers C. The importance
of the network device in the topology.
Answer: C
Explanation:
The first step is to understand the importance and role of the network device within the
organization's network topology. After understanding the devices in the network, the best
practice for using the device should be reviewed to ensure that there are no anomalies
within the configuration. Identification of which component or subcomponent is missing or
being used inappropriately can only be known upon reviewing and understanding the
topology and the best practice for deployment of the device in the network.
Which of the following is the BEST audit procedure to determine if a firewall is configured in
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TutorJosh. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.
