Question

1. Which of the following statements regarding the black-box approach for systems auditing is correct?

Multiple Choice

• The auditors need to gain detailed knowledge of the systems' internal logic.

• The black-box approach could be adequate when automated systems applications are complicated.

• The auditors first calculate expected results from the transactions entered into the system. Then, the auditors compare these calculations to the processing or output results.

• All of these answers are correct.

2.Which statements are incorrect about virtual private network (VPN)?

Multiple Choice

• It is a way to use the public telecommunication infrastructure in providing secure access to an organization’s network.

• It enables the employees to work remotely by accessing their firm’s network securely using the Internet

• The packets sent through VPN are encrypted and with authentication technology.

• The expensive cost is one major disadvantage of VPN.

3.Which of the following statements is not correct?

Multiple Choice

• The IP address of a desktop computer often changes.

• The MAC address of a desktop computer often changes.

• The IP address of a Web server does not change.

• Each hardware device must have a MAC address.

Answer 1

1. The Auditors first calculate expected results from the transactions entered into the system. Then, the auditors compare these calculations to the processing or output results.

The Black Box approach of system auditing is based entirely on the input and outputs. The auditor is not required to understand the entire process of the system to perform this kind of audit.

2. The expensive cost is one major disadvantage of VPN - this is the incorrect fact about VPN connections since there are multiple inexpensive options that corporations or individuals can opt for.

3. The IP address of a desktop computer often changes - incorrect fact among the options.