CIA-III : IIA Certified Internal Auditor Part 3 (Business Knowledge for Internal Auditing CIA Part 3) Exam

CIA-III Dumps
CIA-III Braindumps
CIA-III Real Questions
CIA-III Practice Test
CIA-III Actual Questions


Financial
CIA-III
The Certified Internal Auditor Part 3
https://killexams.com/pass4sure/exam-detail/CIA-III
QUESTION: 307
Which of the following is an important senior management responsibility with regard to
information systems security?
A. Assessing exposures.
B. Assigning access privileges.
C. Identifying ownership of data.
D. Training employees in security matters.
Answer: A
Senior management is responsible for risk assessment, including identification of risks and
consideration of their significance, the likelihood of their occurrence, and how they should
be managed. Senior management is also responsible for establishing organizational
policies regarding computer security and implementing a compliance structure. Thus,
senior management should assess the risks to the integrity, confidentiality, and
availability of information systems data and resources.
QUESTION: 308
Management's enthusiasm for computer security seems to vary with changes in the
environment, particularly the occurrence of other computer disasters. Which of the
following concepts should be addressed when making a comprehensive recommendation
regarding the costs and benefits of computer security?
Potential loss if security is not implemented
Probability of occurrences
Cost and effectiveness of the implementation and operation of computer security
A. I only.
B. I and II only.
C. III only.
B. I, Il, and Ill.
Answer: D
Potential loss is the amount of dollar damages associated with a security problem or loss
of assets. Potential loss times the probability of occurrence is an estimate expected value)
of the exposure associated with lack of security. It represents a potential benefit associated
with the implementation of security measures. To perform a cost-benefit analysis, the
costs should be considered. Thus, all three items need to be addressed.
QUESTION: 309
Of the following, the greatest advantage of a database server) architecture is
A. Data redundancy can be reduced.
B. Conversion to a database system is inexpensive and can be accomplished quickly.
C. Multiple occurrences of data items are useful for consistency checking.
D. Backup and recovery procedures are minimized.
Answer: A
Data organized in files and used by the organization's various applications programs are
collectively known as a database. In a database system, storage structures are
created that render the applications programs independent of the physical or logical
arrangement of the data. Each data item has a standard definition, name, and format, and
related items are linked by a system of pointers. The programs therefore need only to
specify data items by name, not by location. A database management system handles
retrieval and storage. Because separate files for different applications programs are
unnecessary, data redundancy can be substantially reduced.
QUESTION: 310
In an inventory system on a database management system DBMS), one stored record
contains part number, part name, part color, and part weight. These individual items are
called
A. Fields.
B. Stored files.
C. Bytes.
D. Occurrences.
Answer: A
A record is a collection of related data items fields). A field data item) is a group of
characters representing one unit of information.
QUESTION: 311
An inventory clerk, using a computer terminal, views the following on screen part
number, part description, quantity on hand, quantity on order, order quantity, and reorder
point for a particular inventory item. Collectively, these data make up a
A. Field.
B. File.
C. Database.
D. Record.
Answer: D
A record is a collection of related data items fields). A field data item) is a group of
characters representing one unit of information. The part number, part description, etc.,
are represented by fields.
QUESTION: 312
Which of the following is the elementary unit of data storage used to represent individual
attributes of an entity?
A. Database.
B. Data field.
C. File.
D. Record.
Answer: B
A data item or field) is a group of characters. It is used to represent individual attributes of
an entity, such as an employee's address. A field is an item in a record.
QUESTION: 313
A file-oriented approach to data storage requires a primary record key for each file. Which
of the following is a primary record key?
A. The vendor number in an accounts payable master file.
B. The vendor number in a closed purchase order transaction file.
C. The vendor number in an open purchase order master file_
D. All of the answers are correct.
Answer: A
The primary record key uniquely identifies each record in a file. Because there is only one
record for each vendor in an accounts payable master file. the vendor number would be the
appropriate key.
QUESTION: 314
A business is designing its storage for accounts receivable information. What data file
concepts should be used to provide the ability to answer customer inquiries as they are
received?
A. Sequential storage and chains.
B. Sequential storage and indexes.
C. Record keys, indexes, and pointers.
D. Inverted file structure indexes, and internal labels.
Answer: C
A record key is an attribute that uniquely identifies or distinguishes each record from the
others. An index is a table listing storage locations for attributes, often including those
other than the unique record key attribute. A pointer is a data item that indicates the
physical address of the next logically related record.
QUESTION: 315
Auditors making database queries often need to combine several tables to get the
information they want. One approach to combining tables is known as
A. Extraction.
B. Joining.
C. Sorting.
D. Summarization.
Answer: B
In data management terminology, joining is the combining of data files based on a
common data element. For example, if rows in a table containing information about
specified parts have been selected, the result can be joined with a table that contains
information about suppliers. The join operation may combine the two tables using the
supplier number assuming both tables contained this element) to provide information
about the suppliers of particular parts.
QUESTION: 316
Users making database queries often need to combine several tables to get the information
they want. One approach to combining tables is
A. Joining.
B. Merging.
C. Projecting.
D. Pointing.
Answer: A
Joining is the combining of two or more relational tables based on a common data
element. For example, if a supplier table contains information about suppliers and a parts
table contains information about parts, the two tables can be joined using the supplier
number assuming both tables contain this attribute) to give information about the supplier
of particular parts.
QUESTION: 317
All of the following are methods for distributing a relational database across multiple
servers except
A. Snapshot making a copy of the database for distribution).
B. Replication creating and maintaining replica copies at multiple locations)_
C. Normalization separating the database into logical tables for easier user processing).
D. Fragmentation separating the database into parts and distributing where they are
needed).
Answer: C
A distributed database is stored in two or more physical sites. The two basic methods of
distributing a database are partitioning and replication_ However. normalization is a
process of database design, not distribution. Normalization is the term for determining
how groups of data items in a relational structure are arranged in records in a database.
This process relies on "normal forms," that is. conceptual definitions of data records and
specified design rules_ Normalization is intended to prevent inconsistent updating of data
items. It is a process of breaking down a complex data structure by creating smaller,
more efficient relations, thereby minimizing or eliminating the repeating groups in each
relation.
QUESTION: 318
In a database system, locking of data helps preserve data integrity by permitting
transactions to have control of all the data needed to complete the transactions. However,
implementing a locking procedure could lead to
A. Inconsistent processing.
B. Rollback failures.
C. Unrecoverable transactions.
D. Deadly embraces retrieval contention).
Answer: D
In a distributed processing system, the data and resources a transaction may update or use
should be held in their current status until the transaction is complete. A deadly embrace
occurs when two transactions need the same resource at the same time. If the system does
not have a method to cope with the problem efficiently, response time worsens or the
system eventually fails. The system should have an algorithm for undoing the effects of
one transaction and releasing the resources it controls so that the other transaction can run
to completion.
QUESTION: 319
One advantage of a database management system DBMS) is
A. That each organizational unit takes responsibility and control for its own data.
B. The cost of the data processing department decreases as users are now responsible for
establishing their own data handling techniques.
C A decreased vulnerability as the database management system has numerous security
controls to prevent disasters.
D The independence of the data from the application programs. which allows the
programs to be developed for the user's specific needs without concern for data capture
problems.
Answer: D
A fundamental characteristic of databases is that applications are independent of the
database structure; when writing programs or designing applications to use the database.
only the name of the desired item is necessary. Programs can be developed for the user's
specific needs without concern for data capture problems. Reference can be made to the
items using the data manipulation language, after which the DBMS takes care of locating
and retrieving the desired items. The physical or logical structure of the database can be
completely altered without having to change any of the programs using the data items,
only the schema requires alteration.
QUESTION: 320
Which of the following is a false statement about a database management system
application environment?
A. Data are used concurrently by multiple users.
B. Data are shared by passing files between programs or systems.
C. The physical structure of the data is independent of user needs.
D. Data definition is independent of any one program.
Answer: B
In this kind of system, applications use the same database There is no need to pass files
between applications.
QUESTION: 321
Which of the following should not be the responsibility of a database administrator?
A. Design the content and organization of the database.
B. Develop applications to access the database.
C. Protect the database and its software.
D. Monitor and improve the efficiency of the database.
Answer: B
The database administrator DBA) is the person who has overall responsibility for
developing and maintaining the database. One primary responsibility is for
designing the content of the database. Another responsibility of the DBA is to protect
and control the database. A third responsibility is to monitor and improve the efficiency of
the database. The responsibility of developing applications to access the database belongs
to systems analysts and programmers.
QUESTION: 322
The responsibilities of a data administrator DA) include monitoring
A. The database industry.
B. The performance of the database.
C. Database security.
D. Backup of the system.
Answer: A
The DA handles administrative issues that arise regarding the database. The DA acts as an
advocate by suggesting new applications and standards. One of the DA's responsibilities is
to monitor the database industry for new developments. In contrast, the database
administrator DBA) deals with the technical aspects of the database
QUESTION: 323
To trace data through several applies qti on programs, an auditor needs to know what
programs use the data, which files contain the data, and which print-td reports display the
data. If data exist only in a database system, the auditor could probably find all of this
information in a
A. Data dictionary.
B. Database schema.
C. Data encryptor.
D. Decision table.
Answer: A
The data dictionary is a file possibly manual but usually computerized) in which the
records relate to specified data items. It contains definitions of data items, the list of
programs used to process them, and the reports in which data are found. Only certain
persons or entities are permitted to retrieve data or to modify data items. Accordingly.
these access limitations are also found in the data dictionary.
QUESTION: 324
Image processing systems have the potential to reduce the volume of paper
circulated throughout an organization. To reduce the likelihood of users relying on the
wrong images, management should ensure that appropriate controls exist to maintain the
A. Legibility of image data.
B. Accessibility of image data.
C. Integrity of index data.
D. Initial sequence of index data.
Answer: C
Data integrity is a protectibility objective. If index data for image processing systems are
corrupted, users will likely be relying on the wrong images.
QUESTION: 325
What language interface would a database administrator use to establish the structure of
database tables?
A. Data definition language.
B. Data control language.
C. Data manipulation language.
D. Data query language.
Answer: A
The schema is a description of the overall logical structure of the database using data-
definition language DDL), which is the connection between the logical and physical
structure of the database. DDL is used to define, or determine, the database.
QUESTION: 326
Query facilities for a database system would most likely include all of the following
except
A. Graphical output capability.
B. Data dictionary access.
C. A data validity checker.
D. A query-by-example interface.
Answer: C
The least likely feature of a query tool would be a data validity checker because the
database system has already enforced any validity constraints at the time the data were
inserted in the database. Any further data validity checking would be a function of a user
application program rather than a query.
QUESTION: 327
Which of the following would be the most appropriate starting point for a compliance
evaluation of software licensing requirements for an organization with more than 15,000
computer workstations?
A. Determine if software installation is controlled centrally or distributed throughout the
organization.
B. Determine what software packages have been installed on the organization' s
computers and the number of each package installed.
C. Determine how many copies of each software package have been purchased by the
organization.
D. Determine what mechanisms have been installed for monitoring software usage.
Answer: A
The logical starting point is to determine the point(s) of control. Evidence of license
compliance can then be assessed. For example, to shorten the installation time for revised
software in a network, an organization may implement electronic software distribution
ESD), which is the computer-to-- computer installation of software on workstations.
Instead of weeks, software distribution can be accomplished in hours or days and can be
controlled centrally. Another advantage of ESD is that it permits tracking or metering of
PC program licenses.
QUESTION: 328
Use of unlicensed software in an organization
I. Increases the risk of introducing viruses into the organization
II. Is not a serious exposure if only low-cost software is involved
III. Can be detected by software checking routines that run from a network server
A. I only.
B. I and II only.
C. I, II, and Ill.
D. I and Ill only.
Answer: D
Antivirus measures should include strict adherence to software acquisition policies.
Unlicensed software is less likely to have come from reputable vendors and to have been
carefully tested.Special software is available to test software in use to determine whether it
has been authorized.
QUESTION: 329
The Internet consists of a series of networks that include
A. Gateways to allow personal computers to connect to mainframe computers.
B. Bridges to direct messages through the optimum data path_
C. Repeaters to physically connect separate local area networks LANs).
D. Routers to strengthen data signals between distant computers.
Answer: A
The Internet facilitates information transfer between computers. Gateways are hardware or
software products that allow translation between two different protocol families. For
example, a gateway can be used to exchange messages between different email systems.
QUESTION: 330
Which of the following is true concerning HTML?
A. The acronym stands for HyperText Material Listing.
B. The language is among the most difficult to learn
C. The language is independent of hardware and software.
D. HTML is the only language that can be used for Internet documents.
Answer: C
HTML is the most popular language for authoring Web pages. It is hardware and software
independent, which means that it can be read by several different applications and on
many different kinds of computer operating systems. HTML uses tags to mark information
for proper display on Web pages.
QUESTION: 331
Which of the following is a false statement about XBRL?
A. XBRL is freely licensed.
B. XBRL facilitates the automatic exchange of information
C. XBRL is used primarily in the U.S.
D. XBRL is designed to work with a variety of software applications.
Answer: C
XBRL stands for eXtensible Business Reporting Language. It is being developed for
business and accounting applications. It is an XML-based application used to create,
exchange, and analyze financial reporting information and is being developed for
worldwide use.

User: Tatiana***** Passing the cia-iii exam was very difficult for me, but Killexams.com helped me gain confidence by using their cia-iii practice tests for preparation. The cia-iii exam simulator was also very beneficial in helping me pass the exam and get promoted in my organization.

User: Harry***** I recently passed the iia certified internal auditor part 3 (business knowledge for internal auditing cia part 3) exam with 88% marks, thanks to Killexams.com Questions and Answers and Exam Simulator. The exam was difficult, but this unit made it much easier for me. Their exam simulator was especially helpful, and I appreciated the format of their questions and answer tests, as it allowed me to learn effectively.

User: Yaryna***** I had tried the cia-iii exam previously but failed, as I found the subjects difficult. However, everything changed when I found the questions and answer test guide by killexams.com. It is the best guide I have ever purchased for my exam preparation. The way it dealt with the cia-iii material was notable, and even a slow learner like me could manage it. I passed with 89% marks and felt above the world. Thanks, Killexams!

User: Ishaan***** Before my cia-iii exam, I used to jog every morning to feel energized. However, on the day before my exam, I was too nervous to go out. I was afraid that I would waste time and fail the test. Then I found Killexams.com, which provided me with a pool of tutorial information that helped me achieve top marks in the cia-iii exam.

User: Tiane***** I have been using Killexams.com for all my exams for some time now. Last week, I passed the cia-iii exam with a fantastic score using their question and answer resources. Although I had some doubts on certain topics, the material addressed all my doubts. I was able to determine the answers for all my doubts and issues easily. Thanks for providing me with strong and dependable material. The high-quality product is recognized by me.

---