Big Data is often described by the four V's, or Show -Volume, Velocity, Veracity and Variety Volume, Velocity, Veracity and Variety According to estimates considered in the chapter, up to what percentage of a data analyst's time is spent cleaning (or scrubbing) the data to be ready for analysis? 90% The acronym, ETL, in the process of readying data for use in data analysis refers to what three words? -Extrapolate, Transform and Lift Extract, Transform and Load Which term is used to describe the science of examining raw data, removing excess noise from the dataset, and organizing the data with the purpose of drawing conclusions for decision making? Data Analytics The AICPA developed standards called ADS for the formatting of data files and fields typically needed to support an external audit in a given financial business process area. What does the acronym ADS stand for? Audit Data Standards Which type of analytics addresses "Why did it happen"? Diagnostic The A in the AMPS model stands for which of the following? Ask the Question Which type of analytics would be associated with finding the sales amount needed to break even? Prescriptive Which type of analytics would be associated with forecasting future sales amounts for a company? Predictive Which type of analytics would be associated with summarizing what happened in the past? -Descriptive Descriptive Which type of question does prescriptive analysis address? What should we do based on what we expect will happen? Which type of question does descriptive analysis address? What happened? What type of analysis addresses questions of "Why did it happen"? Diagnostic analysis Which of the following is the best description of a data visualization? -Data visualizations require an analytics mindset. Data visualizations are graphical representations that present information to decision makers. Which of the following is not an important consideration when developing and presenting a visualization? -Choosing the right visualization tool. Choosing the right visualization tool. Which of the following is not a common problem with visualizations? -Comparison of performance metrics. Comparison of performance metrics. Which of the following is not a common step in preparing data and developing visualizations? -Get data. Select the visualization tool. To convert raw data to a table in Excel, you select any cell within the data and then do which of the following? -Select Insert > Tables > Table Select Insert > Tables > Table Which of the following is a way to use a table for basic data analytics? -Add a Total Row to the bottom of the table. All of these. Which of the following best describes the purpose of the slicer for pivot tables? -It sorts the pivot table. It filters the output of the pivot table. After creating tables in Excel, which of the following would you do to create table relationships? -Click
Insert > Tables > Recommended Pivot Tables. Click Data > Data Tools > Relationships. To link tables in Excel, you do which of the following? -Pick the table with the foreign key first. You would do all of these. To change formatting (such as changing a general number to currency) for the field dragged to the Σ Values area, you would do which of the following? -Click on the field name and select Value Field Settings from the popup
menu. Click on the field name and select Value Field Settings from the popup menu. After starting Tableau, which of the following is the first step in your data analysis? -Connect to the data. Connect to the data. Once you connect to the data source in Tableau, what is the next step (assuming the data source includes multiple tables)? -Drag the desired tables to the canvas. Drag the desired tables to the canvas. Tableau supports which of the following joins between tables? -Inner join (blue only highlights the overlapping part of the circles). All of these. Which of the following best describes the Show Me tool in Tableau? -Allows easy selection of the relevant visualization options. Allows easy selection of the relevant visualization options. Which of the following best describes the purpose of Data View in Power BI? -Allows editing,
formatting, and calculating new fields. Allows editing, formatting, and calculating new fields. Which of the following best describes a data visualization? -Part of the information value chain A graphical representation that presents information to decision makers Which of the following is not a basic activity for data visualization? -Documenting the business processes that generate data Documenting the business processes that generate data Which of the following is an important consideration in designing a data visualization? -Choosing the right chart All of the choices are correct. Which of the following charts is used to show trend over time? -Symbol maps Line charts Which of the following is not part of common steps in using a data analysis tool? -Get data Deliver the visualization to the decision maker Which of the following best describes the purpose of the Show Me feature in Tableau? -Guides the user through an analysis of data relationships. Helps the user select the best chart to display the selected measures and dimensions. Which of these is not a Power BI view? -Report view Visualization view How many copies of the ledger are in a blockchain network with 4 participating nodes? Four What is the major difference between the proof of authority (PoA) consensus algorithm and proof of work (PoW) consensus algorithm? -For PoA, validator identities are known. For PoA, validator identities are known. What type of blockchain does not restrict participation in the network? public What is the blockchain analogous to? -messaging ledger Mining does not exist in -Bitcoin Hyperledger Which statement is false? -Each block of Bitcoin takes about 10 minutes to be added to the blockchain Hyperledger is developed for the banking industry Which of the following technologies are used in blockchain? -hashing All of these choices are correct. Which of the following is the best description of artificial intelligence? -Sophia the robot developed by Hanson Robotics. Intelligence exhibited by machines rather than humans. Which of the following fields is one of the foundations of the artificial intelligence field? -Philosophy. All of these choices are correct. Which of the following describes the difference between artificial intelligence, machine learning, and deep learning? -Machine learning is a subset of AI. All of these choices are correct. Which of the following best describes machine learning? -Machine learning is a technique by which a software model is trained using data. Machine learning is a technique by which a software model is trained using data. Which of the following is not one of the five basic questions that machine learning applications answer? -What data should I use? What data should I use? If the AI application predicts three classifications, how may rows would be in the confusion matrix to summarize results? Only 1. Exactly 3. Which of the following best describes supervised learning? -The computer discovers patterns in the data. The output is a known set of values to predict from the input. Which of the following is not a metric used to assess the performance of a model? -Precision. Reliability. Which of the following statements is true? -Because blockchain transactions are stored in chronological order, you may trace a block from an earlier transaction block to the most recent block in the blockchain. Smart contract was introduced in Ethereum. In the Ethereum network: -mining of Ether occurs at a constant rate. mining of Ether occurs at a constant rate. Which of the following statement is false? -A distributed ledger contains many copies of the same ledger. Because a distributed ledger exists in a blockchain network, a computer consisting of all transaction records may crash and cause the syncing issue in the blockchain network. Which of the following statements is false? -Private blockchain requires permissions to join the network. Bitcoin uses smart contract to specify the business rules. When we refer to smart contract in blockchain, we mean: -a digital copy of paper contract such as a Word file. a piece of software code that can be executed or triggered by business activities. Which of the following is created mainly for cryptocurrency application? -Ethereum Bitcoin What information does a block in the Bitcoin network not contain? -The
sender None, a block contains all of this information. What is a requirement of the proof of authority algorithm? -A few members have known identities. A few members have known identities. Which of the following best describes the difference between artificial intelligence and machine learning? -Machine learning is a subset of AI. Machine learning is a subset of AI. Which of the following best describes machine learning? -Machine learning is driven by programming instructions. Machine learning is a technique where a software model is trained using data. Based on SOX, which of the following sections is about internal controls? 404 404 T/F: SOX requires companies to use COSO or COSO ERM as the framework in evaluating internal controls False Controls that are designed to prevent, detect, or correct errors in transactions as they are processed through a specific subsystem are referred to as: -general controls. application controls. Which of the following is not a component in the COSO 2013 internal control framework? -Effective operations Effective operations Prenumbering of source documents helps to verify that: -no inventory has been misplaced. all transactions have been recorded because the numerical sequence serves as a control. A field check is a(n) -output control. preventive control. Which is not an example of a batch total? -Hash total Exception total T/F: Backup is a preventive control. False The computer sums the first four digits of a customer number to calculate the value of the fifth digit and then compares that calculation to the number typed during data entry. This is an example of a: check digit verification. check digit verification. Which of the following statements is correct? -Regarding IT control and governance, the COBIT framework is most commonly adopted by companies in the United States. Regarding IT control and governance, the COBIT framework is most commonly adopted by companies in the United States. Based on SOX, which of the following sections is about corporate responsibility for financial reports? -302 302 Based on COSO 2013, which of the following statements is not correct? -Internal control is a process consisting of ongoing tasks and activities. The responsibility of monitoring the effectiveness of internal controls belongs to the internal audit group. Which of the following is not one of the five essential components in the COSO 2013 framework? -Control assessment Control assessment Access control to ensure only authorized personnel have access to a firm's network is a: -input control. general control. The ISO 27000 series are a framework for: -IT governance. information security management. Segregation of duty is a: -corrective control. preventive control. The responsibility of enterprise risk management belongs to? -Internal auditors Management Most input controls are designed to assess one field only, which of the following input controls will need to examine a record to determine the control is effective or not? -Completeness check. Completeness check. Which of the following is a correct statement about COBIT 2019 framework? -It is designed for information and technology governance and management. It is designed for information and technology governance and management. Which of the following is a correct statement about COSO ERM 2017 framework? -It focuses on evaluating effectiveness of internal controls. It enhances alignment among strategy-setting, decision-making, and performance through enterprise risk management. Avoiding, accepting, reducing and sharing are components of _____ in Enterprise Risk Management? -Risk response Risk response Avoiding, accepting, reducing and sharing are four options regarding risk response. T/F: Batch Processing is the aggregation of several business events over a set period of time with eventual processing of the related data (periodic processing). True Typical batch processing is comprised of four characteristic steps, with a delay between each step. The sequence of each step is that a business event occurs, data is recorded in the system, the master files are updated, and a report or other output is generated. T/F: A major reason of internal controls implemented for an information system is to provide perfect assurance that the goals of each business process are achieved. False Internal control for an information system is aimed to provide reasonable assurance that the goals of each process are achieved. Which edit check compares entered data to a predetermined acceptable upper and lower limit? -Range check Range check Range checks test a numerical amount to ensure that it is within a predetermined range. Bill is responsible for custody of the finished goods in the warehouse. If his company wishes to maintain strong internal control, which of the following responsibilities are incompatible with his primary job? -He is responsible for the company's fix asset control
ledger. He is responsible for the accounting records for all the receipts and shipments of goods from the warehouse. Segregation of duties is an important internal control. It requires the segregation of asset custody and record keeping. Since Bill is responsible for the finished goods custody, he should not be also responsible for keeping accounting records of the finished goods at the same time. Which of the following is considered a control environment factor by the COSO definition of internal control? -Control objectives Integrity and ethical values The internal control environment provides the discipline and structure for all other components of enterprise risk management. Internal environment factors include a firm's risk management philosophy and risk appetite, integrity and ethical values, organizational structure, board of directors and the audit committee, human resource policies and practices, assignment of authority and responsibility, commitment to competence, and development of personnel. Which duties should be completed by different people to achieve strong separation of duties? -Journalizing and posting Authorization, custody and recordkeeping Separation of duties requires segregation of authorization, custody and recordkeeping. Which is least likely to be provided by an application control? -Accuracy Reliability Reliability is a general property of the information system taken as a whole whereas application deal with specific processing of subsets of data to support specific business functions. Which of the following is not a component of COSO ERM? -Event
identification External environment and Internal control evaluation Internal environment, objective setting, event Identification, risk assessment, risk response, control activities, information and communication, and monitoring activities are the eight components in the COSO ERM framework. Under COSO ERM framework, which of the following objectives involves parties external to the organization? -Strategic objectives Reporting objectives The ERM framework takes a risk-based, rather than a control-based approach to achieving the firm's objectives in four categories: Strategic, compliance, operation and reporting. The reporting objective is about the reliability of internal and external reporting. Hence, it may involve external parties. The information system of Carlsbad Bottle Inc. is deemed to be 90 percent reliable. A major threat in the procurement process has been discovered, with an exposure of $300,000. Two control procedures are identified to mitigate the threat. Implementation of control A would cost $18,000 and reduce the risk to 4 percent. Implementation of control B would cost $10,000 and reduce the risk to 6 percent. Implementation of both controls would cost $26,000 and reduce the risk to 2.5 percent. Given the information presented, and considering an economic analysis of costs and benefits only, which control procedure(s) should Carlsbad Bottle choose to implement? Control B Expected benefit of an internal control = Impact × Decreased Likelihood Threat: Posting the amount of a sale to a customer account that does not exist Type of Input Control: ___ Authorization (for sales transactions) or the use of a validity check on the customer number Threat: A customer entering too many characters into the five-digit zip code while making an online purchase, causing the server to crash Type of Input Control: ___ Size Check Threat: An intern's pay rate was entered as $150 per hour, not $15 per hour Type of Input Control: ___ Reasonableness Check Threat: Approving a customer order without the customer's address so the order was not shipped on time Type of Input Control: ___ Completeness Check Threat: Entering the contract number of a critical contract as 13688 instead of 16388, which is a serious mistake for the company Type of Input Control: ___ Check digit verification (CISA exam, adapted) Authentication is the process by which the: -system verifies that the user is entitled to enter the transaction requested. system verifies the identity of the user. (CMA exam, adapted) Data processing activities may be classified in terms of three stages or processes: input, processing, and output. An activity that is not normally associated with the input stage is: -recording. reporting (CISA exam, adapted) To ensure confidentiality in an asymmetric-key encryption system, knowledge of which of the following keys is required to decrypt the receive message? I. Private I. Private To authenticate the message sender in an asymmetric-key encryption system, which of the following keys is required to decrypt the received message? -Sender's public key Sender's public key To ensure the data sent over the Internet are protected, which of the following keys is required to encrypt the data (before transmission) using an asymmetric-key encryption method? -Receiver's private key Receiver's public key Which of the following groups/laws was the earliest to encourage auditors to incorporate fraud examination into audit programs? -COBIT SAS No. 99 Incentive to commit fraud usually will include all of the following, except: -alcohol, drug, or gambling addiction. inadequate segregation of duties. (CPA exam, adapted) An information technology director collected the names and locations of key vendors, current hardware configuration, names of team members, and an alternative processing location. What is the director most likely preparing? -System hardware policy Disaster recovery plan A message digest is the result of hashing. Which of the following statements about the hashing process is true? -It is reversible. Hashing is the best approach to make sure that two files are identical. Which one of the following vulnerabilities would create the most serious risk to a firm? -Unauthorized access to the firm's network Unauthorized access to the firm's network Which of the following statements is correct? -Multifactor
authentication is less secure than requiring a user always entering a password to access a network. Fault tolerance uses redundant units to provide a system with the ability to continue functioning when part of the system fails. Which of the following can be considered as a good alternative to back up data and applications? -Disaster recovery planning Cloud computing A digital certificate: -indicates
that the subscriber identified has sole control and access to the private key. indicates that the subscriber identified has sole control and access to the private key. The symmetric-key encryption method: -is
not appropriate for encrypting large data sets. uses the same key for both senders and receivers for encryption and decryption. The fraud triangle indicates which of the following condition(s) exist for a fraud to be perpetrated? -rationalization. rationalization and pressure. To prevent repudiation in conducting e-business, companies must be able to authenticate their trading partners. Which of the following encryption methods can be used for authentication purpose? -Symmetric-key encryption method Asymmetric-key encryption method Regarding GDPR, which of the following statements is/are correct? -It is a regulation enforced by EU. It is a regulation enforced by EU and it is to protect EU citizens' personal data. Which organization created the Reporting on an Entity's Cybersecurity Risk Management Program and Controls: Attestation Guide in 2017? -SEC AICPA Business continuity management is a -preventive control. corrective control. Encryption is a -preventive control. preventive control. What is fault tolerance? -A policy allowing employees to make mistakes Using redundant units to continue functioning when a system is failing
Comparing encryption with hashing, which one of the following is correct? -Hashing process is reversible. Encryption results are called cyphertext. Disaster recovery plan is a -preventive control. corrective control. Select a correct statement describing encryption or hashing process. -Encryption process is reversible. All of the choices are correct. Select a correct statement regarding encryption methods. -Most companies prefer using asymmetric-key encryption method for data transmission. Asymmetric-key encryption method is used to create digital signatures. Encryption Method for: Symmetric-key encryption Encryption Method for: Asymmetric-key encryption Encryption Method for: Asymmetric-key encryption Encryption Method for: Asymmetric-key encryption Encryption Method for: Asymmetric-key encryption Activities required to keep a firm running during a period of displacement or interruption of normal operations Business continuity management A process that identifies significant events that may threaten a firms operations and outline the procedures to ensure that the firm with resume operations if such event occur Disaster recover planning A service model in which a third-party service provider offers computing resources, including hardware and software applications, to cloud users over the internet, and the service provider charges on a per-user basis Cloud computing A clearly defined and documented plan that covers key personnel, resources including IT infrastructure and applications, and actions required to be carried out in order to continue or resume the systems for critical business functions Disaster recovery planning Using redundant units to provide a system with the ability to continue functioning when part of the system fails Fault tolerance A device using battery power to enable a system to operate long enough to back up critical data and shut down properly during the loss of power Uninterruptible power supply Identify and Prioritize Vulnerabilites Vulnerability assessment Design a risk response plan, monitor vulnerabilities, establish policy and requirements Vulnerability management A local area network (LAN) is best described as a(n): -electronic
library containing millions of items of data that can be reviewed, retrieved, and analyzed. computer system that connects computers of all sizes, workstations, terminals, and other devices within a limited proximity. Which of the following network components is set up to serve as a security measure that prevents unauthorized traffic between different segments of the network? -Firewall Firewall Unauthorized alteration of records in a database system would impair which of the following components of the CIA (related to security)? -Authorization Integrity Which of the following is not a task performed by an operating system? -Translate high-level languages to machine-level language -Translate high-level languages to machine-level language Managers at a consumer products company purchased personal computer software from only recognized vendors and prohibited employees from installing nonauthorized software on their personal computers by enforcing a new end-user computing policy. To minimize the likelihood of computer viruses infecting any of its systems, the company should also: -test all new software on a stand-alone personal computer. test all new software on a stand-alone personal computer. Unauthorized alteration of records in a database system can be prevented by employing: -database access controls. database access controls. An organization is planning to replace its wired networks with wireless networks. Which of the following approaches provides the most secure wireless network? -Disable the network interface card (NIC). Implement wi-fi protected access (WPA2). The vice president of human resources has requested an audit to identify payroll overpayments for the previous year. Which would be the best audit technique to use in this situation? -Integrated test
facility Generalized audit software Which of following statements about CAATs is not correct? -The integrated test facility is a programmed module or segment that is inserted into an application program to monitor and collect data based on daily transactions. -The test data technique uses a set of hypothetical transactions to examine the programmed checks and program logic in programs. -Parallel simulation attempts to simulate or reproduce the firm's actual processing results. -The embedded audit module may require the auditor to have a good working knowledge of computer programming and a solid understanding of IT risks that may exist in a system. The integrated test facility is a programmed module or segment that is inserted into an application program to monitor and collect data based on daily transactions. Which of the following audit techniques should an IS auditor use to detect duplicate invoice records within an invoice master file? -Embedded audit module Generalized audit software A group of computers, printers, and other devices connected to the same network and covering a limited geographic range is called a: -VPN. LAN. The most common security threats for wireless LANs include: -man-in-the-middle. man-in-the-middle. The test data technique uses: -a computer
program to reprocess the firm's actual data for a past period to generate simulated results. a set of input data to validate system integrity. Which of the following is not one of the main purposes for a WAN? -Provide remote access to employees and/or customers Securely connect a network to distant offices in a building by sending encrypted packets An operational database: -covers the data of current and previous fiscal years. contains data that are volatile. What is the main purpose of using VPN today? -Secure the data transmission between e-business trading partners. Maintain a secured data transmission or communication for remote access. Select the correct statement(s) regarding network devices. -Firewalls are used to screen and secure data transmitted among internal networks. Routers use IP addresses for data transmission over the Internet and hubs are used for transmitting packets over internal networks. Select a correct statement regarding routers. -Routers are used for data transmission over internal networks. None of these choices are correct. Select a correct statement regarding database systems. -Data mining are often used to analyze data in the data warehouse. Data mining are often used to analyze data in the data warehouse. Which of the following is not a generalized audit software (GAS)? -ACL SAP This computer network covers a broad area (e.g., includes any network whose communications link cross metropolitan, regional, or national boundaries over a long distance) WAN The internet is a good example of this type of network WAN This type of network often uses Layer 2 devices like switches and Layer 1 devices like hubs LAN The purpose of this type of network is mainly for remote access VPN This type of network comprises of two fundamental architectural components: stations and access points Wireless LAN This type of network has a large geographical range generally spreading across boundaries and ofter needs leased telecommunication lines WAN Which of the following is not an approach used for online analytical processing (OLAP). -Exception reports Data mining The purpose of a company's firewall is to: -Guard against spoofing. All the answers are correct. Which of the statements regarding a data warehouse is incorrect? -It is a centralized collection of firm-wide data Includes data for the current fiscal year only Which of the following statements about switches is correct? -A hub is smarter than Switch. Switches provide more security protections than hubs do for a company's internal network. Which of the following describes a group of computers that connects the internal users of a company distributed over an office building? -Internet LAN Which of the following is not a management control for wireless networks? -Assigning roles and responsibilities of employees for access control Conducting appropriate awareness training on wireless networks What is the man-in-the-middle threat for wireless LANs? -The attacker impersonates an authorized user and gains certain unauthorized privileges to the wireless network The attacker actively intercepts communications between wireless clients and access points to obtain authentication credentials and data. Which of the following statements regarding the black-box approach for systems auditing is correct? -The auditors need to gain detailed knowledge of the systems' internal logic. The auditors first calculate expected results from the transactions entered into the system. Then, the auditors compare these calculations to the processing or output results. What is data mining? -A particular attribute of information. The process of analyzing data to extract information that is not affected by the raw data alone. What is the test data technique? -It uses a set of input data to validate system integrity. "It uses a set of input data to validate system integrity" and "It requires auditors to prepare both valid and invalid data to examine critical logics and controls of the system" are correct. Within a WAN, a router would perform the following functions except? -Provide the communication within the network Amplify and rebroadcast signals within a network Which of the following strategies will a CPA most likely consider in auditing an entity that processes most of its financial data only in electronic form, such as a paperless system? -Continuous monitoring and
analysis of transaction processing with an embedded audit module. Continuous monitoring and analysis of transaction processing with an embedded audit module. Which of the following is the primary reason that many auditors hesitate to use embedded audit modules? -Embedded audit modules cannot be protected from computer viruses. Auditors are required to be involved in the system design of the application to be monitored. The results of a generalized audit software simulation of the aging of accounts receivable revealed substantial differences in the aging contribution, even though grand totals reconciled. Which of the following should the IS auditor do first to resolve the discrepancy? -Recreate the test, using
different software. List a sample of actual data to verify the accuracy of the test program. Common IT techniques that are needed to implement continuous auditing include: -Data warehouse and data mining. All the answers are correct. Which statements are incorrect about virtual private network (VPN)? -It is a way to use the public telecommunication infrastructure in providing secure access to an organization's
network. The expensive cost is one major disadvantage of VPN. Which of the following is least likely to be considered a component of a computer network? -Application
programs. Application programs. Which of the following statements regarding the purposes of an operating system is correct? -To ensure the integrity of a system
All the answers are correct. Which of the following is not a benefit of using wireless technology? -Mobility Security The masquerading threat for wireless LANs is: -The attacker actively intercepts communications between wireless clients and access points to obtain authentication
credentials and data. The attacker impersonates an authorized user and gains certain unauthorized privileges to the wireless network. Which of the following statements is not correct? -The IP address of a desktop computer often changes. The MAC address of a desktop computer often changes. Which of the following is not a use of CAATs in auditing? -Test of details of transactions and balances Produce terms and conditions of employment Which of the following statements is wrong regarding continuous audit? -Continuous audit is used to perform audit-related activities on a continuous basis. Continuous audit is frequently used to perform substantive tests and is used for testing of controls through transactional-data analysis. Which of the following statements about firewalls is wrong? -A firewall is a security system comprised of hardware and software that is built using routers, servers, and a variety of software A firewall connects different LANs, software-based intelligent devices, and examines IP addresses One control objective for an operating system is that it must be protected from itself. Which of the following statements best explains this concept? -The operating system should be
able to gracefully terminate activities, and later recover to its previous state. No operating system module should be allowed to corrupt or destroy another operating system module. IT governance over operating systems includes establishing proper policies and procedures. These policies and procedures over operating systems should cover all of the following except: -Which computing hardware to use. Which computing hardware to use. Accounting professionals should understand database systems for all of the following reasons except: -Accountants have a strong understanding of risks, controls and business processes. Accountants typically manage organizations' operational databases. Which of the following best describes a data warehouse? -Users typically post operational transactions directly to the data warehouse. A data warehouse contains nonvolatile data. Which of the following tools is typically used in data mining? -COBIT. OLAP. Which of the following uses best describes the use of a VPN? -Connect computers, printers, and file servers in an office building. Allow employees traveling for business to connect to home office computing resources. Which of the following is not one of the benefits of using a wireless network? -Flexibility and scalability. Greater security. Which of the following is not one of the categories of security controls for wireless networks? -Operational controls. Application controls. Which of the following is not one of the reasons auditors should consider the use of CAATs? -ISACA standards require IS auditors to obtain sufficient, reliable, and relevant evidence, and should perform appropriate analysis of this evidence. GAAP stipulates that audits should be performed using tools and techniques appropriate to the evidence being reviewed. CAATs are commonly used in all of the following situations except: -Transaction testing. Encryption testing. Which of the following is not considered one of the primary CAAT approaches? -The black-box approach. Encryption testing Which of the following approaches and/or tools are not typically used as part of a CAAT approach to auditing? -Integrated testing facility
(ITF). Audit calculation engine (ACE). Which of the following is not considered an advantage of using a continuous auditing approach? -Transactions can be tested and analyzed closer in time to when they actually occur. It can be costly and time consuming to set up continuous auditing processes. Which of the following best describes continuous auditing? -Audit-related activities are performed throughout the period under review. Audit-related activities are performed throughout the period under review. ACL and IDEA are two prominent examples of which of the following? -ITF. GAS. Which of the following is a key difference between bitcoin and ethereum?Bitcoin is primarily designed to be an alternative to traditional currencies and hence a medium of exchange and store of value. Ethereum is a programmable blockchain that finds application in numerous areas, including DeFi, smart contracts, and NFTs.
How often is a block added to ethereum quizlet?Blocks are added to the chain in rather regular intervals - for Ethereum this is roughly every 17 seconds.
Which of the following is a key advantage of using blockchain to record transactions?Greater transparency
Because blockchain uses a distributed ledger, transactions and data are recorded identically in multiple locations. All network participants with permissioned access see the same information at the same time, providing full transparency.
Which of the following is the function of blockchain technology?The goal of blockchain is to allow digital information to be recorded and distributed, but not edited.
|