1. A benefit of quality of service (QoS) is that the:
A. entire networks availability and performance will be significantly improved.
B. telecom carrier will provide the company with accurate service level compliance reports.
C. participating applications will have guaranteed service levels.
D. communications link will be supported by security controls to perform secure online transactions.

Answer: C
Explanation:
The main function of QoS is to optimize network performance by assigning priority to business applications and end users through the allocation of dedicated parts of the bandwidth to specific traffic. Choice A is not true because the communication itself will not be improved, while the speed of data exchange for specific applications could be faster. Availability will not be improved. The QoS tools that many carriers are using do not provide reports of service levels; however, there are other tools that will generate service level reports. Even when QoS is integrated with firewalls, VPNs, encryption tools and others, the tool itself is not intended to provide security controls.

2. To determine which users can gain access to the privileged supervisory state, which of the following should an IS auditor review?
A. System access log files
B. Enabled access control software parameters
C. Logs of access control violations
D. System configuration files for control options used

Answer: D
Explanation:
Review of system configuration files for control options used would show which users have access to the privileged supervisory state. Both systems access log files and logs of access violations are detective in nature. Access control software is run under the operating system.

1. In a LAN environment, which of the following minimizes the risk of data corruption during transmission?
A. Using end-to-end encryption for data communication
B. Using separate conduits for electrical and data cables
C. Using check sums for checking the corruption of data
D. Connecting the terminals using a star topology

Answer: B
Using separate conduits for data cables and electrical cables, minimizes the risk of data corruption due to an induced magnetic field created by electrical current. Data encryption minimizes the risk of data leakage in case of wire tapping; however, it cannot prevent corruption. A check sum will help detect the data corruption during communication, but will not prevent it. Using a star topology will increase the speed of communication, but will not detect the corruption.

2. Which of the following is a control over component communication failure/errors?