【多选题】
审计人员在实施审计项目过程中,有下列情形之一的,可以不予追究质量过错责任。___
A. 有充分证据表明审计人员已尽职责,但因受规定职责、权限和审计手段、技术所限,造成审计结果出现偏差的;
B. 及时发现并纠正质量过错,未造成严重后果的;
C. 因被审计对象对其提供的会计及相关资料的真实性、完整性做出虚假承诺,造成质量过错的;
D. 其他尽职免责的情况。
查看试卷,进入试卷练习
微信扫一扫,开始刷题
相关试题
【多选题】
审计档案卷内按照___进行排列,每一部分材料使用隔页纸隔开。
A. 结论类材料
B. 立项类文件材料
C. 证明类文件材料
D. 备查类文件材料
【多选题】
审计抽样原则有哪些?___
A. 重要性原则
B. 代表性原则
C. 风险导向原则
D. 经验原则
【多选题】
审计抽样方法有哪些?___
A. 随机抽查法
B. 经验判断法
C. 金额占比法
D. 笔数占比法
【多选题】
审计抽样内容有哪些?___
A. 机构抽样
B. 业务抽样
C. 人员岗位抽样
D. 随机抽样
【多选题】
审查书面资料的方法有哪些?___
A. 核对法
B. 审阅法
C. 复算法
D. 比较法
E. 分析法
F. 逆查法
【多选题】
审计中证实客观事物的方法有哪些?___
A. 盘点法
B. 调节法
C. 鉴定法
D. 抽查法
【多选题】
审计调查方法有哪些?___
A. 外核法
B. 查询法
C. 函证法
D. 比较法
【多选题】
对照整改完成标准,具体问题整改结果分为___几种情形。
【多选题】
___"
A. 经营管理活动中存在的异常事项;
B. 有关部门提供的线索和群众举报;
C. 公众、媒体的反映和报道;
【多选题】
河南省农村信用社内部审计操作规程适用于___
A. 省联社审计部
B. 省联社区域审计室
C. 各市县内部审计部门
D. 全省农信社系统审计从业人员
【多选题】
审计计划的编制应遵循___的基本原则。
A. 审计价值最大化
B. 项目管理一体化
C. 质量控制流程化
D. 审计效果最佳化
【多选题】
项目管理一体化的五个统一是指:___
A. 审计计划统一管理
B. 审计项目统一运作
C. 审计资源统一配置
D. 审计流程统一规范
E. 审计结果统一报告和
F. 审计整改统一标准
【多选题】
省联社审计部编制年度审计计划要根据___确定行业审计重点及按照监管评级结果明确对法人行社的审计频率,明确审计室(区域审计中心)的审计项目。
A. 改革任务
B. 年度风险评估状况
C. 年度重点工作
D. 监管要求
E. 领导要求
【多选题】
年度行业审计计划的内容主要包括___
A. 审计项目名称
B. 审计目标
C. 审计范围
D. 审计重点
E. 审计项目实施时间
F. 审计资源配置
【多选题】
审计部门编制年度行业审计计划应为风险防控导向,把握轻重缓急,对___优先安排。
A. 重点领域、
B. 重点机构、
C. 重大事项
D. 紧急事项
【多选题】
年度行业审计计划执行过程中,遇到下列情形可按照原审批程序对年度行业审计计划进行适当调整___
A. 主要领导临时交办的审计项目
B. 监管部门临时安排或者授权审计的项目
C. 突发重大事件需要进行审计的,尤其是发现带有苗头性的重大风险隐患
D. 审计目标、审计范围等发生重大变化需要调整的
E. 需要调整的其他情形
【多选题】
审计项目主要程序的五个阶段___。
A. 审计准备
B. 审计实施
C. 重大问题督办
D. 结束现场审计
E. 审计报告
【多选题】
审计立项主要包括___等环节。
A. 明确审计立项依据
B. 编制审计立项需求
C. 填制现场审计立项表
D. 履行审计立项审批
【多选题】
审计工作底稿记录的审计过程和结论主要包括___
A. 实施审计的主要程序
B. 取得审计证据的名称和来源
C. 审计认定的事实摘要
D. 得出的审计结论及其相关标准
【多选题】
编制审计报告的基本原则为___
A. 坚持原则,实事求是;内容完整,重点突出;
B. 事实清楚,数据真实;层次清晰,结构合理;
C. 证据充分,定性准确;文字简练,表述准确。
【多选题】
问题整改的依据为各级部门下发的___。
A. 审计报告
B. 审计意见书
C. 整改通知书
D. 整改意见书
【多选题】
整改工作应遵循以下原则___
A. 有错必纠原则
B. 责任落实原则
C. 标本兼治原则
D. 及时性、真实性、有效性原则
E. 持续改进原则
【多选题】
整改工作督办部门职责___
A. 督办被审计单位的整改工作;
B. 统计、分析整改工作情况并向本单位领导报告;
C. 评价考核被审计单位整改工作;
D. 对外部审计部门查出的问题,就整改工作牵头与相关部门进行沟通、协调,督促被审计单位落实问题整改等。
【多选题】
审计质量控制主要包括___
A. 质量控制目标
B. 质量监督
C. 考核评价
D. 责任追究
【多选题】
行业审计部门应当针对___要素建立审计质量控制制度。
A. 审计质量责任
B. 审计职业道德
C. 审计业务执行
D. 审计质量监督
【多选题】
行业审计部门建立的审计质量控制制度,要保证实现下列目标___
A. 符合法律法规和规章制度
B. 作出的审计结论准确、恰当
C. 依法依规整改到位
D. 其他
【多选题】
审计责任分为___责任。
A. 直接责任
B. 主要责任
C. 管理责任
D. 审核责任
E. 领导责任
【多选题】
审计人员在实施审计项目过程中,有哪些情形的___,可以不予追究质量过错责任:
A. 有充分证据表明审计人员已尽职履责,但因受规定职责、权限和审计手段、技术所限,造成审计结果出现偏差的。
B. 及时发现并纠正质量过错,未造成严重后果的。
C. 因被审计对象对其提供的会计及相关资料的真实性、完整性作出虚假承诺,造成质量过错的。
D. 其他尽职免责的情况。
【多选题】
整改完成标准为___
A. 行为纠正到位
B. 风险控制到位
C. 责任追究到位
D. 人员处理到位
【多选题】
《河南省农村信用社内部审计操作规程》的依据有哪些?___
A. 《中国银监会关于加强农村信用社省级联社行业审计工作指导意见》
B. 《中华人民共和国审计法》
C. 《中国注册会计师执业准则》
D. 《商业银行内部审计指引》
E. 《河南省农村信用社联合社关于进一步加强行业审计体系建设的意见》
【多选题】
被审计单位的职责都有哪些?___
A. 遵守相关金融法律法规及省联社规章制度
B. 建立并实施内部控制
C. 履行法定职责
D. 按照有关会计准则和会计制度编报财务会计报告
E. 保持资料的真实性、完整性和合法合规性
【多选题】
审计的类型包括下面哪些?___
A. 全面审计
B. 专项审计
C. 定期审计
D. 不定期审计
E. 突击审计
F. 配合行业外其他部门审计
【多选题】
年度行业审计计划的执行情况应定期向___报告?
A. 审计委员会
B. 党委书记
C. 省联社总审计师
D. 业务部经理
【多选题】
审计组组长审核审计工作底稿,应当根据不同情况分别提出下列哪些意见?___
A. 纠正或者责成纠正不恰当的审计结论
B. 直接修改底稿
C. 予以认可
D. 责成采取进一步审计措施,获取适当、充分的审计证据
【多选题】
___"
A. 扩大检查范围,使其能够覆盖重大违法违规行为可能涉及的领域
B. 向省联社审计委员会主任报告
C. 增派具有相关经验和能力的人员
D. 获取必要的外部证据
E. 其他必要的应对措施
【多选题】
审计组根据不同的审计目标,以审计认定的事实为基础,在防范审计风险的情况下,按照重要性原则,从___、(A)、(A)方面提出审计评价意见。下面哪一项是错误的?
A. 安全性
B. 合法性
C. 真实性
D. 效益性
【多选题】
行业审计的目标是推动有关经济金融法律法规和监管规则的有效落实,强化对全省农信社___进行持续监督,促进全系统法人行社建立并持续完善有效的风险管理、内控合规和公司治理架构,实现农信社(农商银行)的战略发展目标。
A. 经营管理
B. 内部控制
C. 风险状况
D. 人员配置
E. 薪酬分配
【多选题】
审计计划的编制应遵循“___”的基本原则。
A. 人员配置合理化
B. 审计价值最大化
C. 项目管理一体化
D. 质量控制流程化
E. 工作方式灵活化
【多选题】
审计部门编制年度审计计划应充分做好调研和征求意见工作,综合考虑以下因素:___
A. 年度主要工作目标、工作重点
B. 辖内法人机构风险评估、内部控制情况
C. 人民银行、国家审计部门、监管部门要求
D. 理事会、高级管理层的经营管理需要
E. 审计室(区域审计中心)制订的审计计划
F. 上年度审计情况和后续审计的必要安排
推荐试题
【单选题】
Which protocol offers data Integrity encryption, authentication, and anti-replay functions for IPSec VPN?___
A. ESP protocol
B. IKEv3 Protocol
C. AH protoco
D. IKEv1 Protocol
【单选题】
Which component offers a variety of security Solution, including firwall, IF Antivirus and antiphishing features?___
A. Cisco loS router
B. Cisco ASA 5500 Ser ies security appliance
C. Cisco ASA 5500 X series Next Gen Security appliance
D. Cisco 4200 series IPS appliance
【单选题】
Refer to the exhibit, A Network Secur ity administrator check the ASa firewall NAT policy table rith show nat command, which statement is fails?___
A. There are only reverse translation matches for the REAL SERvER object
B. First policy in the Section 1 is a dynamic nat entry defined in the object configuration
C. NAT policy in section 2 is static entry de fined in the object configuration
D. Translation in Section 3 used when a connection does not matches any entries in first two sections
【单选题】
What is true of an aSa in transparent mode ?___
A. It supports OSPF
B. It requires an IP address for each interface
C. It requires a management IP address
D. It allows the use of dynamic NaT
【单选题】
What is the effect of the ip scp server enable command?___
A. It references an access list that allows specific SCP servers
B. It allows the router to initiate requests to an SCP server
C. It allows the router to become an SCP server
D. It adds SCP to the list of allowed copy functions
【单选题】
How can you mitigate attacks in which the attacker attaches more than one vLan tag to a packet?___
A. Assign an access VLAN to every active port on the switch
B. Disable Ether Channel on the switch
C. Explicitly identity each VLAN allowed across the trunk
D.
E. nable transparent VTP on the switch
【单选题】
Which technology can you implement to centrally mitigate potential threats when users on your network download files that might be malicious?___
A. Enable file-reputation services to inspect all files that traverse the company network and block files with low reputation scores
B. Verify that the compa ny IpS blocks all known malicious website
C. Verity that antivirus software is installed and up to date for all users on your network
D. Implement URL filtering on the perimeter firewall
【单选题】
What is the most common implementation of PaT in a standard networked environment?___
A. configuring multiple external hosts to join the self zo ne and to communicate with one another
B. configuring multiple internal hosts to communicate outside of the network using the outside interface IP address
C. configuring multiple internal hosts to communicate outside of the network by using the inside interface IP address
D. configuring an any any rule to enable external hosts to communicate inside the network
【单选题】
Which component of a bYod architecture provides aAa services for endpoint access ?___
A. Integrated Services Router
B. access point
C. ASA
D. Identity Services
E. ngine
【单选题】
You are configuring a NAT rule on a Cisco ASA ,Which description of a mapped interface is true?___
A. It is mandatory for all firewall modes
B. It is optional in routed mode
C. It is optional in transparent mode
D. It is mandatory for ide ntity NAT only
【单选题】
Which description of the use of a private key is true ?___
A. The sender signs a message using the receivers private key
B. The sender signs a message using their private key
C. The sender encrypts a message using the receivers private key
D. The receiver decrypts a n15ssage using the sender's private key
【单选题】
Which mechanism does the FireAMP Connector use to avoid conflicts with other security applications such as antivirus products ?___
A. Virtualization
B. Containers
C. Sandboxing
D.
E. xclusions
【单选题】
Which network to pology de scribes multiple LANS in a gec? ___
A. SOHO
B. MAN
C. pan
D. CAN
【单选题】
Which statement represents a difference between an access list on an aSa versus an access list on a router?___
A. The asa does not support number access lists
B. The aSa does not support standard access list
C. The asa does not ever use a wildcard mask
D. The asa does not support extended access lists
【单选题】
Which command do you enter to verify the status and settings of an iKE Phase 1 tunnel?___
A. show crypto ipsec as output
B. show crypto isakmp
C. show crypto isakmp policy
D. show crypto ipsec transform
【单选题】
Which feature can help a router or switch maintain packet forwarding and protocol states despite an attack or heavy traffic load on the router or switch?___
A. service Policy
B. Control Plane Policing
C. Policy Map
D. Cisco
E. xpress
F. orwarding
【单选题】
Which STP feature can prevent an attacker from becoming the root bridge by immediately shutting down the interface when it receives a BPDU?___
A. root guard
B. Port Fast
C. BPDU guard
D. BPDU filtering
【单选题】
Which technology can best protect data at rest on a user system?___
A. full-disk encryption
B. IPsec tunnel
C. router ACL
D. network IPS
【多选题】
Which two primary security concerns can you mitigate with a BYOD solution ?___
A. schedule for patching the device
B. securing access to a trusted corporate network
C. compliance with applicable policies
D. connections to public Wi-Fi networks
E. device tagging and invento
【多选题】
choose five___
A. MD5————————inserure
B. DES————————insercure
C. SDES———————legacy
D. SHA-1———————legacy
E. HMAC-MD5—————legacy
【多选题】
Which two characteristics of symmetric encryption are true?___
A. It uses digital certificates
B. It requires more resources than asymmetric ancryption
C. It uses the same key to enctypt and decrupt traffic
D. It uses a public key and a pricate key to encrypt and decrypt traffic.
E. It is faster than asymmetric encryption
【多选题】
which two characteristics of PVLAN are true?___
A. Promiscuous porta can communicate with PVLAN ports.
B. Isolated ports cannot communicate with other ports on the same VLAN
C. Community ports have to be a part of the trunk.
D. They require VTP to be enabled in server mode
E. PVLAN ports can be configured as Ether Channel ports
【多选题】
What are two options for running Cisco SDM?___
A. Running SDM from a mobile device
B. Running SDM from within CiscoWorks
C. Running SDM from a router's flash
D. Running SDM from the Cisco web porta
E. Running SDM from a PC
【多选题】
Which two options are the primary deployment modeles for mobile device management?___
A. multisite
B. cloud-based
C. on premises
D. hybrid cloud basedo
E. single site
【多选题】
Drag the recommendation on the left to the Cryptographic algorithms on the right, Options will be used more than once.___
A. Avoid——————————————DES,MD5
B. Legacy——————————————SDES,SHA1,HMAC-MD5
【多选题】
Which two are valid types of vLans using PVLANS ?___
A. Community VLAN
B. Backup VLAN
C. Secondary VLAN
D. Isolated VLAN
E. Isolated VLAN
【多选题】
Which two commands are used to implement Resilient lOS Configuration ___
A. Secure boot-config
B. copy running-config tftp
C. copy flash:ios bin tftp
D. copy running-config startup-config
E. secure boot-image
【多选题】
Which two types of firewalls work at layer 4 and above ?___
A. Stateful inspection
B. Network Address Translation
C. Circuit-Level gateway
D. Static packet filter
E. Application Level firewall
【多选题】
Which two default settings for port security are true ?___
A. Violation is Protect
B. Violation is Restrict
C. Violation is Shutdown
D. Maximum number of MAC addresses is 2
E. Maximum number of MAC addresses is 1
【多选题】
Which two are characteristics of RADIUS?___
A. Uses UDP ports 1812 /1813
B. Uses TCP port 49
C. Uses UDP port 49
D.
E. ncrypts only the password between user and server
【多选题】
When setting up a site-to-site VPN with PSK authentication on a Cisco router, which two elements must be configured under crypto map?___
A. pfs
B. nat
C. reverse route
D. peer
E. transform-set
【多选题】
When using the Adaptive Security Device Manager(ASDM), which two options are available to add a new root certificate?___
A. Install from SFTP server
B. Usehttps
C. Install from a file
D. Use LDAP
E. Use SCEP
【多选题】
Which two SNMPv3 services support its capabilities as a secure networ k manage protocol? ___
A. access control
B. the shared secret key
C. authentication
D. authorization
E. accounting
【多选题】
Which two statements about routed firewall mode are true ?___
A. The firewall acts as a routed hop in the network
B. This mode conceals the presence of the firewall
C. The firewall requires a unique iP address for each interface
D. This mode allows the firewall to be added to an existing networ k with minimal additional configuration By default, this mode permits most traffic to pass throug
【多选题】
Which two statements describe DHCP spoofing attacks?___
A. They are used to perform man-in- the-middle attacks
B. They can access most network devices
C. They can modify the flow of traffic in transit. LNGKAIG
D. They protect the identity of ti attacker by masking the DHCP address
E. They can physically modify the network gateway
【多选题】
Which two types of VLANs using PVLANs are valid?___
A. isolated
B. promiscuous
C. backup
D. secondary
E. community
【多选题】
What are two limitations of the self-zone policies on a zone-based firewall?___
A. They are unable to block Https traffic
B. They restrict SNMP traffic.
C. They are unable to support Https traffic
D. They are unable to implement application inspection
E. They are unable to perform rate limiting
【多选题】
Which two descriptions of TACACS+ are true? ___
A. The TACACS+ header is unencrypted
B. It combines a uthentication and authorization
C. It uses TCP as its transport protocol
D. Only the password is encrypted.
E. It uses UDP as its transport protocol.
【多选题】
Which two actions does an IPS perform? ___
A. it spans the traffic
B. it reflects the traffic back to the sender
C. it encrypts the traffic
D. it terminates the user session or connection of the attacker
E. it reconfigures a device to block the traffic
【多选题】
In which form of fraud does an attacker try to learn information such as login credenti account information by ma squerading as a reputable entity or person in email, IM or communication channels ?___
A. phishing
B. Smurfit
C. Hacking
D. Identity Spoofing
