Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following would enable an enterprise to provide
access to its intranet (i.e., extranet) across the Internet
to its business partners?
A. Virtual private network
B. Client-server
C. Dial-in access
D. Network service provider
- 1 Answers
- 7758 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
A virtual private network (VPN) allows external partners to
securely participate in the extranet using public networks
as a transport or shared private networks. Because of its
low cost, using public networks (Internet) as a transport is
the principal method. VPNs rely on tunneling/encapsulation
techniques, which allow the Internet protocol (IP) to carry
a variety of different protocols (e.g., SNA, IPX, NETBEUI).
A client-server (choice B) does not address extending the
network to business partners (i.e., client-servers refers to
a group of computers within an organization connected by a
communications network where the client is the request
machine and the server is the supplying machine). Choice C
refers to remote users accessing a secured environment. It
is the means, not the method of providing access to a
network. A network service provider (choice D) may provide
services to a shared private network in providing Internet
services, but not extended to an organization's intranet.
| Is This Answer Correct ? | 4 Yes | 0 No |
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as: A. critical. B. vital. C. sensitive. D. noncritical.
In an online transaction processing system, data integrity is maintained by ensuring that a transaction is either completed in its entirety or not at all. This principle of data integrity is known as: A. isolation. B. consistency. C. atomicity. D. durability.
When reviewing the IT strategic planning process, an IS auditor should ensure that the plan: A. incorporates state of the art technology. B. addresses the required operational controls. C. articulates the IT mission and vision. D. specifies project management practices.
The success of control self-assessment (CSA) depends highly on: A. Having line managers assume a portion of the responsibility for control monitoring. B. Assigning staff managers the responsibility for building, but not monitoring, controls. C. The implementation of stringent control policy and rule- driven controls. D. The implementation of supervision and the monitoring of control assigned duties
One of the purposes of library control software is to allow: A. programmers access to production source and object libraries. B. batch program updating. C. operators to update the control library with the production version before testing is completed. D. read-only access to source code.
An IS auditor involved as a team member in the detailed system design phase of a system under development would be MOST concerned with: A. internal control procedures. B. user acceptance test schedules. C. adequacy of the user training program. D. clerical processes for resubmission of rejected items.
The potential for unauthorized system access by way of terminals or workstations within an organization's facility is increased when: A. connecting points are available in the facility to connect laptops to the network. B. users take precautions to keep their passwords confidential. C. terminals with password protection are located in unsecured locations. D. terminals are located within the facility in small clusters under the supervision of an administrator.
A team conducting a risk analysis is having difficulty projecting the financial losses that could result from a risk. To evaluate the potential losses the team should: A. compute the amortization of the related assets. B. calculate a return on investment (ROI). C. apply a qualitative approach. D. spend the time needed to define exactly the loss amount.
When auditing the requirements phase of a software acquisition, the IS auditor should: A. assess the feasibility of the project timetable. B. assess the vendor?s proposed quality processes. C. ensure that the best software package is acquired. D. review the completeness of the specifications.
An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity
An organization's disaster recovery plan should address early recovery of: A. all information systems processes. B. all financial processing applications. C. only those applications designated by the IS manager. D. processing in priority order, as defined by business management.
An IS auditor reviewing operating system access discovers that the system is not secured properly. In this situation, the IS auditor is LEAST likely to be concerned that the user might: A. create new users. B. delete database and log files. C. access the system utility tools. D. access the system writeable directories.
Cisco Certifications 
