Interested to Buy Any Domain ? << Click Here >> for more details...
The most common problem in the operation of an intrusion
detection system (IDS) is:
A. the detection of false positives.
B. receiving trap messages.
C. reject error rates.
D. denial-of-service attacks.
- 1 Answers
- 7845 Views
- ABC, I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Because of the configuration and the way IDS technology
operates, the main problem in operating IDSs is the
recognition (detection) of events that are not really
security incidents?false positives (equivalent of a false
alarm). The IS auditor needs to be aware of this, and should
check for implementation of related controls, such as IDS
tuning, incident handling procedures (like the screening
process to know if an event is a security incident or a
false positive). Trap messages are generated by the simple
network management protocol (SNMP) agents when an important
event happens, but are not particularly related to security
or IDSs. Reject error rate is related to biometric
technology and is not related to IDSs. Denial of service is
a type of attack and is not a problem in the operation of IDSs.
| Is This Answer Correct ? | 10 Yes | 0 No |
Which of the following steps would an IS auditor normally perform FIRST in a data center security review? A. Evaluate physical access test results. B. Determine the risks/threats to the data center site. C. Review business continuity procedures. D. Test for evidence of physical access at suspect locations.
An IS auditor is reviewing the risk management process. Which of the following is the MOST important consideration during this review? A. Controls are implemented based on cost-benefit analysis. B. The risk management framework is based on global standards. C. The approval process for risk response is in place. D. IT risk is presented in business terms.
A utility is available to update critical tables in case of data inconsistency. This utility can be executed at the OS prompt or as one of menu options in an application. The BEST control to mitigate the risk of unauthorized manipulation of data is to: A. delete the utility software and install it as and when required. B. provide access to utility on a need-to-use basis. C. provide access to utility to user management D. define access so that the utility can be only executed in menu option.
The use of a GANTT chart can: A. aid in scheduling project tasks. B. determine project checkpoints. C. ensure documentation standards. D. direct the post-implementation review.
A universal serial bus (USB) port: A. connects the network without a network card. B. connects the network with an Ethernet adapter. C. replaces all existing connections. D. connects the monitor.
The MAJOR advantage of the risk assessment approach over the baseline approach to information security management is that it ensures: A. information assets are over protected. B. a basic level of protection is applied regardless of asset value. C. appropriate levels of protection are applied to information assets. D. an equal proportion of resources are devoted to protecting all information assets.
Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation? A. Specific developments only B. Business requirements only C. All phases of the installation must be documented D. No need to develop a customer specific documentation
A critical function of a firewall is to act as a: A. special router that connects the Internet to a LAN. B. device for preventing authorized users from accessing the LAN. C. server used to connect authorized users to private trusted network resources. D. proxy server to increase the speed of access to authorized users.
Which of the following risks would be increased by the installation of a database system? A. Programming errors B. Data entry errors C. Improper file access D. Loss of parity
Which of the following functions would be acceptable for the security administrator to perform in addition to his/her normal functions? A. Systems analyst B. Quality assurance C. Computer operator D. Systems programmer
In an online transaction processing system, data integrity is maintained by ensuring that a transaction is either completed in its entirety or not at all. This principle of data integrity is known as: A. isolation. B. consistency. C. atomicity. D. durability.
Naming conventions for system resources are important for access control because they: A. ensure that resource names are not ambiguous. B. reduce the number of rules required to adequately protect resources. C. ensure that user access to resources is clearly and uniquely identified. D. ensure that internationally recognized names are used to protect resources.
Cisco Certifications 
