When an organization's network is connected to an external
network in an Internet client-server model not under that
organization's control, security becomes a concern. In
providing adequate security in this environment, which of
the following assurance levels is LEAST important?
A. Server and client authentication
B. Data integrity
C. Data recovery
D. Data confidentiality
- 2 Answers
- 3746 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: C
Data recovery, as a corrective action, occurs after a total
network failure (denial of service) and therefore is least
important in assuring security in a networked environment.
The other choices are proactive in nature and directly
impact network security. Server and client authentication
provides a way of verifying that the server bring
communicating with is a valid server, and the server needs
to know that the clients are in fact valid client machines.
Data integrity is required for verifying that the data
received over the network has not been modified during its
transmission, and data confidentiality is required for
protecting information sent over the network from eavesdropping.
| Is This Answer Correct ? | 8 Yes | 0 No |
An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions should the IS auditor take? A. Personally delete all copies of the unauthorized software. B. Inform auditee of the unauthorized software, and follow up to confirm deletion. C. Report the use of the unauthorized software to auditee management and the need to prevent recurrence. D. Take no action, as it is a commonly accepted practice and operations management is responsible for monitoring such use.
A LAN administrator normally would be restricted from: A. having end-user responsibilities. B. reporting to the end-user manager. C. having programming responsibilities. D. being responsible for LAN security administration.
A data warehouse is: A. object orientated. B. subject orientated. C. departmental specific. D. a volatile databases.
To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against: A. the entire message and thereafter enciphering the message digest using the sender's private key. B. any arbitrary part of the message and thereafter enciphering the message digest using the sender's private key. C. the entire message and thereafter enciphering the message using the sender's private key. D. the entire message and thereafter enciphering the message along with the message digest using the sender's private key.
Which of the following is a benefit of using callback devices? A. Provide an audit trail B. Can be used in a switchboard environment C. Permit unlimited user mobility D. Allow call forwarding
A key element in a risk analysis is/are: A. audit planning. B. controls. C. vulnerabilities. D. liabilities.
If a database is restored using before-image dumps, where should the process be restarted following an interruption? A. Before the last transaction B. After the last transaction C. The first transaction after the latest checkpoint D. The last transaction before the latest checkpoint
The BEST time to perform a control self-assessment involving line management, line staff and the audit department is at the time of: A. compliance testing. B. the preliminary survey. C. substantive testing. D. the preparation of the audit report.
Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.
Which of the following methods of suppressing a fire in a data center is the MOST effective and environmentally friendly? A. Halon gas B. Wet-pipe sprinklers C. Dry-pipe sprinklers D. Carbon dioxide gas
Which of the following is the MOST reasonable option for recovering a noncritical system? A. Warm site B. Mobile site C. Hot site D. Cold site
A company has contracted with an external consulting firm to implement a commercial financial system to replace its existing in-house developed system. In reviewing the proposed development approach, which of the following would be of GREATEST concern? A. Acceptance testing is to be managed by users. B. A quality plan is not part of the contracted deliverables. C. Not all business functions will be available on initial implementation. D. Prototyping is being used to confirm that the system meets business requirements.
Cisco Certifications 
