Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is the initial step in creating a
firewall policy?
A. A cost-benefits analysis of methods for securing the
applications
B. Identification of network applications to be externally
accessed
C. Identification of vulnerabilities associated with network
applications to be externally accessed
D. Creation of an applications traffic matrix showing
protection methods
- 1 Answers
- 12857 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
Identification of the applications required across the
network should be identified first. After identification,
depending on the physical location of these applications in
the network and the network model, the person in-charge will
be able to understand the need and possible ways of
controlling access to these applications. Identifying
methods to protect against identified vulnerabilities and
their comparative cost-benefit analysis is the third step.
Having identified the applications, the next step is to
identify vulnerabilities (weaknesses) associated with the
network applications. The next step is to analyze the
application traffic and create a matrix showing how each
type of traffic will be protected.
| Is This Answer Correct ? | 10 Yes | 1 No |
Which of the following is a strength of a client-server security system? A. Change control and change management procedures are inherently strong. B. Users can manipulate data without controlling resources on the mainframe. C. Network components seldom become obsolete. D. Access to confidential data or data manipulation is controlled tightly.
To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against: A. the entire message and thereafter enciphering the message digest using the sender's private key. B. any arbitrary part of the message and thereafter enciphering the message digest using the sender's private key. C. the entire message and thereafter enciphering the message using the sender's private key. D. the entire message and thereafter enciphering the message along with the message digest using the sender's private key.
The document used by the top management of organizations to delegate authority to the IS audit function is the: A. long-term audit plan. B. audit charter. C. audit planning methodology. D. steering committee minutes.
An organization is introducing a single sign-on (SSO) system. Under the SSO system, users will be required to enter only one user ID and password for access to all application systems. Under the SSO system, unauthorized access: A. is less likely. B. is more likely. C. will have a greater impact. D. will have a smaller impact.
Which of the following is an advantage of an integrated test facility (ITF)? A. It uses actual master files or dummies and the IS auditor does not have to review the source of the transaction. B. Periodic testing does not require separate test processes. C. It validates application systems and tests the ongoing operation of the system. D. It eliminates the need to prepare test data.
Which of the following LAN physical layouts is subject to total loss if one device fails? A. Star B. Bus C. Ring D. Completely connected
Which of the following provides the GREATEST assurance of message authenticity? A. The pre-hash code is derived mathematically from the message being sent. B. The pre-hash code is encrypted using the sender's private key. C. Encryption of the pre-hash code and the message using the secret key. D. Sender attains the recipient's public key and verifies the authenticity of its digital certificate with a certificate authority.
Which of the following is a benefit of a risk-based approach to audit planning? Audit: A. scheduling may be performed months in advance. B. budgets are more likely to be met by the IS audit staff. C. staff will be exposed to a variety of technologies. D. resources are allocated to the areas of highest concern.
The general ledger setup function in an enterprise resource package (ERP) allows for setting accounting periods. Access to this function has been permitted to users in finance, the warehouse and order entry. The MOST likely reason for such broad access is the: A. need to change accounting periods on a regular basis.. B. requirement to post entries for a closed accounting period. C. lack of policies and procedures for the proper segregation of duties. D. need to create/modify the chart of accounts and its allocations.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
Which of the following is the MOST important function to be performed by IS management when a service has been outsource? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance
Which of the following steps would an IS auditor normally perform FIRST in a data center security review? A. Evaluate physical access test results. B. Determine the risks/threats to the data center site. C. Review business continuity procedures. D. Test for evidence of physical access at suspect locations.
Cisco Certifications 
