Which of the following controls would BEST detect intrusion?
A. User ids and user privileges are granted through
authorized procedures.
B. Automatic logoff is used when a workstation is inactive
for a particular period of time.
C. Automatic logoff of the system after a specified number
of unsuccessful attempts.
D. Unsuccessful logon attempts are monitored by the security
administrator.
- 2 Answers
- 9403 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
IIntrusion is detected by the active monitoring and review
of unsuccessful logons. User ids and the granting of user
privileges defines a policy, not a control. Automatic logoff
is a method of preventing access on inactive terminals and
is not a detective control. Unsuccessful attempts to log on
is a method for preventing intrusion, not detecting.
| Is This Answer Correct ? | 6 Yes | 1 No |
Which of the following fire suppressant systems would an IS auditor expect to find when conducting an audit of an unmanned computer center? A. Carbon dioxide B. Halon C. Dry-pipe sprinkler D. Wet-pipe sprinkler
A large chain of shops with EFT at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? A. Offsite storage of daily backups B. Alternative standby processor onsite C. Installation of duplex communication links D. Alternative standby processor at another network node
Which of the following Internet security threats could compromise integrity? A. Theft of data from the client B. Exposure of network configuration information C. A trojan horse browser D. Eavesdropping on the net
Which of the following is a telecommunication device that translates data from digital form to analog form and back to digital? A. Multiplexer B. Modem C. Protocol converter D. Concentrator
Which of the following would BEST support 24/7 availability? A. Daily backup B. Offsite storage C. Mirroring D. Periodic testing
Which of the following would be considered a business risk? A. Former employees B. Part-time and temporary personnel C. Loss of competitive edge D. Hackers
When an organization's network is connected to an external network in an Internet client-server model not under that organization's control, security becomes a concern. In providing adequate security in this environment, which of the following assurance levels is LEAST important? A. Server and client authentication B. Data integrity C. Data recovery D. Data confidentiality
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the: A. hardware is protected against power surges. B. integrity is maintained if the main power is interrupted. C. immediate power will be available if the main power is lost. D. hardware is protected against long-term power fluctuations.
A debugging tool, which reports on the sequence of steps executed by a program, is called a/an: A. output analyzer. B. memory dump. C. compiler. D. logic path monitor.
An IS auditor evaluates the test results of a modification to a system that deals with payment computation. The auditor finds that 50 percent of the calculations do not match predetermined totals. Which of the following would MOST likely be the next step in the audit? A. Design further tests of the calculations that are in error. B. Identify variables that may have caused the test results to be inaccurate. C. Examine some of the test cases to confirm the results. D. Document the results and prepare a report of findings, conclusions and recommendations.
Which of the following systems or tools can recognize that a credit card transaction is more likely to have resulted from a stolen credit card than from the holder of the credit card? A. Intrusion detection systems B. Data mining techniques C. Firewalls D. Packet filtering routers
The application test plans are developed in which of the following systems development life cycle (SDLC) phases? A. Design B. Testing C. Requirement D. Development
Cisco Certifications 
