Which of the following controls would BEST detect intrusion?
A. User ids and user privileges are granted through
authorized procedures.
B. Automatic logoff is used when a workstation is inactive
for a particular period of time.
C. Automatic logoff of the system after a specified number
of unsuccessful attempts.
D. Unsuccessful logon attempts are monitored by the security
administrator.
- 2 Answers
- 9603 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
IIntrusion is detected by the active monitoring and review
of unsuccessful logons. User ids and the granting of user
privileges defines a policy, not a control. Automatic logoff
is a method of preventing access on inactive terminals and
is not a detective control. Unsuccessful attempts to log on
is a method for preventing intrusion, not detecting.
| Is This Answer Correct ? | 6 Yes | 1 No |
When reviewing an organization's logical access security, which of the following would be of the MOST concern to an IS auditor? A. Passwords are not shared. B. Password files are encrypted. C. Redundant logon IDs are deleted. D. The allocation of logon IDs is controlled.
When planning an audit of a network set up, the IS auditor should give highest priority to obtaining which of the following network documentation? A. Wiring and schematic diagram B. Users list and responsibilities C. Applications list and their details D. Backup and recovery procedures
An IS auditor auditing hardware monitoring procedures should review A. system availability reports. B. cost-benefit reports. C. response time reports. D. database utilization reports.
A hub is a device that connects: A. two LANs using different protocols. B. a LAN with a WAN. C. a LAN with a metropolitan area network (MAN). D. two segments of a single LAN.
Which of the following is the MOST important reason for an IS auditor to be involved in a system development project? A. Evaluate the efficiency of resource utilization. B. Develop audit programs for subsequent audits of the system. C. Evaluate the selection of hardware to be used by the system. D. Ensure that adequate controls are built into the system during development.
E-mail message authenticity and confidentiality is BEST achieved by signing the message using the:
Business continuity/disaster recovery is PRIMARILY the responsibility of: A. IS management. B. business unit managers. C. the security administrator. D. the board of directors.
Which tests is an IS auditor performing when certain program is selected to determine if the source and object versions are the same?
Which of the following should be of MOST concern to an IS auditor? A. Lack of reporting of a successful attack on the network B. Failure to notify police of an attempted intrusion C. Lack of periodic examination of access rights D. Lack of notification to the public of an intrusion
The risk of an IS auditor using an inadequate test procedure and concluding that material errors do not exist when, in fact, they exist is:
An IS auditor performing a review of the backup processing facilities should be MOST concerned that: A. adequate fire insurance exists. B. regular hardware maintenance is performed. C. offsite storage of transaction and master files exists. D. backup processing facilities are tested fully.
An IS auditor reviewing the key roles and responsibilities of the database administrator (DBA) is LEAST likely to expect the job description of the DBA to include: A. defining the conceptual schema. B. defining security and integrity checks. C. liaising with users in developing data model. D. mapping data model with the internal schema.
Cisco Certifications 
