Interested to Buy Any Domain ? << Click Here >> for more details...
If inadequate, which of the following would be the MOST
likely contributor to a denial-of-service attack?
A. Router configuration and rules
B. Design of the internal network
C. Updates to the router system software
D. Audit testing and review techniques
- 2 Answers
- 7613 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Inadequate router configuration and rules would lead to an
exposure to denial-of-service attacks. Choices B and C would
be lesser contributors. Choice D is incorrect because audit
testing and review techniques are applied after the fact.
| Is This Answer Correct ? | 6 Yes | 0 No |
Disaster recovery planning addresses the: A. technological aspect of business continuity planning. B. operational piece of business continuity planning. C. functional aspect of business continuity planning. D. overall coordination of business continuity planning.
An IS auditor who has discovered unauthorized transactions during a review of EDI transactions is likely to recommend improving the: A. EDI trading partner agreements. B. physical controls for terminals. C. authentication techniques for sending and receiving messages. D. program change control procedures.
During an audit of the tape management system at a data center, an IS auditor discovered that parameters are set to bypass or ignore the labels written on tape header records. The IS auditor also determined that effective staging and job setup procedures were in place. In this situation, the IS auditor should conclude that the: A. tape headers should be manually logged and checked by the operators. B. staging and job setup procedures are not appropriate compensating controls. C. staging and job setup procedures compensate for the tape label control weakness. D. tape management system parameters must be set to check all labels.
To check the performance of flow and error control, an IS auditor should focus the use of a protocol analyzer on which of the following layers? A. Network B. Transport C. Data link D. Application
Which of the following is the primary purpose for conducting parallel testing? A. To determine if the system is cost-effective. B. To enable comprehensive unit and system testing. C. To highlight errors in the program interfaces with files. D. To ensure the new system meets user requirements.
Which of the following would be of the LEAST value to an IS auditor attempting to gain an understanding of an organization's IT process? A. IT planning documents with deliverables and performance results B. Policies and procedures relating to planning, managing, monitoring and reporting on performance C. Prior audit reports D. Reports of IT functional activities
Which of the following is the initial step in creating a firewall policy? A. A cost-benefits analysis of methods for securing the applications B. Identification of network applications to be externally accessed C. Identification of vulnerabilities associated with network applications to be externally accessed D. Creation of an applications traffic matrix showing protection methods
Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with an organization's change control procedures? A. Review software migration records and verify approvals. B. Identify changes that have occurred and verify approvals. C. Review change control documentation and verify approvals. D. Ensure that only appropriate staff can migrate changes into production.
Which of the following user profiles should be of MOST concern to the IS auditor, when performing an audit of an EFT system? A. Three users with the ability to capture and verifiy their own messages B. Five users with the ability to capturr and send their own messages C. Five users with the ability to verificy other users and to send of their own messages D. Three users with the ability to capture and verifiy the messages of other users and to send their own messages
Which of the following is the MOST reliable sender authentication method? A. Digital signatures B. Asymmetric cryptography C. Digital certificates D. Message authentication code
A debugging tool, which reports on the sequence of steps executed by a program, is called a/an: A. output analyzer. B. memory dump. C. compiler. D. logic path monitor.
Which of the following would be the LEAST likely indication that complete or selected outsourcing of IS functions should be considered? A. The applications development backlog is greater than three years. B. It takes one year to develop and implement a high-priority system. C. More than 60 percent of programming costs are spent on system maintenance. D. Duplicate information systems functions exist at two sites.
Cisco Certifications 
