Interested to Buy Any Domain ? << Click Here >> for more details...
To help mitigate the effects of a denial of service attack,
which mechanism can an Internet service provider (ISP) use
to identify Internet protocol (IP) packets from unauthorized
sources?
A. Inbound traffic filtering
B. Rate limiting
C. Reverse address lookup
D. Network performance monitoring
- 2 Answers
- 5048 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
ISPs serve user organizations with pre-assigned IP
addresses. Inbound traffic filtering can filter out IP
packets that do not conform to the pre-assigned IP address
range. Rate limiting involves limiting the occurrences of
certain types of TCP/IP packets according to predefined
specifications. It is used to identify excess packets.
Reverse address lookup determines if the source address is
an IP packet of the true address of the computer (host) that
is actually sending the packet. It would identify address
substitution, but would not initially identify that it was
an unauthorized source. Network performance monitoring is a
way to monitor system performance for potential intrusions
on a real-time basis. It could help identify unusual traffic
volumes.
| Is This Answer Correct ? | 3 Yes | 0 No |
Which of the following is a strength of the program evaluation review technique (PERT) over other techniques? PERT: A. considers different scenarios for planning and control projects. B. allows the user to input program and system parameters. C. tests system maintenance processes accurately. D. estimates costs of system projects.
A dry-pipe fire extinguisher system is a system that uses: A. water, but in which water does not enter the pipes until a fire has been detected. B. water, but in which the pipes are coated with special watertight sealants. C. carbon dioxide instead of water. D. halon instead of water.
Which of the following is an objective of a control self-assessment (CSA) program? A. Concentration on areas of high risk B. Replacement of audit responsibilities C. Completion of control questionnaires D. Collaborative facilitative workshops
Which of the following IS functions may be performed by the same individual, without compromising on control or violating segregation of duties? A. Job control analyst and applications programmer B. Mainframe operator and system programmer C. Change/problem and quality control administrator D. Applications and system programmer
The general ledger setup function in an enterprise resource package (ERP) allows for setting accounting periods. Access to this function has been permitted to users in finance, the warehouse and order entry. The MOST likely reason for such broad access is the: A. need to change accounting periods on a regular basis.. B. requirement to post entries for a closed accounting period. C. lack of policies and procedures for the proper segregation of duties. D. need to create/modify the chart of accounts and its allocations.
Which of the ISO/OSI model layers provides for routing packets between nodes? A. Data link B. Network C. Transport D. Session
An organization has outsourced network and desktop support. Although the relationship has been reasonably successful, risks remain due to connectivity issues. Which of the following controls should FIRST be performed to assure the organization reasonably mitigates these possible risks? A. Network defense program B. Encryption/Authentication C. Adequate reporting between organizations D. Adequate definition in contractual relationship
An IS auditor performing a review of the IS department discovers that formal project approval procedures do not exist. In the absence of these procedures the IS manager has been arbitrarily approving projects that can be completed in a short duration and referring other more complicated projects to higher levels of management for approval. The IS auditor should recommend as a FIRST course of action that: A. users participate in the review and approval process. B. formal approval procedures be adopted and documented. C. projects be referred to appropriate levels of management for approval. D. the IS manager's job description be changed to include approval authority.
A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it:
An IS auditor performing an audit of the company's IS strategy would be LEAST likely to: A. assess IS security procedures. B. review both short- and long-term IS strategies. C. interview appropriate corporate management personnel. D. ensure that the external environment has been considered.
Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist? A. Reviewing program code B. Reviewing operations documentation C. Turning off the UPS, then the power D. Reviewing program documentation
An IS auditor conducting an access controls review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that: A. exposure is greater since information is available to unauthorized users. B. operating efficiency is enhanced since anyone can print any report, any time. C. operating procedures are more effective since information is easily available. D. user friendliness and flexibility is facilitated since there is a smooth flow of information among users.
Cisco Certifications 
