Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following types of firewalls provide the
GREATEST degree and granularity of control?
A. Screening router
B. Packet filter
C. Application gateway
D. Circuit gateway
- 1 Answers
- 13993 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The application gateway is similar to a circuit gateway, but
it has specific proxies for each service. To be able to
handle web services it has an HTTP proxy, which acts as an
intermediary between externals and internals, but
specifically for HTTP. This means that it not only checks
the packet IP addresses (layer 3) and the ports it is
directed to (in this case port 80, layer 4), it also checks
every http command (layer 5 and 7). Therefore, it works in a
more detailed (granularity) way than the others. Screening
router and packet filter (choices A and B) basically work at
the protocol, service and/or port level. This means that
they analyze packets from layers 3 and 4 (not from higher
levels). A circuit-gateway (choice D) is based on a proxy or
program that acts as an intermediary between external and
internal accesses. This means that, during an external
access, instead of opening a single connection to the
internal server, two connections are established-one from
the external to the proxy (which conforms the
circuit-gateway) and one from the proxy to the internal.
Layers 3 and 4 (IP and TCP) and some general features from
higher protocols are used to perform these tasks.
| Is This Answer Correct ? | 5 Yes | 1 No |
Change control procedures to prevent scope creep during an application development project should be defined during: A. design. B. feasibility. C. implementation. D. requirements definition.
Which of the following is the MOST secure and economical method for connecting a private network over the Internet in a small- to medium-sized organization? A. Virtual private network B. Dedicated line C. Leased line D. Integrated services digital network
An IS auditor is performing an audit of a network operating system. Which of the following is a user feature the IS auditor should review? A. Availability of online network documentation B. Support of terminal access to remote hosts C. Handling file transfer between hosts and inter-user communications D. Performance management, audit and control
Which of these has the potential to improve security incident response processes? A. Review the incident response procedures. B. Post-mortem or post-event reviews by the security team. C. Getting the hot-site ready. D. Reviw the BCP plan every six months
A vendor/contractor?s performance against service level agreements must be evaluated by the: A. customer. B. contractor. C. third-party. D. contractor?s management.
Which of the following IS functions may be performed by the same individual, without compromising on control or violating segregation of duties? A. Job control analyst and applications programmer B. Mainframe operator and system programmer C. Change/problem and quality control administrator D. Applications and system programmer
Which of the following environmental controls is appropriate to protect computer equipment against short-term reductions in electrical power? A. Power line conditioners B. A surge protective device C. An alternative power supply D. An interruptible power supply
Which of the following groups should assume ownership of a systems development project and the resulting system? A. User management B. Senior management C. Project steering committee D. Systems development management
The role of IT auditor in complying with the Management Assessment of Internal Controls (Section 404 of the Sarbanes-Oxley Act) is: A. planning internal controls B. documenting internal controls C. designing internal controls D. implementing internal controls
A data warehouse is: A. object orientated. B. subject orientated. C. departmental specific. D. a volatile databases.
Which of the following systems or tools can recognize that a credit card transaction is more likely to have resulted from a stolen credit card than from the holder of the credit card? A. Intrusion detection systems B. Data mining techniques C. Firewalls D. Packet filtering routers
An IS auditor is assigned to help design the data security aspects of an application under development. Which of the following provides the MOST reasonable assurance that corporate assets are protected when the application is certified for production? A. A review conducted by the internal auditor B. A review conducted by the assigned IS auditor C. Specifications by the user on the depth and content of the review D. An independent review conducted by another equally experienced IS auditor
Cisco Certifications 
