Interested to Buy Any Domain ? << Click Here >> for more details...
An organization provides information to its supply-chain
partners and customers through an extranet infrastructure.
Which of the following should be the GREATEST concern to an
IS auditor reviewing the firewall security architecture?
A. A secure socket layer (SSL) has been implemented for user
authentication and remote administration of the firewall.
B. On the basis of changing requirements, firewall policies
are updated.
C. Inbound traffic is blocked unless the traffic type and
connections have been specifically permitted.
D. The firewall is placed on top of the commercial operating
system with all installation options.
- 1 Answers
- 7691 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
The greatest concern when implementing firewalls on top of
commercial operating systems is the potential presence of
vulnerabilities that could undermine the security posture of
the firewall platform itself. In most circumstances when
commercial firewalls are breached, that breach is
facilitated by vulnerabilities in the underlying operating
system. Keeping all installation options available on the
system further increases the risks of vulnerabilities and
exploits. Using SSL for firewall administration (choice A)
is important, changes in user and supply chain partners'
roles and profiles will be dynamic and it is appropriate to
maintain the firewall policies daily (choice B), and it is a
prudent policy to block all inbound traffic unless permitted
(choice C).
| Is This Answer Correct ? | 2 Yes | 0 No |
An organization is developing a new business system. Which of the following will provide the MOST assurance that the system provides the required functionality? A. Unit testing B. Regression testing C. Acceptance testing D. Integration testing
As a result of a business process reengineering (BPR) project: A. an IS auditor would be concerned with the key controls that existed in the prior business process and not those in the new process. B. system processes are automated in such a way that there are more manual interventions and manual controls. C. the newly designed business processes usually do not involve changes in the way(s) of doing business. D. advantages usually are realized when the reengineering process appropriately suits the business and risk.
Which of the following is a substantive test?
The purpose of debugging programs is to: A. generate random data that can be used to test programs before implementing them. B. protect valid changes from being overwritten by other changes during programming. C. define the program development and maintenance costs to be include in the feasibility study. D. ensure that abnormal terminations and coding flaws are detected and corrected.
IS auditors, in performing detailed network assessments and access control reviews should FIRST: A. determine the points of entry. B. evaluate users access authorization. C. assess users identification and authorization. D. evaluate the domain-controlling server configuration.
Which of the following would contribute MOST to an effective business continuity plan (BCP)? The BCP: A. document was circulated to all interested parties. B. planning involved all user departments. C. was approved by senior management. D. was audited by an external IS auditor.
The use of statistical sampling procedures helps minimize: A. sampling risk. B. detection risk. C. inherent risk. D. control risk.
An IS auditor has been assigned to conduct a test that compares job run logs to computer job schedules. Which of the following observations would be of the GREATEST concern to the IS auditor? A. There are a growing number of emergency changes. B. There were instances when some jobs were not completed on time. C. There were instances when some jobs were overridden by computer operators. D. Evidence shows that only scheduled jobs were run.
During an audit of the tape management system at a data center, an IS auditor discovered that parameters are set to bypass or ignore the labels written on tape header records. The IS auditor also determined that effective staging and job setup procedures were in place. In this situation, the IS auditor should conclude that the: A. tape headers should be manually logged and checked by the operators. B. staging and job setup procedures are not appropriate compensating controls. C. staging and job setup procedures compensate for the tape label control weakness. D. tape management system parameters must be set to check all labels.
Automated teller machines (ATMs) are a specialized form of a point-of-sale terminal that: A. allows for cash withdrawal and financial deposits only. B. are usually located in populous areas to deter theft or vandalism. C. utilizes protected telecommunication lines for data transmissions. D. must include high levels of logical and physical security.
LANs: A. protect against virus infection. B. protect against improper disclosure of data. C. provide program integrity from unauthorized changes. D. provide central storage for a group of users.
Which of the following BEST determines that complete encryption and authentication protocols exist for protecting information while transmitted? A. A digital signature with RSA has been implemented. B. Work is being done in tunnel mode with the nested services of AH and ESP C. Digital certificates with RSA are being used. D. Work is being done in transport mode, with the nested services of AH and ESP
Cisco Certifications 
