Which of the following controls would be the MOST
comprehensive in a remote access network with multiple and
diverse subsystems?
A. Proxy server
B. Firewall installation
C. Network administrator
D. Password implementation and administration
- 1 Answers
- 7107 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
The most comprehensive control in this situation is password
implementation and administration. While firewall
installations are the primary line of defense, they cannot
protect all access and, therefore, an element of risk
remains. A proxy server is a type of firewall installation
and thus the same rules apply. The network administrator may
serve as a control, but typically this would not be
comprehensive enough to serve on multiple and diverse systems.
| Is This Answer Correct ? | 5 Yes | 0 No |
Which of the following fire suppressant systems would an IS auditor expect to find when conducting an audit of an unmanned computer center? A. Carbon dioxide B. Halon C. Dry-pipe sprinkler D. Wet-pipe sprinkler
A database administrator is responsible for: A. maintaining the access security of data residing on the computers. B. implementing database definition controls. C. granting access rights to users. D. defining system's data structure.
A large chain of shops with EFT at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? A. Offsite storage of daily backups B. Alternative standby processor onsite C. Installation of duplex communication links D. Alternative standby processor at another network node
The technique used to ensure security in virtual private networks (VPNs) is: A. encapsulation. B. wrapping. C. transform. D. encryption.
Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code
An advantage of the use of hot sites as a backup alternative is that: A. the costs associated with hot sites are low. B. hot sites can be used for an extended amount of time. C. hot sites can be made ready for operation within a short period of time. D. they do not require that equipment and systems software be compatible with the primary site.
The risk that an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when, in fact, they do, is an example of: A. inherent risk. B.control risk. C. detection risk. D. audit risk.
Which of the following is the MOST critical and contributes the MOST to the quality of data in a data warehouse? A. Accuracy of the source data B. Credibility of the data source C. Accuracy of the extraction process D. Accuracy of the data transformation
An IS auditor reviewing operating system access discovers that the system is not secured properly. In this situation, the IS auditor is LEAST likely to be concerned that the user might: A. create new users. B. delete database and log files. C. access the system utility tools. D. access the system writeable directories.
Which of the following independent duties is traditionally performed by the data control group? A. Access to data B. Authorization tables C. Custody of assets D. Reconciliation
Which of the following security techniques is the BEST method for authenticating a user's identity? A. Smart card B. Biometrics C. Challenge-response token D. User ID and password
Capacity monitoring software is used to ensure: A. maximum use of available capacity. B. that future acquisitions meet user needs. C. concurrent use by a large number of users. D. continuity of efficient operations.
Cisco Certifications 
