Interested to Buy Any Domain ? << Click Here >> for more details...
A TCP/IP-based environment is exposed to the Internet. Which
of the following BEST ensures that complete encryption and
authentication protocols exist for protecting information
while transmitted?
A. Work is completed in tunnel mode with IP security using
the nested services of authentication header (AH) and
encapsulating security payload (ESP).
B. A digital signature with RSA has been implemented.
C. Digital certificates with RSA are being used.
D. Work is being completed in TCP services.
- 2 Answers
- 7690 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Tunnel mode with IP security provides encryption and
authentication of the complete IP package. To accomplish
this, the AH (authentication header) and ESP (encapsulating
security payload) services can be nested. Choices B and C
provide authentication and integrity. TCP services do not
provide encryption and authentication.
| Is This Answer Correct ? | 4 Yes | 0 No |
Answer / antoine
A. Work is completed in tunnel mode with IP security using
the nested services of authentication header (AH) and
encapsulating security payload (ESP).
IPsec
| Is This Answer Correct ? | 0 Yes | 0 No |
The MAJOR concern for an IS auditor when reviewing an organization's business process reengineering (BRP) efforts is: A. cost overrun of the project. B. employees resistance to change. C. key controls may be removed from a business process. D. lack of documentation of new processes.
Which of the following types of risks assumes an absence of compensating controls in the area being reviewed? A. Control risk B. Detection risk C. Inherent risk D. Sampling risk
Which of the following Internet security threats could compromise integrity? A. Theft of data from the client B. Exposure of network configuration information C. A trojan horse browser D. Eavesdropping on the net
Which of the following group/individuals should assume overall direction and responsibility for costs and timetables of system development projects? A. User management B. Project steering committee C. Senior management D. Systems development management
For which of the following applications would rapid recovery be MOST crucial? A. Point-of-sale system B. Corporate planning C. Regulatory reporting D. Departmental chargeback
Which tests is an IS auditor performing when certain program is selected to determine if the source and object versions are the same?
The MOST important responsibility of a data security officer in an organization is: A. recommending and monitoring data security policies. B. promoting security awareness within the organization. C. establishing procedures for IT security policies. D. administering physical and logical access controls.
When conducting a review of business process re-engineering, an IS auditor found that a key preventive control had been removed. In this case, the IS auditor should: A. inform management of the finding and determine if management is willing to accept the potential material risk of not having that preventing control. B. determine if a detective control has replaced the preventive control during the process and if so, not report the removal of the preventive control. C. recommend that this and all control procedures that existed before the process was reengineered be included in the new process. D. develop a continuous audit approach to monitor the effects of the removal of the preventive control.
Which of the following activities should the business continuity manager perform FIRST after the replacement of hardware at the primary information processing facility? A. Verify compatibility with the hot site. B. Review the implementation report. C. Perform a walk-through of the DRP. D. Update the IS assets inventory.
Which of the following BEST determines that complete encryption and authentication protocols exist for protecting information while transmitted? A. A digital signature with RSA has been implemented. B. Work is being done in tunnel mode with the nested services of AH and ESP C. Digital certificates with RSA are being used. D. Work is being done in transport mode, with the nested services of AH and ESP
The reliability of an application system's audit trail may be questionable if: A. user IDs are recorded in the audit trail. B. the security administrator has read-only rights to the audit file. C. date time stamps record when an action occurs. D. users can amend audit trail records when correcting system errors.
What data should be used for regression testing? A. Different data than used in the previous test B. The most current production data C. The data used in previous tests D. Data produced by a test data generator
Cisco Certifications 
