To prevent an organization's computer systems from becoming
part of a distributed denial-of-service attack, IP packets
containing addresses that are listed as unroutable can be
isolated by:
A. establishing outbound traffic filtering.
B. enabling broadcast blocking.
C. limiting allowable services.
D. network performance monitoring.
- 2 Answers
- 4156 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Routers programmed with outbound traffic filtering, drop
outbound packets that contain addresses from other than the
user's organization, including source addresses that can not
be routed. Broadcast blocking can be done by filtering
routers or firewalls. When programmed, IP packets coming
from the Internet and using an address that broadcasts to
every computer on the destination organization's network can
be dropped. Firewalls and filtering routers can be
programmed to limit services not allowed by policy and can
help prevent use of the company's systems. However, this
will not isolate packets that can not be routed. Network
performance monitoring is a way to monitor system
performance for potential intrusions on a real-time basis
and could help identify unusual traffic volumes.
| Is This Answer Correct ? | 5 Yes | 0 No |
Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization's security policy? A. Review the parameter settings B. Interview the firewall administrator C. Review the actual procedures D. Review the device's log file for recent attacks
Which of the following fire suppressant systems would an IS auditor expect to find when conducting an audit of an unmanned computer center? A. Carbon dioxide B. Halon C. Dry-pipe sprinkler D. Wet-pipe sprinkler
When a PC that has been used for the storage of confidential data is sold on the open market the: A. hard disk should be demagnetized. B. hard disk should be mid-level formatted.s C. data on the hard disk should be deleted. D. data on the hard disk should be defragmented.
Facilitating telecommunications continuity by providing redundant combinations of local carrier T-1 lines, microwaves and/or coaxial cables to access the local communication loop is: A. last mile circuit protection. B. long haul network diversity. C. diverse routing. D. alternative routing.
Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is best ensured by: A. database integrity checks. B. validation checks. C. input controls. D. database commits and rollbacks.
Web and e-mail filtering tools are PRIMARILY valuable to an organization because they: A. Safeguard the organization’s image. B. Maximize employee performance. C. Protect the organization from viruses and nonbusiness materials. D. Assist the organization in preventing legal issues.
An IS auditor should use statistical sampling and not judgmental (nonstatistical) sampling, when: A. the probability of error must be objectively quantified. B. the auditor wants to avoid sampling risk. C. generalized audit software is unavailable. D. the tolerable error rate cannot be determined.
After a full operational contingency test, the IS auditor performs a review of the recovery steps and concludes that the elapsed time until the technological environment and systems were actually functioning, exceeded the required critical recovery time. Which of the following should the auditor recommend? A. Perform an integral review of the recovery tasks. B. Broaden the processing capacity to gain recovery time. C. Make improvements in the facility's circulation structure. D. Increase the amount of human resources involved in the recovery.
Which of the following is the PRIMARY safeguard for securing software and data within an information processing facility? A. Security awareness B. Reading the security policy C. Security committee D. Logical access controls
A data administrator is responsible for: A. maintaining database system software. B. defining data elements, data names and their relationship. C. developing physical database structures. D. developing data dictionary system software.
A MAJOR risk of using single sign-on (SSO) is that it: A. has a single authentication point. B. represents a single point of failure. C. causes an administrative bottleneck. D. leads to a lockout of valid users.
The method of routing traffic through split cable facilities or duplicate cable facilities is called: A. alternative routing. B. diverse routing. C. redundancy. D. circular routing.
Cisco Certifications 
