An organization is considering connecting a critical
PC-based system to the Internet. Which of the following
would provide the BEST protection against hacking?
A. An application-level gateway
B. A remote access server
C. A proxy server
D. Port scanning
- 3 Answers
- 10180 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
An application-level gateway is the best way to protect
against hacking because it can define with detail rules that
describe the type of user or connection that is, or is not
permitted. It analyzes in detail each package, not only in
layers one through four of the OSI model but also layers
five through seven, which means that it reviews the commands
of each higher level protocol (HTTP, FTP, SNMP, etc.) For a
remote access server there is a device (server) asking for
username and passwords before entering the network. This is
good when accessing private networks, but it can be mapped
or scanned from the Internet creating security exposure.
Proxy servers can provide protection based on the IP address
and ports. However, an individual is needed who really knows
how to do this, and second applications can use different
ports for the different sections of their program. Port
scanning works when there is a very specific task to do, but
not when trying to control what comes from the Internet (or
when all the ports available need to be controlled somehow).
For example, the port for "Ping" (echo request) could be
blocked and the IP addresses would be available for the
application and browsing, but would not respond to "Ping".
| Is This Answer Correct ? | 6 Yes | 0 No |
An IS auditor who has discovered unauthorized transactions during a review of EDI transactions is likely to recommend improving the: A. EDI trading partner agreements. B. physical controls for terminals. C. authentication techniques for sending and receiving messages. D. program change control procedures.
An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely: A. check to ensure the type of transaction is valid for that card type. B. verify the format of the number entered then locate it on the database. C. ensure that the transaction entered is within the cardholder's credit limit. D. confirm that the card is not shown as lost or stolen on the master file.
Which of the following is the MOST important function to be performed by IS management when a service has been outsource? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance
The PRIMARY purpose of audit trails is to: A. improve response time for users. B. establish accountability and responsibility for processed transactions. C. improve the operational efficiency of the system. D. provide useful information to auditors who may wish to track transactions.
Which of the ISO/OSI model layers provides for routing packets between nodes? A. Data link B. Network C. Transport D. Session
Which of the following is the MOST effective type of antivirus software? A. Scanners B. Active monitors C. Integrity checkers D. Vaccines
Corrective action has been taken by an auditee immediately after the identification of a reportable finding. The auditor should: A. include the finding in the final report because the IS auditor is responsible for an accurate report of all findings. B. not include the finding in the final report because the audit report should include only unresolved findings. C. not include the finding in the final report because corrective action can be verified by the IS auditor during the audit. D. include the finding in the closing meeting for discussion purposes only.
Which of the following applet intrusion issues poses the GREATEST risk of disruption to an organization? A. A program that deposits a virus on a client machine B. Applets recording keystrokes and, therefore, passwords C. Downloaded code that reads files on a client's hard drive D. Applets opening connections from the client machine
What data should be used for regression testing? A. Different data than used in the previous test B. The most current production data C. The data used in previous tests D. Data produced by a test data generator
Failure to adequately define or manage the requirements for a system can result in a number of risks. The GREATEST risk is: A. inadequate user involvement. B. inadequate allocation of resources. C. scope creep. D. an incorrect estimation of the critical path.
Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.
Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.
Cisco Certifications 
