Interested to Buy Any Domain ? << Click Here >> for more details...
An organization is considering connecting a critical
PC-based system to the Internet. Which of the following
would provide the BEST protection against hacking?
A. An application-level gateway
B. A remote access server
C. A proxy server
D. Port scanning
- 3 Answers
- 13736 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
An application-level gateway is the best way to protect
against hacking because it can define with detail rules that
describe the type of user or connection that is, or is not
permitted. It analyzes in detail each package, not only in
layers one through four of the OSI model but also layers
five through seven, which means that it reviews the commands
of each higher level protocol (HTTP, FTP, SNMP, etc.) For a
remote access server there is a device (server) asking for
username and passwords before entering the network. This is
good when accessing private networks, but it can be mapped
or scanned from the Internet creating security exposure.
Proxy servers can provide protection based on the IP address
and ports. However, an individual is needed who really knows
how to do this, and second applications can use different
ports for the different sections of their program. Port
scanning works when there is a very specific task to do, but
not when trying to control what comes from the Internet (or
when all the ports available need to be controlled somehow).
For example, the port for "Ping" (echo request) could be
blocked and the IP addresses would be available for the
application and browsing, but would not respond to "Ping".
| Is This Answer Correct ? | 6 Yes | 0 No |
The objective of IT governance is to ensure that the IT strategy is aligned with the objectives of (the): A. enterprise. B. IT. C. audit. D. finance.
Which of the following network configuration options contains a direct link between any two host machines? A. Bus B. Ring C. Star D. Completely connected (mesh)
Which of the following is a network architecture configuration that links each station directly to a main hub? A. Bus B. Ring C. Star D. Completed connected
In a business continuity plan, there are several methods of providing telecommunication continuity. One method is diverse routing which involves: A. providing extra capacity with the intent of using the surplus capacity should the normal primary transmission capability not be available. B. routing information via other alternate media such as copper cable or fiber optics. C. providing diverse long-distance network availability utilizing T-1 circuits among the major long-distance carriers. D. routing traffic through split-cable facilities or duplicate-cable facilities.
To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.
An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely: A. check to ensure the type of transaction is valid for that card type. B. verify the format of the number entered then locate it on the database. C. ensure that the transaction entered is within the cardholder's credit limit. D. confirm that the card is not shown as lost or stolen on the master file.
The MOST significant level of effort for business continuity planning (BCP) generally is required during the: A. testing stage. B. evaluation stage. C. maintenance stage. D. early stages of planning.
When developing a risk-based audit strategy, an IS auditor should conduct a risk assessment to ensure that:
A validation which ensures that input data are matched to predetermined reasonable limits or occurrence rates, is known as: A. Reasonableness check. B. Validity check. C. Existence check. D. Limit check.
Which of the following concerns associated with the World Wide Web would be addressed by a firewall? A. Unauthorized access from outside the organization B. Unauthorized access from within the organization C. A delay in Internet connectivity D. A delay in downloading using file transfer protocol (FTP)
A database administrator is responsible for: A. defining data ownership. B. establishing operational standards for the data dictionary. C. creating the logical and physical database. D. establishing ground rules for ensuring data integrity and security.
Various standards have emerged to assist IS organizations in achieving an operational environment that is predictable, measurable and repeatable. The standard that provides the definition of the characteristics and the associated quality evaluation process to be used when specifying the requirements for and evaluating the quality of software products throughout their life cycle is: A. ISO 9001. B. ISO 9002. C. ISO 9126. D. ISO 9003.
Cisco Certifications 
