Interested to Buy Any Domain ? << Click Here >> for more details...
An organization is considering connecting a critical
PC-based system to the Internet. Which of the following
would provide the BEST protection against hacking?
A. An application-level gateway
B. A remote access server
C. A proxy server
D. Port scanning
- 3 Answers
- 13870 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
An application-level gateway is the best way to protect
against hacking because it can define with detail rules that
describe the type of user or connection that is, or is not
permitted. It analyzes in detail each package, not only in
layers one through four of the OSI model but also layers
five through seven, which means that it reviews the commands
of each higher level protocol (HTTP, FTP, SNMP, etc.) For a
remote access server there is a device (server) asking for
username and passwords before entering the network. This is
good when accessing private networks, but it can be mapped
or scanned from the Internet creating security exposure.
Proxy servers can provide protection based on the IP address
and ports. However, an individual is needed who really knows
how to do this, and second applications can use different
ports for the different sections of their program. Port
scanning works when there is a very specific task to do, but
not when trying to control what comes from the Internet (or
when all the ports available need to be controlled somehow).
For example, the port for "Ping" (echo request) could be
blocked and the IP addresses would be available for the
application and browsing, but would not respond to "Ping".
| Is This Answer Correct ? | 6 Yes | 0 No |
What is a risk associated with attempting to control physical access to sensitive areas, such as computer rooms, through card keys, locks, etc.? A. Unauthorized individuals wait for controlled doors to open and walk in behind those authorized. B. The contingency plan for the organization cannot effectively test controlled access practices. C. Access cards, keys, and pads can be easily duplicated allowing easy compromise of the control. D. Removing access for people no longer authorized is complex.
An IS auditor conducting an access controls review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that: A. exposure is greater since information is available to unauthorized users. B. operating efficiency is enhanced since anyone can print any report, any time. C. operating procedures are more effective since information is easily available. D. user friendliness and flexibility is facilitated since there is a smooth flow of information among users.
With regard to sampling it can be said that: A. sampling is generally applicable when the population relates to an intangible or undocumented control. B. if an auditor knows internal controls are strong, the confidence coefficient may be lowered. C. attribute sampling would help prevent excessive sampling of an attribute by stopping an audit test at the earliest possible moment. D. variable sampling is a technique to estimate the rate of occurrence of a given control or set of related controls.
Which of the following choices BEST ensures the effectiveness of controls related to interest calculation inside an accounting system? A. Re-performance B. Process walk-through C. Observation D. Documentation review
Which of the following should be included in an organization's IS security policy? A. A list of key IT resources to be secured B. The basis for access authorization C. Identity of sensitive security features D. Relevant software security features
A data warehouse is: A. object orientated. B. subject orientated. C. departmental specific. D. a volatile databases.
Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.
Which of the following tests confirm that the new system can operate in its target environment? A. Sociability testing B. Regression testing C. Validation testing D. Black box testing
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as: A. critical. B. vital. C. sensitive. D. noncritical.
Many organizations require an employee to take a mandatory vacation (holiday) of a week or more to: A. ensure the employee maintains a quality of life, which will lead to greater productivity. B. reduce the opportunity for an employee to commit an improper or illegal act. C. provide proper cross training for another employee. D. eliminate the potential disruption caused when an employee takes vacation one day at a time.
The PRIMARY objective of a firewall is to protect: A. internal systems from exploitation by external threats. B. external systems from exploitation by internal threats. C. internal systems from exploitation by internal threats. D. itself and attached systems against being used to attack other systems.
Which of the following is widely accepted as one of the critical components in networking management? A. Configuration management B. Topological mappings C. Application of monitoring tools D. Proxy server trouble shooting
Cisco Certifications 
