(61) An IS auditor finds that
conference rooms have active network ports. Which of the following is MOST
important to ensure?
A. The corporate network is using an
intrusion prevention system (IPS)
B. This
part of the network is isolated from the corporate network
C. A single sign-on has been
implemented in the corporate network
D. Antivirus software is in place to
protect the corporate network
Explanation:
If the conference rooms have access to the corporate network, unauthorized users may be able to connect to the corporate network; therefore, both networks should be isolated either via a firewall or being physically separated. An I PS would detect possible attacks, but only after they have occurred. A single sign-on would ease authentication management. Antivirus software would reduce the impact of possible viruses; however, unauthorized users would still be able to access the corporate network, which is the biggest risk.
If the conference rooms have access to the corporate network, unauthorized users may be able to connect to the corporate network; therefore, both networks should be isolated either via a firewall or being physically separated. An I PS would detect possible attacks, but only after they have occurred. A single sign-on would ease authentication management. Antivirus software would reduce the impact of possible viruses; however, unauthorized users would still be able to access the corporate network, which is the biggest risk.
(62) What is the BEST action to
prevent loss of data integrity or confidentiality in the case of an e-commerce
application running on a LAN, processing electronic fund transfers (EFT) and
orders?
A. Using
virtual private network (VPN) tunnels for data transfer
B. Enabling data encryption within the
application
C. Auditing the access control to the
network
D. Logging all changes to access lists
Explanation:
The best way to ensure confidentiality and integrity of data is to encrypt it using virtual private network (VPN) tunnels. This is the most common and convenient way to encrypt the data traveling over the network. Data encryption within the application is less efficient than VPN. The other options are good practices, but they do not directly prevent the loss of data Integrity and confidentiality during communication through a network.
The best way to ensure confidentiality and integrity of data is to encrypt it using virtual private network (VPN) tunnels. This is the most common and convenient way to encrypt the data traveling over the network. Data encryption within the application is less efficient than VPN. The other options are good practices, but they do not directly prevent the loss of data Integrity and confidentiality during communication through a network.
(63) When conducting a
penetration test of an IT system, an organization should be MOST concerned
with:
A. the confidentiality of the report.
B. finding all possible weaknesses on
the system.
C. restoring
all systems to the original state.
D. logging all changes made to the
production system.
Explanation:
All suggested items should be considered by the system owner before agreeing to penetration tests, but the most important task is to be able to restore all systems to their original state. Information that is created and/or stored on the tested systems should be removed from these systems. If for some reason, at the end of the penetration test, this is not possible, all files (with their location) should be identified in the technical report so that the client’s technical staff will be able to remove these after the report has been received.
All suggested items should be considered by the system owner before agreeing to penetration tests, but the most important task is to be able to restore all systems to their original state. Information that is created and/or stored on the tested systems should be removed from these systems. If for some reason, at the end of the penetration test, this is not possible, all files (with their location) should be identified in the technical report so that the client’s technical staff will be able to remove these after the report has been received.
(64) Which of the following
penetration tests would MOST effectively evaluate incident handling and
response capabilities of an organization?
A. Targeted testing
B. External testing
C. internal testing
D. Double-blind
testing
Explanation:
In a double-blind test, the administrator and security staff are not aware of the test, which will result in an assessment of the incident handling and response capability in an organization. In targeted, external, and internal testing, the system administrator and security staff are aware of the tests since they are informed before the start of the tests.
In a double-blind test, the administrator and security staff are not aware of the test, which will result in an assessment of the incident handling and response capability in an organization. In targeted, external, and internal testing, the system administrator and security staff are aware of the tests since they are informed before the start of the tests.
(65) When protecting an
organization’s IT systems, which of the following is normally the next line of
defense after the network firewall has been compromised?
A. Personal firewall
B. Antivirus programs
C. Intrusion
detection system (IDS)
D. Virtual local area network (VLAN)
configuration
Explanation:
An intrusion detection system (IDS) would be the next line of defense after the firewall. It would detect anomalies in the network/server activity and try to detect the perpetrator. Antivirus programs, personal firewalls and VI_AN configurations would be later in the line of defense.
An intrusion detection system (IDS) would be the next line of defense after the firewall. It would detect anomalies in the network/server activity and try to detect the perpetrator. Antivirus programs, personal firewalls and VI_AN configurations would be later in the line of defense.
- Muhammad Idham Azhari
No comments:
Post a Comment