Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Domain 5.1 Auditing Information Asset Protection > 7: Auditing Vulnerabilities Management > Flashcards

7: Auditing Vulnerabilities Management Flashcards

1
Q

Alert management

A

The IS auditor should determine if the organization actively searches for or subscribes to security alert bulletins. The auditor should examine procedures and records to see if any alert bulletins result in responsive actions such as applied security patches or configuration changes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Infrastructure penetration testing

A

The IS auditor should determine if the organization performs any penetration testing on its own network and system infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Application penetration testing

A

The IS auditor should determine if the organization performs any application penetration testing on its software applications to identify vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Patch management

A

The IS auditor should examine procedures and records to determine if the organization performs any patch management activities.

The auditor should determine if patches are tested on nonproduction environment systems to understand their impact.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Domain 5.1 Auditing Information Asset Protection (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions