Chapter 5 Self Assessment 2019 Flashcards
An IS auditor reviewing the configuration of a signature-based intrusion detection system would be MOST concerned if which of the following is discovered?
A. Auto-update is turned off.
B. Scanning for application vulnerabilities is disabled.
C. Analysis of encrypted data packets is disabled.
D. The IDS is placed between the demilitarized zone and the firewall.
A. Auto-update is turned off.
Which of the following BEST provides access control to payroll data being processed on a local server?
A. Logging access to personal information
B. Using separate passwords for sensitive transactions
C. Using software that restricts access rules to authorized staff
D. Restricting system access to business hours
C. Using software that restricts access rules to authorized staff
An IS auditor has just completed a review of an organization that has a mainframe computer and two database servers where all production data reside. Which of the following weaknesses would be considered the MOST serious?
A. The security officer also serves as the database administrator.
B. Password controls are not administered over the two database servers.
C. There is no business continuity plan for the mainframe system’s noncritical applications.
D. Most local area networks do not back up file-server-fixed disks regularly.
B. Password controls are not administered over the two database servers.
An organization is proposing to install a single sign-on facility giving access to all systems. The organization should be aware that:
A. maximum unauthorized access would be possible if a password is disclosed.
B. user access rights would be restricted by the additional security parameters.
C. the security administrator’s workload would increase.
D. user access rights would be increased.
A. maximum unauthorized access would be possible if a password is disclosed.
When reviewing an implementation of a Voice-over Internet Protocol system over a corporate wide area network, an IS auditor should expect to find:
A. an integrated services digital network data link.
B. traffic engineering.
C. wired equivalent privacy encryption of data.
D. analog phone terminals.
B. traffic engineering.
An insurance company is using public cloud computing for one of its critical applications to reduce costs. Which of the following would be of MOST concern to the IS auditor?
A. The inability to recover the service in a major technical failure scenario
B. The data in the shared environment being accessed by other companies
C. The service provider not including investigative support for incidents
D. The long-term viability of the service if the provider goes out of business
B. The data in the shared environment being accessed by other companies
Which of the following BEST determines whether complete encryption and authentication protocols for protecting information while being transmitted exist?
A. A digital signature with RSA has been implemented.
B. Work is being done in tunnel mode with the nested services of authentication header (AH) and encapsulating security payload (ESP).
C. Digital certificates with RSA are being used.
D. Work is being done in transport mode with the nested services of AH and ESP.
B. Work is being done in tunnel mode with the nested services of authentication header (AH) and encapsulating security payload (ESP).
Which of the following concerns about the security of an electronic message would be addressed by digital signatures?
A. Unauthorized reading
B. Theft
C. Unauthorized copying
D. Alteration
D. Alteration
Which of the following characterizes a distributed denial-of-service (DDoS) attack?
A. Central initiation of intermediary computers to direct simultaneous spurious message traffic at a specified target site
B. Local initiation of intermediary computers to direct simultaneous spurious message traffic at a specified target site
C. Central initiation of a primary computer to direct simultaneous spurious message traffic at multiple target sites
D. Local initiation of intermediary computers to direct staggered spurious message traffic at a specified target site
A. Central initiation of intermediary computers to direct simultaneous spurious message traffic at a specified target site
Which of the following is the MOST effective preventive antivirus control?
A. Scanning email attachments on the mail server
B. Restoring systems from clean copies
C. Disabling universal serial bus ports
D. An online antivirus scan with up-to-date virus definitions
D. An online antivirus scan with up-to-date virus definitions
An IS auditor reviewing the log of failed logon attempts would be MOST concerned if which of the following accounts was targeted?
A. Network administrator
B. System administrator
C. Data administrator
D. Database administrator
B. System administrator
A B-C e-commerce web site as part of its information security program wants to monitor, detect and prevent hacking activities and alert the system administrator when suspected activities occur. Which of the following infrastructure components could be used for this purpose?
A. Intrusion detection system
B. Firewalls
C. Routers
D. Asymmetric encryption
A. Intrusion detection system
Tape backup should be used as a recovery strategy when:
A. The RPO is high.
B. The RPO is low.
C. The RTO is low.
D. Fault tolerance is low.
B. The RPO is low.
Which of the following is the best reason to use a hot site?
A. It can be used for long-term processing.
B. It is not a subscription service.
C. There is no additional cost for usage or periodic testing.
D. It is ready for service.
D. It is ready for service.
Which of the following describes the greatest advantage of JBOD?
A. In case of drive failure, only the data on the affected drive is lost.
B. It is superior to disk mirroring.
C. It offers greater performance gains than RAID.
D. Compared to RAID, it offers greater fault tolerance.
A. In case of drive failure, only the data on the affected drive is lost.
