Domain 5: Protection of Information Assets (Part 5A) Flashcards
An accuracy measure for a biometric system is:
False acceptance rate
After reviewing its business processes, a large organization is deploying a new web application based on a Voice-over Internet control Protocol technology. Which of the following is the MOST appropriate approach for implementing access control that will facilitate security management of the VoIP web application?
Role-Based Access Control
The BEST filter rule for protecting a network from being used as an amplifier in a denial-of-service attack is to deny all:
outgoing traffic with source addresses external to the network.
The BEST overall quantitative measure of the performance of biometric control devices is
equal-error rate.
A business application system accesses a corporate database using a single ID and password embedded in a program. Which of the following would provide efficient access control over the organization’s data?
Apply role- based permissions within the application system.
A certificate authority (CA) can delegate the processes of:
establishing a link between the requesting entity and its public key.
A characteristic of User Datagram Protocol in network communications is
packets may arrive out of order.
A company has decided to implement an electronic signature scheme based on a public key infrastructure. The user’s private key will be stored on the computer’s hard drive and protected by a password. The MOST significant risk of this approach is::
use of the user’s electronic signature by another person if the password is compromised.
A company is implementing a Dynamic Host Configuration Protocol. Given that the following conditions exist, which represents the GREATEST concern?
Access to a network port is not restricted.
A company is planning to install a network-based intrusion detection system to protect the web site that it hosts. Where should the device be installed?
In the demilitarized zone
Company XYZ has outsourced production support to service provider ABC located in another country. The ABC service provider personnel remotely connect to the corporate network of the XYZ outsourcing entity over the Internet. Which of the following would BEST provide assurance that transmission of information is secure while the production support team at ABC is providing support to XYZ?
Virtual private network tunnel
Company XYZ has outsourced production support to service provider ABC located in another country. The ABC service provider personnel remotely connect to the corporate network of the XYZ outsourcing entity over the Internet. Which of the following would provide the BEST assurance that only authorized users of ABC connect over the Internet for production support to XYZ?
Two-factor authentication
Confidentiality of the data transmitted in a wireless local area network is BEST protected if the session is
encrypted using dynamic keys.
Confidentiality of transmitted data can best be delivered by encrypting the
session key with the receiver’s public key.
A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of receiving financial data and has communicated the site’s address, user ID and password to the financial services company in separate email messages. The company is to transmit its data to the FTP site after manually encrypting the data. The IS auditor’s GREATEST concern with this process is that
the users may not remember to manually encrypt the data before transmission.
The cryptographic hash sum of a message is recalculated by the receiver. This is to ensure:
the integrity of data transmitted by the sender.
A digital signature contains a message digest to
show if the message has been altered after transmission.
Digital signatures require the
signer to have a private key and the receiver to have a public key
Distributed denial-of-service attacks on Internet sites are typically evoked by hackers using which of the following?
Botnets
During a logical access controls review, an IS auditor observes that user accounts are shared. The GREATEST risk resulting from this situation is that
user accountability may not be established.
During a logical access controls review, an IS auditor observes that user accounts are shared. The GREATEST risk resulting from this situation is that
user accountability is not established.
During an access control review for a mainframe application, an IS auditor discovers user security groups without designated owners. The PRIMARY reason that this is a concern to the IS auditor is that without ownership, there is no one with clear responsibility for
approval of user access.
During an audit of an enterprise that is dedicated to e- commerce, the IS manager states that digital signatures are used when receiving communications from customers. To substantiate this, an IS auditor must prove that which of the following is used?:
A hash of the data that is transmitted and encrypted with the customer’s private key
During an audit of a telecommunications system, an IS auditor finds that the risk of intercepting data transmitted to and from remote sites is very high. The MOST effective control for reducing this exposure is
encryption.
During an IS risk assessment of a healthcare organization regarding protected healthcare information (PHI), an IS auditor interviews IS management. Which of the following findings from the interviews would be of MOST concern to the IS auditor?
Staff have to type “[PHI]” in the subject field of email messages to be encrypted.
During an IS audit of a bank, the IS auditor is assessing whether the enterprise properly manages staff member access to the operating system. The IS auditor should determine whether the enterprise performs:
periodic review of user activity logs.
During the review of a biometrics system operation, an IS auditor should FIRST review the stage of:
enrollment.
Email message authenticity and confidentiality is BEST achieved by signing the message using the:
sender’s private key and encrypting the message using the receiver’s public key.
The feature of a digital signature that ensures the sender cannot later deny generating and sending the message is called:
nonrepudiation.
A firewall is being deployed at a new location. Which of the following is the MOST important factor in ensuring a successful deployment?
Testing and validating the rules
The FIRST step in data classification is to:
establish ownership.
From a control perspective, the PRIMARY objective of classifying information assets is to:
establish guidelines for the level of access controls that should be assigned.
The GREATEST benefit of having well- defined data classification policies and procedures is:
a decreased cost of controls.
A hotel has placed a PC in the lobby to provide guests with Internet access. Which of the following presents the GREATEST risk for identity theft?
Session time out is not activated.
A human resources company offers wireless Internet access to its guests, after authenticating with a generic user ID and password. The generic ID and password are requested from the reception desk. Which of the following controls BEST addresses the situation?
The public wireless network is physically segregated from the company network.
The implementation of access controls FIRST requires:
an inventory of IS resources.
In an online banking application, which of the following would BEST protect against identity theft?
Two-factor authentication
In an organization where an IT security baseline has been defined, an IS auditor should FIRST ensure:
sufficiency.
In a public key infrastructure, a registration authority:
verifies information supplied by the subject requesting a certificate.
In a small organization, an employee performs computer operations and, when the situation demands, program modifications. Which of the following should the IS auditor recommend?
Procedures that verify that only approved program changes are implemented
The information security policy that states “each individual must have his/her badge read at every controlled door” addresses which of the following attack methods?
Piggybacking
An internal audit function is reviewing an internally developed common gateway interface script for a web application. The IS auditor discovers that the script was not reviewed and tested by the quality control function. Which of the following types of risk is of GREATEST concern?
Unauthorized access
n transport mode, the use of the Encapsulating Security Payload protocol is advantageous over the authentication header protocol because it provides:
confidentiality.
In what capacity would an IS auditor MOST likely see a hash function applied?
Authentication
In wireless communication, which of the following controls allows the receiving device to verify that the received communications have not been altered in transit?
The use of cryptographic hashes
An IS auditor discovers that the chief information officer (CIO) of an organization is using a wireless broadband modem using global system for mobile communications (GSM) technology. This modem is being used to connect the CIO’s laptop to the corporate virtual private network when the CIO travels outside of the office. The IS auditor should:
do nothing because the inherent security features of GSM technology are appropriate.
An IS auditor discovers that the configuration settings for password controls are more stringent for business users than for IT developers. Which of the following is the BEST action for the IS auditor to take?
Determine whether this is a policy violation and document it.
An IS auditor evaluating logical access controls should FIRST:
obtain an understanding of the security risk to information processing.
An IS auditor finds that conference rooms have active network ports. Which of the following would prevent this discovery from causing concern?
This part of the network is isolated from the corporate network.
An IS auditor inspected a windowless room containing phone switching and networking equipment and documentation binders. The room was equipped with two handheld fire extinguishers—one filled with carbon dioxide (CO2), the other filled with halon. Which of the following should be given the HIGHEST priority in the IS auditor’s report?
Both fire suppression systems present a risk of suffocation when used in a closed room.
An IS auditor is assessing a biometric system used to protect physical access to a data center containing regulated data. Which of the following observations is the GREATEST concern to the auditor?
Data transmitted between the biometric scanners and the access control system do not use a securely encrypted tunnel.
An IS auditor is conducting a postimplementation review of an enterprise’s network. Which of the following findings would be of MOST concern?
Default passwords are not changed when installing network devices.
An IS auditor is evaluating a virtual machine (VM)-based architecture used for all programming and testing environments. The production architecture is a three-tier physical architecture. What is the MOST important IT control to test to ensure availability and confidentiality of the web application in production?
Server configuration has been hardened appropriately.
An IS auditor is reviewing access controls for a manufacturing organization. During the review, the IS auditor discovers that data owners have the ability to change access controls for a low-risk application. The BEST course of action for the IS auditor is to:
not report this issue because discretionary access controls are in place.
An IS auditor is reviewing a manufacturing company and finds that mainframe users at a remote site connect to the mainframe at headquarters over the Internet via Telnet. Which of the following offers the STRONGEST security?
Useofa point-to- point leased line
An IS auditor is reviewing a new web-based order entry system the week before it goes live. The IS auditor has identified that the application, as designed, may be missing several critical controls regarding how the system stores customer credit card information. The IS auditor should FIRST:
verify that security requirements have been properly specified in the project plan.
An IS auditor is reviewing an organization’s controls related to email encryption. The company’s policy states that all sent email must be encrypted to protect the confidentiality of the message because the organization shares nonpublic information through email. In a public key infrastructure implementation properly configured to provide confidentiality. email is:
encrypted with the recipient’s public key and decrypted with the recipient’s private key.
The IS auditor is reviewing an organization’s human resources (HR) database implementation. The IS auditor discovers that the database servers are clustered for high availability, all default database accounts have been removed and database audit logs are kept and reviewed on a weekly basis. What other area should the IS auditor check to ensure that the databases are appropriately secured?
Database initialization parameters are appropriate.
An IS auditor is reviewing an organization’s network operations center (NOC). Which of the following choices is of the GREATEST concern? The use of:
a carbon dioxide- based fire suppression system.
An IS auditor is reviewing a software-based firewall configuration. Which of the following represents the GREATEST vulnerability?
Installation on an operating system configured with default settings.
An IS auditor is reviewing a third-party agreement for a new cloud-based accounting service provider. Which of the following considerations is the MOST important with regard to the privacy of the accounting data?
Return or destruction of information
The IS auditor is reviewing findings from a prior IT audit of a hospital. One finding indicates that the organization was using email to communicate sensitive patient issues. The IT manager indicates that to address this finding, the organization has implemented digital signatures for all email users. What should the IS auditor’s response be?
Digital signatures are not adequate to protect confidentiality.
An IS auditor is reviewing Secure Sockets Layer enabled web sites for the company. Which of the following choices would be the HIGHEST risk?
Self-signed digital certificates
An IS auditor is reviewing system access and discovers an excessive number of users with privileged access. The IS auditor discusses the situation with the system administrator, who states that some personnel in other departments need privileged access and management has approved the access. Which of the following would be the BEST course of action for the IS auditor?
Determine whether compensating controls are in place.
The IS auditor is reviewing the implementation of a storage area network (SAN). The SAN administrator indicates that logging and monitoring is active, hard zoning is used to isolate data from different business units and all unused SAN ports are disabled. The administrator implemented the system, performed and documented security testing during implementation, and is the only user with administrative rights to the system. What should the IS auditor’s initial determination be?
The SAN administrator presents a potential risk.
An IS auditor is reviewing the network infrastructure of a call center and determines that the internal telephone system is based on Voice-over Internet Protocol technology. Which of the following is the GREATEST concern?
Ethernet switches are not protected by uninterrupted power supply units.
An IS auditor is reviewing the physical security controls of a data center and notices several areas for concern. Which of the following areas is the MOST important?
The emergency exit door is blocked.
An IS auditor is reviewing the physical security measures of an organization. Regarding the access card system, the IS auditor should be MOST concerned that:
nonpersonalized access cards are given to the cleaning staff, who use a sign- in sheet but show no proof of identity.
An IS auditor performing an audit has determined that developers have been granted administrative access to the virtual machine management console to manage their own servers used for software development and testing. Which of the following choices would be of MOST concern for the IS auditor?
Developers have the ability to create or de- provision servers.
An IS auditor performing an audit of the newly installed Voice-over Internet Protocol system was inspecting the wiring closets on each floor of a building. What would be the GREATEST concern?
The local area network (LAN) switches are not connected to uninterruptible power supply units.
An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the:
authorization and authentication of the user prior to granting access to system resources.
An IS auditor performing detailed network assessments and access control reviews should FIRST:
determine the points of entry into the network.
An IS auditor reviewing access controls for a client-server environment should FIRST:
identify the network access points.
An IS auditor reviewing a cloud computing environment that is managed by a third party should be MOST concerned when:
the service level agreement does not address the responsibility of the vendor in the case of a security breach.
An IS auditor reviewing the authentication controls of an organization should be MOST concerned if:
system administrators use shared login credentials.
An IS auditor reviewing wireless network security determines that the Dynamic Host Configuration Protocol is disabled at all wireless access points. This practice:
reduces the risk of unauthorized access to the network.
The IS management of a multinational company is considering upgrading its existing virtual private network to support Voice-over Internet Protocol communication via tunneling. Which of the following considerations should be PRIMARILY addressed?
Reliability and quality of service
IS management recently replaced its existing wired local area network with a wireless infrastructure to accommodate the increased use of mobile devices within the organization. This will increase the risk of which of the following attacks?
War driving
An IT auditor is reviewing an organization’s information security policy, which requires encryption of all data placed on universal serial bus (USB) drives. The policy also requires that a specific encryption algorithm be used. Which of the following algorithms would provide the greatest assurance that data placed on USB drives is protected from unauthorized disclosure?
Advanced Encryption Standard
Java applets and Active X controls are distributed programs that execute in the background of a client web browser. This practice is considered reasonable when:
the source of the executable file is certain.
A key IT systems developer has suddenly resigned from an enterprise. Which of the following will be the MOST important action?
Terminate the developer’s logical access to IT resources.
A laptop computer belonging to a company database administrator (DBA) and containing a file of production database passwords has been stolen. What should the organization do FIRST?
Change the database password.
The MOST effective biometric control system is the one with:
the lowest equal-error rate.
The MOST important difference between hashing and encryption is that hashing:
is irreversible.
The MOST serious challenge in the operation of an intrusion detection system is:
filtering false positive alerts.
A new business application has been designed in a large, complex organization and the business owner has requested that the various reports be viewed on a “need to know” basis. Which of the following access control methods would be the BEST method to achieve this requirement?
Role-based
A new business application requires deviation from the standard configuration of the operating system (OS). What activity should the IS auditor recommend to the security manager as a FIRST response?
Assessment of the risk and identification of compensating controls
An online stock trading firm is in the process of implementing a system to provide secure email exchange with its customers. What is the BEST option to ensure confidentiality, integrity and nonrepudiation?
Digital certificates
An organization allows for the use of universal serial bus drives to transfer operational data between offices. Which of the following is the GREATEST risk associated with the use of these devices?
Theft of the devices
An organization can ensure that the recipients of emails from its employees can authenticate the identity of the sender by:
digitally signing all email messages.
An organization has created a policy that defines the types of web sites that users are forbidden to access. What is the MOST effective technology to enforce this policy?
Web content filter
An organization has established a guest network for visitor access. Which of the following should be of GREATEST concern to an IS auditor?
The guest network is not segregated from the production network.
An organization has experienced a large amount of traffic being re-routed from its Voice-over Internet Protocol packet network. The organization believes it is a victim of eavesdropping. Which of the following could result in eavesdropping of VoIP traffic?
Corruption of the Address Resolution Protocol cache in Ethernet switches
An organization has requested that an IS auditor provide a recommendation to enhance the security and reliability of its Voice-over Internet Protocol (VoIP) system and data traffic. Which of the following would meet this objective?
VoIP infrastructure needs to be segregated using virtual local area networks.
An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking?
An application- level gateway
An organization is developing a new web-based application to process orders from customers. Which of the following security measures should be taken to protect this application from hackers?
Perform a web application security review.
An organization is planning to deploy an outsourced cloud-based application that is used to track job applicant data for the human resources department. Which of the following should be the GREATEST concern to an IS auditor?
The cloud provider’s data centers are in multiple cities and countries.
An organization is planning to replace its wired networks with wireless networks. Which of the following would BEST secure the wireless network from unauthorized access?
Implement Wi- Fi Protected Access 2.
An organization is proposing to establish a wireless local area network (WLAN). Management asks the IS auditor to recommend security controls for the WLAN. Which of the following would be the MOST appropriate recommendation?
Physically secure wireless access points to prevent tampering.
An organization is reviewing its contract with a cloud computing provider. For which of the following reasons would the organization want to remove a lock-in clause from the cloud service contract?
Portability
An organization provides information to its supply chain partners and customers through an extranet infrastructure. Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture?
The firewall is placed on top of the commercial operating system with all default installation options.
An organization’s IT director has approved the installation of a wireless local area network access point in a conference room for a team of consultants to access the Internet with their laptop computers. The BEST control to protect the corporate servers from unauthorized access is to ensure that:
the conference room network isona separate virtual local area network.
An organization stores and transmits sensitive customer information within a secure wired network. It has implemented an additional wireless local area network (WLAN) to support general-purpose staff computing needs. A few employees with WLAN access have legitimate business reasons for also accessing customer information. Which of the following represents the BEST control to ensure separation of the two networks?
Install a firewall between the networks.
An organization with extremely high security requirements is evaluating the effectiveness of biometric systems. Which of the following performance indicators is MOST important?
False- acceptance rate
Over the long term, which of the following has the greatest potential to improve the security incident response process?
Simulation exercises performed by incident response team
The potential for unauthorized system access by way of terminals or workstations within an organization’s facility is increased when:
connecting points are available in the facility to connect laptops to the network.
The PRIMARY goal of a web site certificate is:
authentication of the web site that will be surfed.
The PRIMARY purpose of installing data leak prevention software is to:
control confidential documents leaving the internal network.
The PRIMARY reason for using digital signatures is to ensure data:
integrity.
The purpose of a mantrap controlling access to a computer facility is PRIMARILY to:
prevent piggybacking.
The review of router access control lists should be conducted during:
a network security review.
A review of wide area network (WAN) usage discovers that traffic on one communication line between sites, synchronously linking the master and standby database, peaks at 96 percent of the line capacity. An IS auditor should conclude that:
analysis is required to determine if a pattern emerges that results in a service loss for a short period of time.
The risk of dumpster diving is BEST mitigated by:
implementing security awareness training.
The role of the certificate authority (CA) as a third party is to:
confirm the identity of the entity owning a certificate issued by that CA.
The Secure Sockets Layer protocol ensures the confidentiality of a message by using:
symmetric encryption.
Security administration procedures require read-only access to:
security log files.
The technique used to ensure security in virtual private networks is called:
data encapsulation.
There is a concern that the risk of unauthorized access may increase after implementing a single sign-on process. To prevent unauthorized access, the MOST important action is to:
mandate a strong password policy.
This question refers to the following diagram.
Email traffic from the Internet is routed via firewall-1 to the mail gateway. Mail is routed from the mail gateway, via firewall- 2, to the mail recipients in the internal network. Other traffic is not allowed. For example, the firewalls do not allow direct traffic from the Internet to the internal network. The intrusion detection system (IDS) detects traffic for the internal network that did not originate from the mail gateway. The FIRST action triggered by the IDS should be to:
create an entry in the log.
his question refers to the following diagram.
To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system between the:
firewall and the organization’s network.
To ensure that an organization is complying with privacy requirements, an IS auditor should FIRST review:
legal and regulatory requirements.
To protect a Voice-over Internet Protocol infrastructure against a denial-of-service attack, it is MOST important to secure the:
session border controllers.
A Transmission Control Protocol/Internet Protocol (TCP/IP)-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted?
Work is completed in tunnel mode with IP security.
Two-factor authentication can be circumvented through which of the following attacks?
War driving
The use of digital signatures:
validates the source of a message.
The use of residual biometric information to gain unauthorized access is an example of which of the following attacks?
Replay
Validated digital signatures in an email software application will:
help detect spam.
What is a risk associated with attempting to control physical access to sensitive areas such as computer rooms using card keys or locks?
Unauthorized individuals wait for controlled doors to open and walk in behind those authorized.
What is the MOST prevalent security risk when an organization implements remote virtual private network (VPN) access to its network?
Malicious code could be spread across the network.
What method might an IS auditor use to test wireless security at branch office locations?
War driving
When auditing a role-based access control system, the IS auditor noticed that some IT security employees have system administrator privileges on some servers, which allows them to modify or delete transaction logs. Which would be the BEST recommendation that the IS auditor should make?
Write transaction logs in real time to Write Once and Read Many drives.
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the:
hardware is protected against power surges.
When planning an audit of a network setup, an IS auditor should give HIGHEST priority to obtaining which of the following network documentation?
Wiring and schematic diagram
When protecting an organization’s IT systems, which of the following is normally the next line of defense after the network firewall has been compromised?
Intrusion detection system
When reviewing a digital certificate verification process, which of the following findings represents the MOST significant risk?
The certificate revocation list is not current.
When reviewing an intrusion detection system, an IS auditor should be MOST concerned about which of the following?
Low coverage of network traffic
When reviewing an organization’s logical access security to its remote systems, which of the following would be of GREATEST concern to an IS auditor?
Unencrypted passwords are used.
When reviewing the configuration of network devices, an IS auditor should FIRST identify:
the importance of the network devices in the topology.
When reviewing the implementation of a local area network, an IS auditor should FIRST review the:
network diagram.
When reviewing the procedures for the disposal of computers, which of the following should be the GREATEST concern for the IS auditor?
All files and folders on hard disks are separately deleted, and the hard disks are formatted before leaving the organization.
When transmitting a payment instruction, which of the following will help verify that the instruction was not duplicated?
Using a sequence number and time stamp
When using a digital signature, the message digest is computed by the:
sender and receiver both.
When using public key encryption to secure data being transmitted across a network:
the key used to encrypt is public, but the key used to decrypt the data is private.
Which control is the BEST way to ensure that the data in a file have not been changed during transmission?
Hash values
Which of the following antispam filtering methods has the LOWEST possibility of false-positive alerts?
Check-sum based
Which of the following BEST describes the role of a directory server in a public key infrastructure?
Makes other users’ certificates available to applications
Which of the following BEST encrypts data on mobile devices?
Elliptical curve cryptography
Which of the following BEST ensures the integrity of a server’s operating system?
Hardening the server configuration
Which of the following BEST limits the impact of server failures in a distributed environment?
Clustering
Which of the following choices BEST helps information owners to properly classify data?
Training on organizational policies and standards
Which of the following choices is the MOST effective control that should be implemented to ensure accountability for application users accessing sensitive data in the human resource management system (HRMS) and among interfacing applications to the HRMS?
Audit trails
Which of the following components is responsible for the collection of data in an intrusion detection system?
Sensor
Which of the following controls will MOST effectively detect the presence of bursts of errors in network transmissions?
Cyclic redundancy check
Which of the following controls would BEST detect intrusion?
Unsuccessful logon attempts are monitored by the security administrator.
Which of the following controls would be the MOST comprehensive in a remote access network with multiple and diverse subsystems?
Virtual private network
Which of the following cryptography options would increase overhead/cost?
A long asymmetric encryption key is used.
Which of the following environmental controls is appropriate to protect computer equipment against short-term reductions in electrical power?
Power line conditioners
Which of the following exposures associated with the spooling of sensitive reports for offline printing should an IS auditor consider to be the MOST serious?
Unauthorized report copies might be printed.
Which of the following features of a public key infrastructure is MOST closely associated with proving that an online transaction was authorized by a specific customer?
Nonrepudiation
Which of the following findings would be of GREATEST concern to an IS auditor during a review of logical access to an application?
The file storing the application ID password is in cleartext in the production code.
Which of the following functions is performed by a virtual private network?
Hiding information from sniffers on the net
Which of the following groups would create MOST concern to an IS auditor if they have full access to the production database?
Application developers
Which of the following intrusion detection systems will MOST likely generate false alarms resulting from normal network activity?
Statistical-based
Which of the following is a form of two-factor user authentication?
A smart card and personal identification number
Which of the following is an advantage of elliptic curve encryption over RSA encryption?
Computation speed
Which of the following is an effective preventive control to ensure that a database administrator complies with the custodianship of the enterprise’s data?
Segregation of duties
Which of the following is an example of the defense in-depth security principle?
Using a firewall as well as logical access controls on the hosts to control incoming network traffic
Which of the following is an object- oriented technology characteristic that permits an enhanced degree of security over data?
Encapsulation
Which of the following is BEST suited for secure communications within a small group?
Web of trust
Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization’s security policy?
Review the parameter settings.
Which of the following is the BEST control over a guest wireless ID that is given to vendor staff?
Assignment of a renewable user ID which expires daily
Which of the following is the BEST control to prevent the deletion of audit logs by unauthorized individuals in an organization?
Only select personnel should have rights to view or delete audit logs.
Which of the following is the BEST way to minimize unauthorized access to unattended end-user PC systems?
Enforce use of a password- protected screen saver
Which of the following is the GREATEST concern associated with the use of peer-to-peer computing?
Data leakage
Which of the following is the MOST effective control for restricting access to unauthorized Internet sites in an organization?
Routing outbound Internet traffic through a content-filtering proxy server
Which of the following is the MOST effective control over visitor access to a data center?
Visitors are escorted.
Which of the following is the MOST effective control when granting temporary access to vendors?
User accounts are created with expiration dates and are based on services provided.
Which of the following is the MOST important security consideration to an organization that wants to move a business application to external cloud service (PaaS) provided by a vendor?
Classification and categories of data process by the application.
Which of the following is the MOST reliable form of single factor personal identification?
Iris scan
Which of the following is the MOST reliable method to ensure identity of sender for messages transferred across Internet?
Digital certificates
Which of the following is the MOST secure and economical method for connecting a private network over the Internet in a small- to medium-sized organization?
Virtual private network
Which of the following is the MOST secure way to remove data from obsolete magnetic tapes during a disposal?
Degaussing the tapes
Which of the following is the MOST significant function of a corporate public key infrastructure and certificate authority employing X.509 digital certificates?
It binds a digital certificate and its public key to an individual subscriber’s identity.
Which of the following is the responsibility of information asset owners?
Assignment of criticality levels to data
Which of the following line media would provide the BEST security for a telecommunication network?
Dedicated lines
Which of the following manages the digital certificate life cycle to ensure adequate security and controls exist in digital signature applications related to e- commerce?
Certificate authority
Which of the following network components is PRIMARILY set up to serve as a security measure by preventing unauthorized traffic between different segments of the network?
Firewalls
Which of the following preventive controls BEST helps secure a web application?
Developer training
Which of the following provides the GREATEST assurance for database password encryption?
Advanced encryption standard
Which of the following provides the MOST relevant information for proactively strengthening security settings?
Honeypot
Which of the following public key infrastructure (PKI) elements describes procedure for disabling a compromised private key?
Certification practice statement
Which of the following should an IS auditor be MOST concerned about in a financial application?
Programmers have access to the production database.
Which of the following should be a concern for an IS auditor reviewing an organization’s cloud computing strategy which is based on a software as a service (SaaS) model with an external provider?
Incident handling procedures with the provider are not well defined.
Which of the following types of firewalls provide the GREATEST degree and granularity of control?
Application gateway
Which of the following types of firewalls would BEST protect a network from an Internet attack?
Screened subnet firewall
Which of the following types of penetration tests simulates a real attack and is used to test incident handling and response capability of the target?
Double-blind testing
Which of the following types of transmission media provide the BEST security against unauthorized access?
Fiber-optic cables
Which of the following will BEST maintain the integrity of a firewall log?
Sending log information to a dedicated third- party log server
Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure with digital certificates for its business- to-consumer transactions via the Internet?
The organization is the owner of the CA.
Which of the following would be BEST prevented by a raised floor in the computer machine room?
Damage of wires around computers and servers
Which of the following would be of MOST concern to an IS auditor reviewing a virtual private network implementation? Computers on the network that are located:
in employees’ homes.
Which of the following would BEST ensure continuity of a wide area network across the organization?
Built-in alternative routing
Which of the following would be the BEST access control procedure?
The data owner formally authorizes access and an administrator implements the user authorization tables.
Which of the following would be the BEST overall control for an Internet business looking for confidentiality, reliability and integrity of data?
Secure Sockets Layer
Which of the following would effectively verify the originator of a transaction?
Digitally signing the transaction with the source’s private key
Which of the following would MOST effectively enhance the security of a challenge-response based authentication system?
Implementing measures to prevent session hijacking attacks
Which one of the following can be used to provide automated assurance that proper data files are being used during processing?
File header record
While auditing an internally developed web application, an IS auditor determines that all business users share a common access profile. Which of the following is the MOST relevant recommendation to prevent the risk of unauthorized data modification?
Customize user access profiles per job responsibility.
With the help of a security officer, granting access to data is the responsibility of:
data owners.
