Which of the following is one most common way that spyware is distributed?

• A.as a trojan horse.
• B.as a virus.
• C.as an Adware.
• D.as a device driver.
• E.as a macro.
• F.None of the choices.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST effective method for dealing with the spreading of a network worm that exploits vulnerability in a protocol?

• A.Install the vendor's security fix for the vulnerability.
• B.Block the protocol traffic in the perimeter firewall.
• C.Block the protocol traffic between internal network segments.
• D.Stop the service until an appropriate security fix is installed.

Comment: *

Name: *

Email: *

Verification: *

Which of the following activities is MOST important to consider when conducting IS audit planning?

• A.The audit committee agrees on risk rankings.
• B.Audit scheduling is based on skill set of audit team.
• C.Resources are allocated to areas of high risk.
• D.Results from previous audits are reviewed.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor has identified that some IT staff have administrative access to the enterprise resource planning (ERP) application, database, and server. IT management has responded that due to limited resources, the same IT staff members have to support all three layers of the ERP application. Which of the following would be the auditor's BEST recommendation to management?

• A.Leverage business unit personnel to serve as administrators of the application.
• B.Remove some of the administrative access of the associated IT staff members.
• C.Request funding to hire additional IT staff to enable segregation of duties.
• D.Monitor activities of the associated IT staff members by reviewing system-generated logs weekly.

Comment: *

Name: *

Email: *

Verification: *

During what process should router access control lists be reviewed?

• A.Environmental review
• B.Network security review
• C.Business continuity review
• D.Data integrity review

Comment: *

Name: *

Email: *

Verification: *