Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?

• A.Review router configuration tables
• B.Test compliance with operating procedures
• C.Perform a system penetration rest
• D.Review access rights.

Comment: *

Name: *

Email: *

Verification: *

Which of the following controls will BEST ensure that the board of directors receives sufficient information about IT?

• A.The CIO regularly sends IT trend reports to the board.
• B.The CIO reports on performance and corrective actions in a timely manner.
• C.Board members are knowledgeable about IT and the CIO is consulted on IT issues.
• D.Regular meetings occur between the board the CIO and a technology committee

Comment: *

Name: *

Email: *

Verification: *

Which of the following observations would an IS auditor consider the GREATEST risk when conducting an audit of a virtual server farm tor potential software vulnerabilities?

• A.A variety of guest operating systems operate on one virtual server
• B.The hypervisor is updated quarterly.
• C.Guest operating systems are updated monthly
• D.Antivirus software has been implemented on the guest operating system only.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor has assessed a payroll service provider's security policy and finds significant topics are
missing. Which of the following is the auditor's BEST course of action?

• A.Recommend the service provider update their policy.
• B.Notify the service provider of the discrepancies.
• C.Report the risk to internal management.
• D.Recommend replacement of the service provider.

Comment: *

Name: *

Email: *

Verification: *

Which of the following network configuration options contains a direct link between any two host machines?

• A.Bus
• B.Ring
• C.Star
• D.Completely connected (mesh)

Comment: *

Name: *

Email: *

Verification: *