Which of the following recommendations by an IS auditor is the BEST control to protect an organization's corporate network from the guest wireless network?

• A.Place the guest network in its own virtual local area network (VLAN)
• B.Ensure the guest access point is running the latest software
• C.Hide the service set identifier (SSID) of the guest network
• D.Authenticate devices connecting to the guest network

Comment: *

Name: *

Email: *

Verification: *

In the process of evaluating program change controls, an IS auditor would use source code comparison software to:

• A.examine source program changes without information from IS personnel.
• B.detect a source program change made between acquiring a copy of the source and the comparison run.
• C.confirm that the control copy is the current version of the production program.
• D.ensure that all changes made in the current source copy are detected.

Comment: *

Name: *

Email: *

Verification: *

When auditing a proxy-based firewall, an IS auditor should:

• A.verify that the firewall is not dropping any forwarded packets.
• B.review Address Resolution Protocol (ARP) tables for appropriate mapping between media access control (MAC) and IP addresses.
• C.verify that the filters applied to services such as HTTP are effective.
• D.test whether routing information is forwarded by the firewall.

Comment: *

Name: *

Email: *

Verification: *

During the planning stage of a compliance audit an IS auditor discovers that a bank's Inventory of compliance requirements does not include recent regulatory changes related to managing data risk. What should the auditor do FIRST?

• A.Report the missing regulatory updates to the chief information officer (CIO)
• B.Exclude recent regulatory changes from the audit scope
• C.Discuss potential regulatory issues with the legal department.
• D.Ask management why the regulatory changes have not been included

Comment: *

Name: *

Email: *

Verification: *

When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the:

• A.hardware is protected against power surges.
• B.integrity is maintained if the main power is interrupted.
• C.immediate power will be available if the main power is lost.
• D.hardware is protected against long-term power fluctuations.

Comment: *

Name: *

Email: *

Verification: *