Which of the following observations should be of GREATEST concern to an IS auditor reviewing a large organization's virtualization environment?

• A.Host inspection capabilities have been disabled
• B.An unused printer has been left connected to the host system.
• C.Guest tools have been installed without sufficient access control,
• D.A rootkit was found on the host operating system

Comment: *

Name: *

Email: *

Verification: *

in a controlled application development environment, the MOST important segregation of duties should be between the person who implements changes into the production environment and the:

• A.application programmer
• B.systems programmer
• C.computer operator
• D.quality assurance (QA) personnel

Comment: *

Name: *

Email: *

Verification: *

Creating which of the following is how a hacker can insure his ability to return to the hacked system at will?

• A.rootsec
• B.checksum
• C.CRC
• D.backdoors
• E.None of the choices.

Comment: *

Name: *

Email: *

Verification: *

Assuming this diagram represents an internal facility and the organization is implementing a firewall protection program, where should firewalls be installed?

• A.No firewalls are needed
• B.Op-3 location only
• C.MIS (Global) and NAT2
• D.SMTP Gateway and op-3

Comment: *

Name: *

Email: *

Verification: *

An IS auditor reviewing wireless network security determines that the Dynamic Host Configuration Protocol is disabled at all wireless access points. This practice:

• A.reduces the risk of unauthorized access to the network.
• B.is not suitable for small networks.
• C.automatically provides an IP address to anyone.
• D.increases the risks associated with Wireless Encryption Protocol (WEP).

Comment: *

Name: *

Email: *

Verification: *