Which of the following refers to any authentication protocol that requires two independent ways to establish identity and privileges?

• A.Strong-factor authentication
• B.Two-factor authentication
• C.Dual-password authentication
• D.Two-passphrases authentication
• E.Dual-keys authentication
• F.Rich-factor authentication

Comment: *

Name: *

Email: *

Verification: *

An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?

• A.Monitoring employees' social networking usage
• B.Establishing strong access controls on confidential data
• C.Requiring policy acknowledgment and nondisclosure agreements (NDAs) signed by employees
• D.Providing education and guidelines to employees on use of social networking sites

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a technique that could be used to capture network user passwords?

• A.Encryption
• B.Sniffing
• C.Spoofing
• D.Data destruction

Comment: *

Name: *

Email: *

Verification: *

An IS auditor reviewing digital rights management (DRM) applications should expect to find an extensive use for which of the following technologies?

• A.Digitalized signatures
• B.Hashing
• C.Parsing
• D.Steganography

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important IS audit consideration when an organization outsources a customer credit review system to a third-party service provider? The provider:

• A.meets or exceeds industry security standards.
• B.agrees to be subject to external security reviews.
• C.has a good market reputation for service and experience.
• D.complies with security policies of the organization.

Comment: *

Name: *

Email: *

Verification: *