During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?

• A.Retest the control.
• B.Notify the chair of the audit committee.
• C.Close the audit finding.
• D.Notify the audit manager.

Comment: *

Name: *

Email: *

Verification: *

A penetration test performed as part of evaluating network security:

• A.provides assurance that all vulnerabilities are discovered.
• B.should be performed without warning the organization's management.
• C.exploits the existing vulnerabilities to gain unauthorized access.
• D.would not damage the information assets when performed at network perimeters.

Comment: *

Name: *

Email: *

Verification: *

Cisco IOS based routers perform basic traffic filtering via which of the following mechanisms?

• A.datagram scanning
• B.access lists
• C.stateful inspection
• D.state checking
• E.link progressing
• F.None of the choices.

Comment: *

Name: *

Email: *

Verification: *

In order to properly protect against unauthorized disclosure of sensitive data, how should hard disks be sanitized?

• A.The data should be deleted and overwritten with binary 0s.
• B.The data should be demagnetized.
• C.The data should be low-level formatted.
• D.The data should be deleted.

Comment: *

Name: *

Email: *

Verification: *

The optimum business continuity strategy for an entity is determined by the:

• A.lowest downtime cost and highest recovery cost.
• B.lowest sum of downtime cost and recovery cost.
• C.lowest recovery cost and highest downtime cost.
• D.average of the combined downtime and recovery cost.

Comment: *

Name: *

Email: *

Verification: *