An IS auditor concludes that a local area network (LAN) access security satisfactory. In reviewing the work, the audit manager should

• A.Verify that the elements of an agreed upon audit plan have been addressed
• B.Verify user management's agreement with the findings
• C.Re-perform some steps of the audit to verify the quality of the work
• D.Assess whether the auditor had the appropriate skills to perform the work

Comment: *

Name: *

Email: *

Verification: *

.What are trojan horse programs? Choose the BEST answer.

• A.A common form of internal attack
• B.Malicious programs that require the aid of a carrier program such as email
• C.Malicious programs that can run independently and can propagate without the aid of a carrier program such as email
• D.A common form of Internet attack

Comment: *

Name: *

Email: *

Verification: *

Cross-site scripting (XSS) attacks are BEST prevented through:

• A.application firewall policy settings.
• B.a three-tier web architecture.
• C.secure coding practices.
• D.use of common industry frameworks.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is assigned to review the development of a specific application. Which of the following would be the MOST significant step following the feasibility study?

• A.Attend project progress meetings to monitor timely implementation of the application.
• B.Follow up with project sponsor for project's budgets and actual costs.
• C.Review functional design to determine that appropriate controls are planned.
• D.Assist users in the design of proper acceptance-testing procedures.

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the FIRST step m managing the impact of a recently discovered zero-day attack?

• A.Identifying vulnerable assets
• B.Assessing the Impact of vulnerabilities
• C.Estimating potential damage
• D.Evaluating the likelihood of attack

Comment: *

Name: *

Email: *

Verification: *