Which of the following security risks can be reduced by a property configured network firewall?

• A.SQL injection attacks
• B.Insider attacks
• C.Denial of service (DoS) attacks
• D.Phishing attacks

Comment: *

Name: *

Email: *

Verification: *

The MOST appropriate control to ensure that all orders transmitted from remote locations to the production department are received accurately would be to:

• A.verify that parity checking is still active.
• B.have data transmitted back to the local site for comparison.
• C.send and reconcile transaction counts and totals.
• D.track and account for the numerical sequence of sales orders.

Comment: *

Name: *

Email: *

Verification: *

When reviewing a data classification scheme, it is MOST important for an IS auditor to determine if.

• A.the information owner is required to approve access to the asset
• B.the security criteria are clearly documented for each classification
• C.Senior IT managers are identified as information owner.
• D.each information asset is to a assigned to a different classification.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor discovers that due to resource constraints a database administrator (DBA) is responsible for developing and executing changes into the production environment Which ot the following should the auditor do FIRSTS

• A.Report a potential segregation of duties violation
• B.Determine whether another DBA could make the changes
• C.identify whether any compensating controls exist
• D.Ensure a change management process is followed prior to implementation

Comment: *

Name: *

Email: *

Verification: *

An IS auditor reviewing the risk assessment process of an organization should FIRST:

• A.identify the reasonable threats to the information assets.
• B.analyze the technical and organizational vulnerabilities.
• C.identify and rank the information assets.
• D.evaluate the effect of a potential security breach.

Comment: *

Name: *

Email: *

Verification: *