Which of the following will help detect changes made by an
intruder to the system log of a server?
A. Mirroring of the system log on another server
B. Simultaneously duplicating the system log on a write-once
disk
C. Write protecting the directory containing the system log
D. Storing the backup of the system log offsite
- 1 Answers
- 9141 Views
- Orange, I also Faced
- E-Mail Answers
Answer / guest
Answer: B
A write-once CD cannot be overwritten. Therefore, the system
log duplicated on the disk could be compared to the original
log to detect differences, which could be the result of
changes made by an intruder. Write protecting the system log
does not prevent deletion or modification, since the
superuser can override the write protection. Backup and
mirroring may overwrite earlier files and may not be current.
| Is This Answer Correct ? | 11 Yes | 0 No |
During a review of the controls over the process of defining IT service levels, an IS auditor would MOST likely interview the: A. systems programmer. B. legal staff. C. business unit manager. D. application programmer.
Linux is an __________ operating system
Peer reviews to detect software errors during a program development activity are called: A. emulation techniques. B. structured walk-throughs. C. modular program techniques. D. top-down program construction.
Which of the following should be included in an organization's IS security policy? A. A list of key IT resources to be secured B. The basis for access authorization C. Identity of sensitive security features D. Relevant software security features
An organization is moving its application maintenance in-house from an outside source. Which of the following should be the main concern of an IS auditor? A. Regression testing B. Job scheduling C. User manuals D. Change control procedures
Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation? A. Specific developments only B. Business requirements only C. All phases of the installation must be documented D. No need to develop a customer specific documentation
The PRIMARY objective of an IS audit function is to: A. determine whether everyone uses IS resources according to their job description. B. determine whether information systems safeguard assets, and maintain data integrity. C. examine books of accounts and relative documentary evidence for the computerized system. D. determine the ability of the organization to detect fraud.
An IS auditor performing an audit of the company's IS strategy would be LEAST likely to: A. assess IS security procedures. B. review both short- and long-term IS strategies. C. interview appropriate corporate management personnel. D. ensure that the external environment has been considered.
A disaster recovery plan (DRP) for an organization should: A. reduce the length of the recovery time and the cost of recovery. B. increase the length of the recovery time and the cost of recovery. C. reduce the duration of the recovery time and increase the cost of recovery. D. not affect the recovery time nor the cost of recovery.
In a web server, a common gateway interface (CGI) is MOST often used as a(n): A. consistent way for transferring data to the application program and back to the user. B. computer graphics imaging method for movies and TV. C. graphic user interface for web design. D. interface to access the private gateway domain.
To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.
The PRIMARY benefit of database normalization is the: A. minimization redundancy of information in tables required to satisfy users? needs. B. ability to satisfy more queries. C. maximization of database integrity by providing information in more than one table. D. minimization of response time through faster processing of information.
Cisco Certifications 
