Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is a feature of an intrusion
detection system (IDS)?
A. Gathering evidence on attack attempts
B. Identifying weakness in the policy definition
C. Blocking access to particular sites on the Internet
D. Preventing certain users from accessing specific servers
- 1 Answers
- 5406 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
An IDS can gather evidence on intrusive activity like an
attack or penetration attempt. Identifying weaknesses in the
policy definition is a limitation of an IDS. Choices C and D
are features of firewalls, and choice B requires a manual
review and is, therefore, outside the functionality of IDS.
| Is This Answer Correct ? | 4 Yes | 0 No |
Following the development of an application system, it is determined that several design objectives have not been achieved. This is MOST likely to have been caused by: A. insufficient user involvement. B. early dismissal of the project manager. C. inadequate quality assurance (QA) tools. D. noncompliance with defined approval points.
A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not adequately performing which of the following types of testing? A. Unit testing B. Integration testing C. Design walk-throughs D. Configuration management
Which of the following is a measure of the size of an information system based on the number and complexity of a system's inputs, outputs and files? A. Program evaluation review technique (PERT) B. Rapid application development (RAD) C. Function point analysis (FPA) D. Critical path method (CPM)
The database administrator has recently informed you of the decision to disable certain normalization controls in the database management system (DBMS) software to provide users with increased query performance. This will MOST likely increase the risk of: A. loss of audit trails. B. redundancy of data. C. loss of data integrity. D. unauthorized access to data.
Which of the following would be included in an IS strategic plan? A. Specifications for planned hardware purchases B. Analysis of future business objectives C. Target dates for development projects D. Annual budgetary targets for the IS department
An organization's disaster recovery plan should address early recovery of: A. all information systems processes. B. all financial processing applications. C. only those applications designated by the IS manager. D. processing in priority order, as defined by business management.
An IS auditor reviewing an outsourcing contract of IT facilities would expect it to define the: A. hardware configuration. B. access control software. C. ownership of intellectual property. D. application development methodology.
While copying files from a floppy disk a user introduced a virus into the network. Which of the following would MOST effectively detect the existence of the virus? A: A. scan of all floppy disks before use B. virus monitor on the network file server C. scheduled daily scan of all network drives D. virus monitor on the user's personal computer
During an audit, an IS auditor learns that lengthy and complex passwords are required to reach the network via modem. These passwords were established by an outside provider. The communications software allows users to select a ?remember password? option. What should the IS auditor's PRIMARY recommendation be? A. Disable the save password option and have users record them elsewhere. B. Request that the provider change the dial-in password to a group password. C. Establish and enforce a process to have users change their passwords. D. Allow users to change their passwords to something less complex.
The most likely error to occur when implementing a firewall is: A. incorrectly configuring the access lists. B. compromising the passwords due to social engineering. C. connecting a modem to the computers in the network. D. inadequately protecting the network and server from virus attacks.
Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure with digital certificates for its business-to-consumer transactions via the Internet? A. Customers are widely dispersed geographically, but not the certificate authorities. B. Customers can make their transactions from any computer or mobile device. C. The certificate authority has several data processing subcenters to administrate certificates. D. The organization is the owner of the certificate authority.
Business continuity/disaster recovery is PRIMARILY the responsibility of: A. IS management. B. business unit managers. C. the security administrator. D. the board of directors.
Cisco Certifications 
