Which of the following provides the framework for designing
and developing logical access controls?
A. Information systems security policy
B. Access control lists
C. Password management
D. System configuration files
- 2 Answers
- 9264 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
The information systems security policy developed and
approved by the top management in an organization is the
basis upon which logical access control is designed and
developed. Access control lists, password management and
systems configuration files are all tools for implementing
the access controls.
| Is This Answer Correct ? | 8 Yes | 2 No |
Answer / edith
When outsourcing, in order to ensure that third-party service providers comply with an organization security policy, which of the following should occur?
| Is This Answer Correct ? | 0 Yes | 1 No |
Which of the following is the MOST likely reason why e-mail systems have become a useful source of evidence for litigation? A. Multiple cycles of backup files remain available. B. Access controls establish accountability for e-mail activity. C. Data classification regulates what information should be communicated via e-mail. D. Within the enterprise, a clear policy for using e-mail ensures that evidence is available.
During a review of a business continuity plan, an IS auditor noticed that the point at which a situation is declared to be a crisis has not been defined. The MAJOR risk associated with this is that: A. assessment of the situation may be delayed. B. execution of the disaster recovery plan could be impacted. C. notification of the teams might not occur. D. potential crisis recognition might be delayed.
Which of the following functions is performed by a virtual private network (VPN)? A. Hiding information from sniffers on the net B. Enforcing security policies C. Detecting misuse or mistakes D. Regulating access
Which tests is an IS auditor performing when certain program is selected to determine if the source and object versions are the same?
A retail company recently installed data warehousing client software at geographically diverse sites. Due to time zone differences between the sites, updates to the warehouse are not synchronized. Which of the following will be affected the MOST? A. Data availability B. Data completeness C. Data redundancy D. Data inaccuracy
The MOST likely explanation for the use of applets in an Internet application is that: A. it is sent over the network from the server. B. the server does not run the program and the output is not sent over the network. C. they improve the performance of both the web server and network. D. it is a JAVA program downloaded through the web browser and executed by the web server of the client machine.
Business continuity/disaster recovery is PRIMARILY the responsibility of: A. IS management. B. business unit managers. C. the security administrator. D. the board of directors.
An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the: A. maintenance of access logs of usage of various system resources. B. authorization and authentication of the user prior to granting access to system resources. C. adequate protection of stored data on servers by encryption or other means. D. accountability system and the ability to identify any terminal accessing system resources.
The difference between a vulnerability assessment and a penetration test is that a vulnerability assessment: A. searches and checks the infrastructure to detect vulnerabilities, whereas penetration testing intends to exploit the vulnerabilities to probe the damage that could result from the vulnerabilities. B. and penetration tests are different names for the same activity. C. is executed by automated tools, whereas penetration testing is a totally manual process. D. is executed by commercial tools, whereas penetration testing is executed by public processes.
Capacity monitoring software is used to ensure: A. maximum use of available capacity. B. that future acquisitions meet user needs. C. concurrent use by a large number of users. D. continuity of efficient operations.
Reconfiguring which of the following firewall types will prevent inward downloading of files through the file transfer protocol (FTP)? A. Circuit gateway B. Application gateway C. Packet filter D. Screening router
The corporate office of a company having branches worldwide, developed a control self-assessment program (CSA) for all its offices. Which of the following is the MOST important requirement for a successful CSA? A. Skills of the workshop facilitator B. Simplicity of the questionnaire C. Support from the audit department D. Involvement of line managers
Cisco Certifications 
