Answer / s. radhakrishnan

Answers: C

The critical function of the firewall is to aloow users
from the internal network to outside network and block all
unauthorised access from outside network.

Answer / guest

Answer: B

A firewall is a set of related programs, located at a
network gateway server, that protects the resources of a
private network from users of other networks. An enterprise
with an intranet that allows its workers access to the wider
Internet installs a firewall to prevent outsiders from
accessing its own private data resources and for controlling
the outside resources to which its own users have access.
Basically, a firewall, working closely with a router
program, filters all network packets to determine whether or
not to forward them toward their destination. A firewall
includes or works with a proxy server that makes network
requests on behalf of workstation users. A firewall is often
installed in a specially designated computer separate from
the rest of the network so no incoming request can get
directed to private network resources.

An IS auditor has recently discovered that because of a shortage of skilled operations personnel, the security administrator has agreed to work one late-night shift a month as the senior computer operator. The MOST appropriate course of action for the IS auditor is to: A. advise senior management of the risk involved. B. agree to work with the security officer on these shifts as a form of preventative control. C. develop a computer-assisted audit technique to detect instances of abuses of this arrangement. D. review the system log for each of the late-night shifts to determine whether any irregular actions occurred.

1 Answers  

---

Which of the following controls will detect MOST effectively the presence of bursts of errors in network transmissions? A. Parity check B. Echo check C. Block sum check D. Cyclic redundancy check

3 Answers  

---

An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning

2 Answers  

---

Confidential data residing on a PC is BEST protected by: A. a password. B. file encryption. C. removable diskettes. D. a key operated power source.

1 Answers  

---

Which of the following BEST describes an IT department?s strategic planning process? A. The IT department will have either short-range or long-range plans depending on the organization?s broader plans and objectives. B. The IT department?s strategic plan must be time and project oriented, but not so detailed as to address and help determine priorities to meet business needs. C. Long-range planning for the IT department should recognize organizational goals, technological advances and regulatory requirements. D. Short-range planning for the IT department does not need to be integrated into the short-range plans of the organization since technological advances will drive the IT department plans much quicker than organizational plans.

1 Answers  

---

Which of the following controls would provide the GREATEST assurance of database integrity? A. Audit log procedures B. Table link/reference checks C. Query/table access time checks D. Rollback and rollforward database features

1 Answers  

---

Which of the following findings would an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault? A. There are three individuals with a key to enter the area. B. Paper documents also are stored in the offsite vault. C. Data files, which are stored in the vault, are synchronized. D. The offsite vault is located in a separate facility.

1 Answers   Apple,

---

Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with an organization's change control procedures? A. Review software migration records and verify approvals. B. Identify changes that have occurred and verify approvals. C. Review change control documentation and verify approvals. D. Ensure that only appropriate staff can migrate changes into production.

1 Answers  

---

An enterprisewide network security architecture of public key infrastructure (PKI) would be comprised of: A. A public key cryptosystem, private key cryptosystem and digital certificate B. A public key cryptosystem, symmetric encryption and certificate authorities C. A symmetric encryption, digital certificate and kerberos authentication D. A public key cryptosystem, digital certificate and certificate authorities

1 Answers  

---

The MOST significant level of effort for business continuity planning (BCP) generally is required during the: A. testing stage. B. evaluation stage. C. maintenance stage. D. early stages of planning.

2 Answers  

---

Which of the following would an IS auditor place LEAST reliance on when determining management's effectiveness in communicating information systems policies to appropriate personnel? A. Interviews with user and IS personnel B. Minutes of IS steering committee meetings C. User department systems and procedures manuals D.Information processing facilities operations and procedures manuals

1 Answers  

---

To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against: A. the entire message and thereafter enciphering the message digest using the sender's private key. B. any arbitrary part of the message and thereafter enciphering the message digest using the sender's private key. C. the entire message and thereafter enciphering the message using the sender's private key. D. the entire message and thereafter enciphering the message along with the message digest using the sender's private key.

1 Answers  

---