A critical function of a firewall is to act as a:
A. special router that connects the Internet to a LAN.
B. device for preventing authorized users from accessing the
LAN.
C. server used to connect authorized users to private
trusted network resources.
D. proxy server to increase the speed of access to
authorized users.
Answers were Sorted based on User's Feedback
Answer / s. radhakrishnan
Answers: C
The critical function of the firewall is to aloow users
from the internal network to outside network and block all
unauthorised access from outside network.
| Is This Answer Correct ? | 19 Yes | 5 No |
Answer / guest
Answer: B
A firewall is a set of related programs, located at a
network gateway server, that protects the resources of a
private network from users of other networks. An enterprise
with an intranet that allows its workers access to the wider
Internet installs a firewall to prevent outsiders from
accessing its own private data resources and for controlling
the outside resources to which its own users have access.
Basically, a firewall, working closely with a router
program, filters all network packets to determine whether or
not to forward them toward their destination. A firewall
includes or works with a proxy server that makes network
requests on behalf of workstation users. A firewall is often
installed in a specially designated computer separate from
the rest of the network so no incoming request can get
directed to private network resources.
| Is This Answer Correct ? | 5 Yes | 10 No |
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the: A. hardware is protected against power surges. B. integrity is maintained if the main power is interrupted. C. immediate power will be available if the main power is lost. D. hardware is protected against long-term power fluctuations.
The purpose of debugging programs is to: A. generate random data that can be used to test programs before implementing them. B. protect valid changes from being overwritten by other changes during programming. C. define the program development and maintenance costs to be include in the feasibility study. D. ensure that abnormal terminations and coding flaws are detected and corrected.
Which of the following is a benefit of a risk-based approach to audit planning? Audit: A. scheduling may be performed months in advance. B. budgets are more likely to be met by the IS audit staff. C. staff will be exposed to a variety of technologies. D. resources are allocated to the areas of highest concern.
The knowledge base of an expert system that uses questionnaires to lead the user through a series of choices before a conclusion is reached is known as: A. rules. B. decision trees. C. semantic nets. D. data flow diagrams.
A large chain of shops with EFT at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? A. Offsite storage of daily backups B. Alternative standby processor onsite C. Installation of duplex communication links D. Alternative standby processor at another network node
The responsibility, authority and accountability of the IS audit function is documented appropriately in an audit charter and MUST be: A. approved by the highest level of management. B. approved by audit department management. C. approved by user department management. D. changed every year before commencement of IS audits.
Which of the following would enable an enterprise to provide access to its intranet (i.e., extranet) across the Internet to its business partners? A. Virtual private network B. Client-server C. Dial-in access D. Network service provider
Which of the following is the MOST important consideration when developing a business continuity plan for a bank? A. Antivirus software B. Naming standards C. Customer balance list D. Password policy
Which of the following would be MOST appropriate to ensure the confidentiality of transactions initiated via the Internet? A. Digital signature B. Data encryption standard (DES) C. Virtual private network (VPN) D. Public key encryption
To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:
When reviewing a business process reengineering (BPR) project, which of the following is the MOST important for an IS auditor to evaluate? A. The impact of removed controls. B. The cost of new controls. C. The BPR project plans. D. The continuous improvement and monitoring plans.
1. which of the following is used to achieve accountability. a.identification b. authentication c. authorization d. iniation