Interested to Buy Any Domain ? << Click Here >> for more details...
An organization is considering connecting a critical
PC-based system to the Internet. Which of the following
would provide the BEST protection against hacking?
A. An application-level gateway
B. A remote access server
C. A proxy server
D. Port scanning
- 2 Answers
- 6121 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
"An application-level gateway is the best way to protect
against hacking because it can define with detail rules that
describe the type of user or connection that is, or is not
permitted. It analyzes in detail each package, not only in
layers one through four of the OSI model but also layers
five through seven, which means that it reviews the commands
of each higher level protocol (HTTP, FTP, SNMP, etc.) For a
remote access server there is a device (server) asking for
username and passwords before entering the network. This is
good when accessing private networks, but it can be mapped
or scanned from the Internet creating security exposure.
Proxy servers can provide protection based on the IP address
and ports. However, an individual is needed who really knows
how to do this, and second applications can use different
ports for the different sections of their program. Port
scanning works when there is a very specific task to do, but
not when trying to control what comes from the Internet (or
when all the ports available need to be controlled somehow).
For example, the port for "
Ping"
(echo request) could be blocked and the IP addresses would
be available for the application and browsing,
| Is This Answer Correct ? | 3 Yes | 0 No |
The Correct answer is A
A. An application-level gateway is the best way to protect against hacking because it can be configured with detailed rules that describe the type of user or connection that is or is not permitted. It analyzes, in detail, each package—not only in layers one through four of the Open System Interconnection (OSI) model, but also layers five through seven, which means that it reviews the commands of each higher-level protocol (Hypertext Transmission Protocol [HTTP], File Transfer Protocol [FTP], Simple Network Management Protocol [SNMP], etc.).
B. For a remote access server, there is a device (server) that asks for a username and password before entering the network. This is good when accessing private networks, but it can be mapped or scanned from the Internet, creating security exposure.
C. Proxy servers can provide excellent protection, but depending on the type of proxy, they may not be able to examine traffic as effectively as an application gateway. For proxy servers to work, an individual is needed who really knows how to do this, and applications can use different ports for the different sections of the program.
D. Port scanning is used to detect vulnerabilities or open ports on a network, but not when trying to control what comes from the Internet, or when all the ports available need to be controlled. For example, the port for Ping (echo request) could be blocked and the IP addresses would be available for the application and browsing but would not respond to Ping.
| Is This Answer Correct ? | 2 Yes | 0 No |
A decision support system (DSS): A. is aimed at solving highly structured problems. B. combines the use of models with nontraditional data access and retrieval functions. C. emphasizes flexibility in the decision making approach of users. D. supports only structured decision-making tasks.
The quality assurance group is typically responsible for: A. ensuring that the output received from system processing is complete. B. monitoring the execution of computer processing tasks. C. ensuring that programs and program changes and documentation adhere to established standards. D. designing procedures to protect data against accidental disclosure, modification or destruction.
Which of the following IT governance best practices improves strategic alignment? A. Supplier and partner risks are managed. B. A knowledge base on customers, products, markets and processes is in place C. A structure is provided that facilitates the creation and sharing of business information. D. Top management mediate between the imperatives of business and technology
In regard to moving an application program from the test environment to the production environment, the BEST control would be provided by having the: A. application programmer copy the source program and compiled object module to the production libraries. B. as paul says, C. production control group compile the object module to the production libraries using the source program in the test environment. D. production control group copy the source program to the production libraries and then compile the program.
A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of receiving financial data and has communicated the site's address, user ID and password to the financial services company in separate email messages. The company is to transmit its data to the FTP site after manually encrypting the data. The IS auditor's GREATEST concern with this process is that: A. the users may not remember to manually encrypt the data before transmission. B. the site credentials were sent to the financial services company via email. C. personnel at the consulting firm may obtain access to sensitive data. D. the use of a shared user ID to the FTP site does not allow for user accountability.
Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.
During which phase of a system development process should an IS auditor first raise the issue of application controls? A. Construction B. System design C. Acceptance testing D. Functional specification
Which of the following is a benefit of using callback devices? A. Provide an audit trail B. Can be used in a switchboard environment C. Permit unlimited user mobility D. Allow call forwarding
The feature of a digital signature that ensures the sender cannot later deny generating and sending the message is: A. data integrity. B. authentication. C. nonrepudiation. D. replay protection.
An IS auditor is auditing the controls relating to employee termination. Which of the following is the MOST important aspect to be reviewed? A. The related company staff are notified about the termination B. User ID and passwords of the employee have been deleted C. The details of employee have been removed from active payroll files D. Company property provided to the employee has been returned
Passwords should be: A. assigned by the security administrator. B. changed every 30 days at the discretion of the user. C. reused often to ensure the user does not forget the password. D. displayed on the screen so that the user can ensure that it has been entered properly.
The PRIMARY objective of an IS audit function is to: A. determine whether everyone uses IS resources according to their job description. B. determine whether information systems safeguard assets, and maintain data integrity. C. examine books of accounts and relative documentary evidence for the computerized system. D. determine the ability of the organization to detect fraud.
Cisco Certifications 
