Interested to Buy Any Domain ? << Click Here >> for more details...
The BEST defense against network eavesdropping is:
A. encryption.
B. moving the defense perimeter outward.
C. reducing the amplitude of the communication signal.
D. masking the signal with noise.
- 1 Answers
- 7653 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
Encryption is the best choice in this situation and
generally protects information from eavesdroppers. Encrypted
strings, with a discernible pattern, can be captured by a
sniffer. This means that due care should be taken even with
encryption. Moving the defense perimeter outward would
entail additional cost as the security coverage would
enlarge. Reducing the amplitude of the communication signal
would result in attenuation of the signal and the recipient
would not receive the information properly. Masking with
noise would cause signal distortion and therefore distortion
in the information received that is not desirable.
| Is This Answer Correct ? | 11 Yes | 1 No |
Which of the following goals would you expect to find in an organization's strategic plan? A. Test a new accounting package. B. Perform an evaluation of information technology needs. C. Implement a new project planning system within the next 12 months. D. Become the supplier of choice within a given time period for the product offered.
Which of the following is a benefit of using callback devices? A. Provide an audit trail B. Can be used in a switchboard environment C. Permit unlimited user mobility D. Allow call forwarding
Where adequate segregation of duties between operations and programming are not achievable, the IS auditor should look for: A. compensating controls. B. administrative controls. C. corrective controls. D. access controls.
Which of the following would be considered a business risk? A. Former employees B. Part-time and temporary personnel C. Loss of competitive edge D. Hackers
An IS auditor finds that not all employees are aware of the enterprise's information security policy. The IS auditor should conclude that: A. this lack of knowledge may lead to unintentional disclosure of sensitive information. B. information security is not critical to all functions. C. IS audit should provide security training to the employees. D. the audit finding will cause management to provide continuous training to staff.
IS auditors who have participated in the development of an application system might have their independence impaired if they: A. perform an application development review. B. recommend control and other system enhancements. C. perform an independent evaluation of the application after its implementation. D. are involved actively in the design and implementation of the application system.
To help mitigate the effects of a denial of service attack, which mechanism can an Internet service provider (ISP) use to identify Internet protocol (IP) packets from unauthorized sources? A. Inbound traffic filtering B. Rate limiting C. Reverse address lookup D. Network performance monitoring
Which of the following systems-based approaches would a financial processing company employ to monitor spending patterns to identify abnormal patterns and report them? A. A neural network B. Database management software C. Management information systems D. Computer assisted audit techniques
During an IT audit of a large bank, an IS auditor observes that no formal risk assessment exercise has been carried out for the various business applications to arrive at their relative importance and recovery time requirements. The risk that the bank is exposed to is that the: A. business continuity plan may not have been calibrated to the relative risk that disruption of each application poses to the organization. B. business continuity plan may not include all relevant applications and therefore may lack completeness in terms of its coverage. C. business impact of a disaster may not have been accurately understood by the management. D. business continuity plan may lack an effective ownership by the business owners of such applications.
The MAIN reason for requiring that all computer clocks across an organization be synchronized is to: A. prevent omission or duplication of transactions. B. ensure smooth data transition from client machines to servers. C. ensure that email messages have accurate time stamps. D. support the incident investigation process.
Which of the following audit techniques would an IS auditor place the MOST reliance on when determining whether an employee practices good preventive and detective security measures? A. Observation B. Detail testing C. Compliance testing D. Risk assessment
Which of the following is the FIRST step in a business process reengineering (BPR) project? A. Defining the areas to be reviewed B. Developing a project plan C. Understanding the process under review D. Reengineering and streamlining the process under review
Cisco Certifications 
