If inadequate, which of the following would be the MOST
likely contributor to a denial-of-service attack?
A. Router configuration and rules
B. Design of the internal network
C. Updates to the router system software
D. Audit testing and review techniques
- 2 Answers
- 6459 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Inadequate router configuration and rules would lead to an
exposure to denial-of-service attacks. Choices B and C would
be lesser contributors. Choice D is incorrect because audit
testing and review techniques are applied after the fact.
| Is This Answer Correct ? | 6 Yes | 0 No |
To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:
The Primary purpose of audit trails is to
Which of the following group/individuals should assume overall direction and responsibility for costs and timetables of system development projects? A. User management B. Project steering committee C. Senior management D. Systems development management
The extent to which data will be collected during an IS audit should be determined, based on the: A. availability of critical and required information. B. auditor's familiarity with the circumstances. C. auditee's ability to find relevant evidence. D. purpose and scope of the audit being done.
In regard to moving an application program from the test environment to the production environment, the BEST control would be provided by having the: A. application programmer copy the source program and compiled object module to the production libraries. B. as paul says, C. production control group compile the object module to the production libraries using the source program in the test environment. D. production control group copy the source program to the production libraries and then compile the program.
The document used by the top management of organizations to delegate authority to the IS audit function is the: A. long-term audit plan. B. audit charter. C. audit planning methodology. D. steering committee minutes.
The knowledge base of an expert system that uses questionnaires to lead the user through a series of choices before a conclusion is reached is known as: A. rules. B. decision trees. C. semantic nets. D. data flow diagrams.
The device that connects two networks at the highest level of the ISO-OSI framework ( i.e., application layer) is a A. Gateway B. Router C. Bridge D. Brouter
A utility is available to update critical tables in case of data inconsistency. This utility can be executed at the OS prompt or as one of menu options in an application. The BEST control to mitigate the risk of unauthorized manipulation of data is to: A. delete the utility software and install it as and when required. B. provide access to utility on a need-to-use basis. C. provide access to utility to user management D. define access so that the utility can be only executed in menu option.
Which of the following is the BEST form of transaction validation? A. Use of key field verification techniques in data entry B. Use of programs to check the transaction against criteria set by management C. Authorization of the transaction by supervisory personnel in an adjacent department D. Authorization of the transaction by a department supervisor prior to the batch process
Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.
Which of the following will help detect changes made by an intruder to the system log of a server? A. Mirroring of the system log on another server B. Simultaneously duplicating the system log on a write-once disk C. Write protecting the directory containing the system log D. Storing the backup of the system log offsite
Cisco Certifications 
