To prevent an organization's computer systems from becoming
part of a distributed denial-of-service attack, IP packets
containing addresses that are listed as unroutable can be
isolated by:
A. establishing outbound traffic filtering.
B. enabling broadcast blocking.
C. limiting allowable services.
D. network performance monitoring.
Answer / guest
Answer: A
Routers programmed with outbound traffic filtering, drop
outbound packets that contain addresses from other than the
user's organization, including source addresses that can not
be routed. Broadcast blocking can be done by filtering
routers or firewalls. When programmed, IP packets coming
from the Internet and using an address that broadcasts to
every computer on the destination organization's network can
be dropped. Firewalls and filtering routers can be
programmed to limit services not allowed by policy and can
help prevent use of the company's systems. However, this
will not isolate packets that can not be routed. Network
performance monitoring is a way to monitor system
performance for potential intrusions on a real-time basis
and could help identify unusual traffic volumes.
Is This Answer Correct ? | 6 Yes | 0 No |
hello all i want to do cisa certification but dont have knowledge of auditing. i m fresher and ccna certified. so, please advice me how should i prepare .and having cisa certification is it easy to get a job. please reply as soon as possible.
A data warehouse is: A. object orientated. B. subject orientated. C. departmental specific. D. a volatile databases.
The process of using interpersonal communication skills to get unauthorized access to company assets is called: A. wire tapping. B. trap doors. C. war dialing. D. social engineering.
An IS auditor who is reviewing application run manuals would expect them to contain: A. details of source documents. B. error codes and their recovery actions. C. program logic flowcharts and file definitions. D. change records for the application source code.
The database administrator has recently informed you of the decision to disable certain normalization controls in the database management system (DBMS) software to provide users with increased query performance. This will MOST likely increase the risk of: A. loss of audit trails. B. redundancy of data. C. loss of data integrity. D. unauthorized access to data.
A request for a change to a report format in a module (subsystem) was made. After making the required changes, the programmer should carry out: A. unit testing. B. unit and module testing. C. unit, module and regression testing. D. module testing.
To prevent unauthorized entry to the data maintained in a dial-up fast response system, an IS auditor should recommend: A. online terminals be placed in restricted areas. B. online terminals be equipped with key locks. C. ID cards be required to gain access to online terminals. D. online access be terminated after three unsuccessful attempts.
A decision support system (DSS): A. is aimed at solving highly structured problems. B. combines the use of models with nontraditional data access and retrieval functions. C. emphasizes flexibility in the decision making approach of users. D. supports only structured decision-making tasks.
As a business process reengineering (BPR) project takes hold it is expected that: A. business priorities will remain stable. B. information technologies will not change. C. the process will improve product, service and profitability. D. input from clients and customers will no longer be necessary.
Which of the following would be the LEAST likely indication that complete or selected outsourcing of IS functions should be considered? A. The applications development backlog is greater than three years. B. It takes one year to develop and implement a high-priority system. C. More than 60 percent of programming costs are spent on system maintenance. D. Duplicate information systems functions exist at two sites.
Which of the following is a dynamic analysis tool for the purpose of testing software modules? A. Blackbox test B. Desk checking C. Structured walk-through D. Design and code
The PRIMARY purpose of compliance tests is to verify whether: A. controls are implemented as prescribed. B. documentation is accurate and current. C. access to users is provided as specified. D. data validation procedures are provided.