To prevent an organization's computer systems from becoming
part of a distributed denial-of-service attack, IP packets
containing addresses that are listed as unroutable can be
isolated by:
A. establishing outbound traffic filtering.
B. enabling broadcast blocking.
C. limiting allowable services.
D. network performance monitoring.
- 2 Answers
- 5358 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Routers programmed with outbound traffic filtering, drop
outbound packets that contain addresses from other than the
user's organization, including source addresses that can not
be routed. Broadcast blocking can be done by filtering
routers or firewalls. When programmed, IP packets coming
from the Internet and using an address that broadcasts to
every computer on the destination organization's network can
be dropped. Firewalls and filtering routers can be
programmed to limit services not allowed by policy and can
help prevent use of the company's systems. However, this
will not isolate packets that can not be routed. Network
performance monitoring is a way to monitor system
performance for potential intrusions on a real-time basis
and could help identify unusual traffic volumes.
| Is This Answer Correct ? | 5 Yes | 0 No |
An IS auditor performing an application maintenance audit would review the log of program changes for the: A. authorization for program changes. B. creation date of a current object module. C. number of program changes actually made. D. creation date of a current source program.
Which of the following message services provides the strongest protection that a specific action has occurred? A. Proof of delivery B. Nonrepudiation C. Proof of submission D. Message origin authentication
Which of the following is an advantage of an integrated test facility (ITF)? A. It uses actual master files or dummies and the IS auditor does not have to review the source of the transaction. B. Periodic testing does not require separate test processes. C. It validates application systems and tests the ongoing operation of the system. D. It eliminates the need to prepare test data.
An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely: A. check to ensure the type of transaction is valid for that card type. B. verify the format of the number entered then locate it on the database. C. ensure that the transaction entered is within the cardholder's credit limit. D. confirm that the card is not shown as lost or stolen on the master file.
Which of the following would help to ensure the portability of an application connected to a database? The: A. verification of database import and export procedures. B. usage of a structured query language (SQL). C. analysis of stored procedures/triggers. D. synchronization of the entity-relation model with the database physical schema.
A team conducting a risk analysis is having difficulty projecting the financial losses that could result from a risk. To evaluate the potential losses the team should: A. compute the amortization of the related assets. B. calculate a return on investment (ROI). C. apply a qualitative approach. D. spend the time needed to define exactly the loss amount.
The success of control self-assessment (CSA) depends highly on: A. Having line managers assume a portion of the responsibility for control monitoring. B. Assigning staff managers the responsibility for building, but not monitoring, controls. C. The implementation of stringent control policy and rule- driven controls. D. The implementation of supervision and the monitoring of control assigned duties
Access rules normally are included in which of the following documentation categories? A. Technical reference documentation B. User manuals C. Functional design specifications D. System development methodology documents
While reviewing an ongoing project, the IS auditor notes that the development team has spent eight hours of activity on the first day against a budget of 24 hours (over three days). The projected time to complete the remainder of the activity is 20 hours. The IS auditor should report that the project: A. is behind schedule. B. is ahead of schedule. C. is on schedule. D. cannot be evaluated until the activity is completed.
Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly? A. Field checks B. Control totals C. Reasonableness checks D. A before-and-after maintenance report
During an audit of an enterprise that is dedicated to e-commerce, the IS manager states that digital signatures are used in the establishment of its commercial relations. To substantiate this, the IS auditor must prove that which of the following is used? A. A biometric, digitalized and encrypted parameter with the customer's public key B. A hash of the data that is transmitted and encrypted with the customer's private key C. A hash of the data that is transmitted and encrypted with the customer's public key D. The customer's scanned signature, encrypted with the customer's public key
Which of the following audit procedures would an IS auditor be LEAST likely to include in a security audit? A. Review the effectiveness and utilization of assets. B. Test to determine that access to assets is adequate. C. Validate physical, environmental and logical access policies per job profiles. D. Evaluate asset safeguards and procedures that prevent unauthorized access to the assets.
Cisco Certifications 
