CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 80
1. An intrusion detection system should be placed:
A) outside the firewall.
B) on the firewall server.
C) on a screened subnet.
D) on the external router.
2. The BEST reason for an organization to have two discrete firewalls connected directly to the Internet and to the same DMZ would be to:
A) provide in-depth defense.
B) separate test and production.
C) permit traffic load balancing.
D) prevent a denial-of-service attack.
3. An extranet server should be placed:
A) outside the firewall.
B) on the firewall server.
C) on a screened subnet.
D) on the external router.
4. Which of the following is the BEST metric for evaluating the effectiveness of security awareness twining? The number of:
A) password resets.
B) reported incidents.
C) incidents resolved.
D) access rule violations.
5. Security monitoring mechanisms should PRIMARILY:
A) focus on business-critical information.
B) assist owners to manage control risks.
C) focus on detecting network intrusions.
D) record all security violations.
A) outside the firewall.
B) on the firewall server.
C) on a screened subnet.
D) on the external router.
2. The BEST reason for an organization to have two discrete firewalls connected directly to the Internet and to the same DMZ would be to:
A) provide in-depth defense.
B) separate test and production.
C) permit traffic load balancing.
D) prevent a denial-of-service attack.
3. An extranet server should be placed:
A) outside the firewall.
B) on the firewall server.
C) on a screened subnet.
D) on the external router.
4. Which of the following is the BEST metric for evaluating the effectiveness of security awareness twining? The number of:
A) password resets.
B) reported incidents.
C) incidents resolved.
D) access rule violations.
5. Security monitoring mechanisms should PRIMARILY:
A) focus on business-critical information.
B) assist owners to manage control risks.
C) focus on detecting network intrusions.
D) record all security violations.
1. Right Answer: C
Explanation: An intrusion detection system (IDS) should be placed on a screened subnet, which is a demilitarized zone (DMZ). Placing it on the Internet side of the firewall would leave it defenseless. The same would be tmc of placing it on the external router, if such a thing were feasible. Since firewalls should be installed on hardened servers with minimal services enabled, it would be inappropriate to store the IDS on the same physical device.
2. Right Answer: C
Explanation: Having two entry points, each guarded by a separate firewall, is desirable to permit traffic load balancing. As they both connect to the Internet and to the same demilitarized zone (DMZ), such an arrangement is not practical for separating test from production or preventing a denial-of-service attack.
3. Right Answer: C
Explanation: An extranet server should be placed on a screened subnet, which is a demilitarized zone (DMZ). Placing it on the Internet side of the firewall would leave it defenseless. The same would be true of placing it on the external router, although this would not be possible. Since firewalls should be installed on hardened servers with minimal services enabled, it would be inappropriate to store the extranet on the same physical device.
4. Right Answer: B
Explanation: Reported incidents will provide an indicator of the awareness level of staff. An increase in reported incidents could indicate that the staff is paying more attention to security. Password resets and access rule violations may or may not have anything to do with awareness levels. The number of incidents resolved may not correlate to staff awareness.
5. Right Answer: A
Explanation: Security monitoring must focus on business-critical information to remain effectively usable by and credible to business users. Control risk is the possibility that controls would not detect an incident or error condition, and therefore is not a correct answer because monitoring would not directly assist in managing this risk.Network intrusions are not the only focus of monitoring mechanisms; although they should record all security violations, this is not the primary objective.
Explanation: An intrusion detection system (IDS) should be placed on a screened subnet, which is a demilitarized zone (DMZ). Placing it on the Internet side of the firewall would leave it defenseless. The same would be tmc of placing it on the external router, if such a thing were feasible. Since firewalls should be installed on hardened servers with minimal services enabled, it would be inappropriate to store the IDS on the same physical device.
2. Right Answer: C
Explanation: Having two entry points, each guarded by a separate firewall, is desirable to permit traffic load balancing. As they both connect to the Internet and to the same demilitarized zone (DMZ), such an arrangement is not practical for separating test from production or preventing a denial-of-service attack.
3. Right Answer: C
Explanation: An extranet server should be placed on a screened subnet, which is a demilitarized zone (DMZ). Placing it on the Internet side of the firewall would leave it defenseless. The same would be true of placing it on the external router, although this would not be possible. Since firewalls should be installed on hardened servers with minimal services enabled, it would be inappropriate to store the extranet on the same physical device.
4. Right Answer: B
Explanation: Reported incidents will provide an indicator of the awareness level of staff. An increase in reported incidents could indicate that the staff is paying more attention to security. Password resets and access rule violations may or may not have anything to do with awareness levels. The number of incidents resolved may not correlate to staff awareness.
5. Right Answer: A
Explanation: Security monitoring must focus on business-critical information to remain effectively usable by and credible to business users. Control risk is the possibility that controls would not detect an incident or error condition, and therefore is not a correct answer because monitoring would not directly assist in managing this risk.Network intrusions are not the only focus of monitoring mechanisms; although they should record all security violations, this is not the primary objective.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment