CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 87
1. Which of the following technologies is utilized to ensure that an individual connecting to a corporate internal network over the Internet is not an intruder masquerading as an authorized user?
A) Intrusion detection system (IDS)
B) IP address packet filtering
C) Two-factor authentication
D) Embedded digital signature
2. What is an appropriate frequency for updating operating system (OS) patches on production servers?
A) During scheduled rollouts of new applications
B) According to a fixed security patch management schedule
C) Concurrently with quarterly hardware maintenance
D) Whenever important security patches are released
3. Which of the following devices should be placed within a DMZ?
A) Proxy server
B) Application server
C) Departmental server
D) Data warehouse server
4. A border router should be placed on which of the following?
A) Web server
B) IDS server
C) Screened subnet
D) Domain boundary
5. An e-commerce order fulfillment web server should generally be placed on which of the following?
A) Internal network
B) Demilitarized zone (DMZ)
C) Database server
D) Domain controller
A) Intrusion detection system (IDS)
B) IP address packet filtering
C) Two-factor authentication
D) Embedded digital signature
2. What is an appropriate frequency for updating operating system (OS) patches on production servers?
A) During scheduled rollouts of new applications
B) According to a fixed security patch management schedule
C) Concurrently with quarterly hardware maintenance
D) Whenever important security patches are released
3. Which of the following devices should be placed within a DMZ?
A) Proxy server
B) Application server
C) Departmental server
D) Data warehouse server
4. A border router should be placed on which of the following?
A) Web server
B) IDS server
C) Screened subnet
D) Domain boundary
5. An e-commerce order fulfillment web server should generally be placed on which of the following?
A) Internal network
B) Demilitarized zone (DMZ)
C) Database server
D) Domain controller
1. Right Answer: C
Explanation: Two-factor authentication provides an additional security mechanism over and above that provided by passwords alone. This is frequently used by mobile users needing to establish connectivity to a corporate network. IP address packet filtering would protect against spoofing an internal address but would not provide strong authentication. An intrusion detection system (IDS) can be used to detect an external attack but would not help in authenticating a user attempting to connect. Digital signatures ensure that transmitted information can be attributed to the named sender.
2. Right Answer: D
Explanation: Patches should be applied whenever important security updates are released. They should not be delayed to coincide with other scheduled rollouts or maintenance. Due to the possibility of creating a system outage, they should not be deployed during critical periods of application activity such as month-end or quarter-end closing.
3. Right Answer: B
Explanation: An application server should normally be placed within a demilitarized zone (DMZ) to shield the internal network. Data warehouse and departmental servers may contain confidential or valuable data and should always be placed on the internal network, never on a DMZ that is subject to compromise. A proxy server forms the inner boundary of the DMZ but is not placed within it.
4. Right Answer: D
Explanation: A border router should be placed on a (security) domain boundary. Placing it on a web server or screened subnet, which is a demilitarized zone (DMZ) would not provide any protection. Border routers are positioned on the boundary of the network, but do not reside on a server.
5. Right Answer: B
Explanation: An e-commerce order fulfillment web server should be placed within a DMZ to protect it and the internal network from external attack. Placing it on the internal network would expose the internal network to potential attack from the Internet. Since a database server should reside on the internal network, the same exposure would exist. Domain controllers would not normally share the same physical device as a web server.
Explanation: Two-factor authentication provides an additional security mechanism over and above that provided by passwords alone. This is frequently used by mobile users needing to establish connectivity to a corporate network. IP address packet filtering would protect against spoofing an internal address but would not provide strong authentication. An intrusion detection system (IDS) can be used to detect an external attack but would not help in authenticating a user attempting to connect. Digital signatures ensure that transmitted information can be attributed to the named sender.
2. Right Answer: D
Explanation: Patches should be applied whenever important security updates are released. They should not be delayed to coincide with other scheduled rollouts or maintenance. Due to the possibility of creating a system outage, they should not be deployed during critical periods of application activity such as month-end or quarter-end closing.
3. Right Answer: B
Explanation: An application server should normally be placed within a demilitarized zone (DMZ) to shield the internal network. Data warehouse and departmental servers may contain confidential or valuable data and should always be placed on the internal network, never on a DMZ that is subject to compromise. A proxy server forms the inner boundary of the DMZ but is not placed within it.
4. Right Answer: D
Explanation: A border router should be placed on a (security) domain boundary. Placing it on a web server or screened subnet, which is a demilitarized zone (DMZ) would not provide any protection. Border routers are positioned on the boundary of the network, but do not reside on a server.
5. Right Answer: B
Explanation: An e-commerce order fulfillment web server should be placed within a DMZ to protect it and the internal network from external attack. Placing it on the internal network would expose the internal network to potential attack from the Internet. Since a database server should reside on the internal network, the same exposure would exist. Domain controllers would not normally share the same physical device as a web server.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment