Match term to definition
1-77 of 77
Select a definition to match it with its term
An IS auditor has found that employees are emailing sensitive company information to public
web-based email domains. Which of the following is the BEST remediation option for the IS
auditor to recommend?
Give this one a go later!
, Data loss prevention - an automated preventive tool that can block sensitive
information from leaving the network, while at the same time logging offenders.
What is Quality of Service (QoS)?
Give this one a go later!
a set of technologies that work on a network to guarantee its ability to
dependably run high-priority applications and traffic under limited network
capacity. QoS technologies accomplish this by providing differentiated handling
and capacity allocation to specific flows in network traffic.
What is a black box penetration test?
Give this one a go later!
This is when the tester has no prior knowledge of the infrastructure being tested.
A web server is attacked and compromised. Organizational policy states that incident
response should balance containment of an attack with retaining freedom for later legal
action against an attacker. Under the circumstances, which of the following should be
performed FIRST?
Give this one a go later!
, Disconnect the web server from the network.
The GREATEST risk from an improperly implemented intrusion prevention system is:
Give this one a go later!
blocking of critical systems or services due to false triggers.
The reliability of an application system's audit trail may be questionable if:
Give this one a go later!
users can amend audit trail records when correcting system errors.
Which of the following presents an inherent risk with no distinct identifiable preventive
controls?
Give this one a go later!
Data diddling - this is when data is changed prior to entering the computer
system. There are only compensating controls for data diddling.
When installing an intrusion detection system, which of the following is MOST important?
1-77 of 77
Select a definition to match it with its term
An IS auditor has found that employees are emailing sensitive company information to public
web-based email domains. Which of the following is the BEST remediation option for the IS
auditor to recommend?
Give this one a go later!
, Data loss prevention - an automated preventive tool that can block sensitive
information from leaving the network, while at the same time logging offenders.
What is Quality of Service (QoS)?
Give this one a go later!
a set of technologies that work on a network to guarantee its ability to
dependably run high-priority applications and traffic under limited network
capacity. QoS technologies accomplish this by providing differentiated handling
and capacity allocation to specific flows in network traffic.
What is a black box penetration test?
Give this one a go later!
This is when the tester has no prior knowledge of the infrastructure being tested.
A web server is attacked and compromised. Organizational policy states that incident
response should balance containment of an attack with retaining freedom for later legal
action against an attacker. Under the circumstances, which of the following should be
performed FIRST?
Give this one a go later!
, Disconnect the web server from the network.
The GREATEST risk from an improperly implemented intrusion prevention system is:
Give this one a go later!
blocking of critical systems or services due to false triggers.
The reliability of an application system's audit trail may be questionable if:
Give this one a go later!
users can amend audit trail records when correcting system errors.
Which of the following presents an inherent risk with no distinct identifiable preventive
controls?
Give this one a go later!
Data diddling - this is when data is changed prior to entering the computer
system. There are only compensating controls for data diddling.
When installing an intrusion detection system, which of the following is MOST important?
