Certified Information Systems Auditor (CISA) Question:

An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses wireless transport layer security (WTLS) and secure socket layers (SSL) technology for protecting their customers payment information. The IS auditor should be MOST concerned, if a hacker:

CISA Interview Question
CISA Interview Question

Answer:

1. compromised the wireless application protocol (WAP) gateway.
2. installed a sniffing program in front of the server.
3. stole a customer's PDA.
4. listened to the wireless transmission.

Answer: A


Previous QuestionNext Question
An IS auditor is performing an audit of a network operating system. Which of the following is a user feature the IS auditor should review?An organization provides information to its supply-chain partners and customers through an extranet infrastructure. Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture?