Certified Information Systems Auditor (CISA) Question:
Download Questions PDF

An organization provides information to its supply-chain partners and customers through an extranet infrastructure. Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture?

CISA Interview Question
CISA Interview Question

Answer:

1. A secure sockets layer (SSL) has been implemented for user authentication and remote administration of the firewall.
2. On the basis of changing requirements, firewall policies are updated.
3. Inbound traffic is blocked unless the traffic type and connections have been specifically permitted.
4. The firewall is placed on top of the commercial operating system with all installation options.

Answer: D

Download CISA Interview Questions And Answers PDF

Previous QuestionNext Question
An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses wireless transport layer security (WTLS) and secure socket layers (SSL) technology for protecting their customers payment information. The IS auditor should be MOST concerned, if a hacker:Which of the following cryptography options would increase overhead/cost?