Podcast
Questions and Answers
Which of the following is a key objective of an auditor when verifying network security controls?
Which of the following is a key objective of an auditor when verifying network security controls?
- Verifying that network controls allow for unrestricted access to financial transactions
- Validating that network controls prioritize user convenience over data integrity
- Confirming that captured data by perpetrators remains usable for future analysis
- Ensuring that controls can detect and prevent unauthorized internal and external access (correct)
Which of the following is NOT a criterion for assessing the effectiveness of a firewall?
Which of the following is NOT a criterion for assessing the effectiveness of a firewall?
- Prioritizing user convenience over security controls (correct)
- Flexibility to accommodate changing security needs
- Ability to log all network activity for future audits
- Availability of proxy services to filter network traffic
Which of the following controls would be most effective in preventing unauthorized internal access to financial data?
Which of the following controls would be most effective in preventing unauthorized internal access to financial data?
- Regularly backing up data to an offsite location
- Disabling all remote access to the network
- Implementing strong password policies and multi-factor authentication (correct)
- Relying solely on a firewall to filter external traffic
Which of the following is a key risk associated with inadequate network security controls?
Which of the following is a key risk associated with inadequate network security controls?
Which of the following measures would be most effective in preventing conflicts of duties and unauthorized access levels?
Which of the following measures would be most effective in preventing conflicts of duties and unauthorized access levels?
Which of the following is a key component of a risk management strategy for network security?
Which of the following is a key component of a risk management strategy for network security?
Which of the following controls would be most effective in preventing theft of sensitive data by internal employees?
Which of the following controls would be most effective in preventing theft of sensitive data by internal employees?
Which of the following is a key consideration when implementing multilevel password controls?
Which of the following is a key consideration when implementing multilevel password controls?
Which of the following is a potential consequence of inadequate network security controls?
Which of the following is a potential consequence of inadequate network security controls?
Which of the following is a key objective of implementing a firewall?
Which of the following is a key objective of implementing a firewall?
