IT Security / Compliance Analyst

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Davidakidd

Davidakidd

Community Contributor

Quizzes Created: 1 | Total Attempts: 626

Questions: 46 | Attempts: 626 | Updated: Mar 21, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

This quiz will help us better understand your experience and knowledge. Thank you for your participation.

Questions and Answers

1.

Which of the following would be the first step in establishing an information security program?
- A.
  
  Adoption of a corporate information security policy statement
- B.
  
  Development and implementation of an information security standards manual
- C.
  
  Development of a security awareness-training program
- D.
  
  Purchase of security access control software
Correct Answer
A. Adoption of a corporate information security policy statement

Explanation
The first step in establishing an information security program would be the adoption of a corporate information security policy statement. This is because a policy statement outlines the organization's goals, objectives, and commitment to information security. It provides a high-level direction and sets the tone for the entire program. Without a policy statement, there would be no clear guidance or framework for implementing security measures and controls. The other options listed, such as the development of a standards manual, security awareness training program, or purchase of access control software, would come after the policy statement is in place.

Rate this question:
2.

When developing an information security policy, what is the FIRST step that should be taken?
- A.
  
  Obtain copies of mandatory regulations.
- B.
  
  Gain management approval.
- C.
  
  Seek acceptance from other departments.
- D.
  
  Ensure policy is compliant with current working practices.
Correct Answer
B. Gain management approval.

Explanation
The first step in developing an information security policy should be to gain management approval. This is important because without management support and buy-in, it will be difficult to implement and enforce the policy effectively. Management approval ensures that the policy aligns with the organization's goals and objectives, and that the necessary resources and support are provided for its implementation. Additionally, obtaining management approval early on helps to establish accountability and responsibility for the policy within the organization.

Rate this question:
3.

Which one of the following should NOT be contained within a computer policy?
- A.
  
  Definition of management expectations.
- B.
  
  Responsibilities of individuals and groups for protected information.
- C.
  
  Statement of senior executive support.
- D.
  
  Definition of legal and regulatory controls.
Correct Answer
B. Responsibilities of individuals and groups for protected information.

Explanation
A computer policy typically outlines guidelines and procedures for the use and management of computer systems within an organization. It includes various components such as defining management expectations, stating senior executive support, and defining legal and regulatory controls. However, the responsibilities of individuals and groups for protected information should not be explicitly included in a computer policy. This information is usually covered in separate policies or guidelines specific to data protection and privacy.

Rate this question:
4.

Which must bear the primary responsibility for determining the level of protection needed for information systems resources?
- A.
  
  IS security specialists
- B.
  
  Senior Management
- C.
  
  Seniors security analysts
- D.
  
  System auditors
Correct Answer
B. Senior Management

Explanation
Senior Management must bear the primary responsibility for determining the level of protection needed for information systems resources. This is because they are responsible for setting the overall strategic direction of the organization and making decisions regarding resource allocation, risk management, and policy development. They have the authority and accountability to make decisions that align with the organization's goals and objectives, and ensure that the necessary resources and controls are in place to protect information systems from potential threats and vulnerabilities. IS security specialists, senior security analysts, and system auditors may play a role in implementing and maintaining security measures, but the ultimate responsibility lies with Senior Management.

Rate this question:
5.

A biometric fingerprint scanner is an example of which of the following?
- A.
  
  Two-factor authentication
- B.
  
  SSO
- C.
  
  Three-factor authentication
- D.
  
  Single-factor authentication
Correct Answer
D. Single-factor authentication

Explanation
A biometric fingerprint scanner is an example of single-factor authentication because it relies solely on the unique physical characteristics of an individual, in this case their fingerprint, to verify their identity. It does not require any additional factors such as a password or a security token.

Rate this question:
6.

Which of the following would an IS auditor consider to be the most helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program?
- A.
  
  Vendors reliability figures
- B.
  
  Regularly scheduled maintenance log
- C.
  
  A system downtime log
- D.
  
  A written preventive maintenance schedule .
Correct Answer
C. A system downtime log

Explanation
An IS auditor would consider a system downtime log to be the most helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program. This log provides information on the frequency and duration of system downtime, which can indicate the reliability and efficiency of the preventive maintenance program. By analyzing the downtime log, the auditor can assess if the program is effectively preventing system failures and minimizing disruptions to business operations.

Rate this question:
7.

Which of the following procedures would most effectively detect the loading of illegal softwarepackages?
- A.
  
  Policies that result in instant dismissal if violated
- B.
  
  The use of diskless workstations
- C.
  
  The use of current antivirus software
- D.
  
  Periodic checking of hard drives
Correct Answer
D. Periodic checking of hard drives

Explanation
Periodic checking of hard drives would most effectively detect the loading of illegal software packages. This procedure involves regularly scanning the hard drives of computers to identify any unauthorized or illegal software that may have been installed. By conducting periodic checks, organizations can proactively identify and remove any illegal software, ensuring compliance with legal and licensing requirements. This approach helps to prevent the use of unauthorized software, protecting the organization from potential legal issues and security risks.

Rate this question:
8.

The internal audit department of an organization has developed and maintained ACL scripts for continuous auditing purposes. These scripts were provided to IT management for continuous monitoring purposes. This situation resulted in a potential conflict related to the auditor's independence and objectivity. Which of the following actions would best resolve the issue?
- A.
  
  The internal audit team should stop sharing the scripts so that IT management must develop its own scripts.
- B.
  
  Since continuous monitoring and continuous auditing are similar functions, IT management should assign the continuous monitoring tasks the internal audit department.
- C.
  
  IT management should continue to use the scripts for continuous monitoring purposes with the understanding that it is responsible for testing and maintaining the scripts that it uses.
- D.
  
  The internal audit team should review the areas where these scripts are being used and reduce the audit scope and frequency for these areas.
Correct Answer
C. IT management should continue to use the scripts for continuous monitoring purposes with the understanding that it is responsible for testing and maintaining the scripts that it uses.

Explanation
This action allows IT management to continue using the scripts for continuous monitoring purposes, which is important for effective risk management and control. However, it also addresses the conflict related to auditor independence and objectivity by shifting the responsibility of testing and maintaining the scripts to IT management. This ensures that the internal audit team remains independent and objective in their assessment of the organization's controls.

Rate this question:
9.

An IS auditor evaluating the resilience of a high-availability network should be most concernedif:
- A.
  
  The network servers are clustered in a site
- B.
  
  The setup is geographically dispersed
- C.
  
  The use of current antivirus software
- D.
  
  Policies that result in instant dismissal if violated
Correct Answer
A. The network servers are clustered in a site

Explanation
The correct answer is the network servers are clustered in a site. Clustering the network servers in a single site increases the risk of a single point of failure. If the site experiences a power outage, natural disaster, or any other event that disrupts the network servers, the entire network could go down. To ensure high availability, it is recommended to have geographically dispersed servers to minimize the impact of such incidents.

Rate this question:
10.

Information for detecting unauthorized input from a terminal would be best provided by the:
- A.
  
  Transaction journal
- B.
  
  Automated suspense file listing
- C.
  
  User error report
- D.
  
  Console log printout
Correct Answer
D. Console log printout

Explanation
The console log printout would be the best source of information for detecting unauthorized input from a terminal. The console log records all the activities and commands performed on the terminal, including any unauthorized or suspicious input. By analyzing the console log printout, one can identify any unauthorized actions or attempts made from the terminal, helping to detect and prevent any potential security breaches.

Rate this question:
11.

Which of the following could result from inadequate software baselining?
- A.
  
  Scope creep
- B.
  
  Signoff delays
- C.
  
  Software integrity violations
- D.
  
  Inadequate controls
Correct Answer
A. Scope creep

Explanation
Inadequate software baselining can result in scope creep. This is because without proper baselining, there is a lack of control and documentation of project requirements and changes. As a result, additional features or changes may be added to the project scope without proper evaluation or approval, leading to scope creep.

Rate this question:
12.

While reviewing sensitive electronic work papers, the IS auditor noticed that they were not encrypted. This could compromise the:
- A.
  
  Audit trail of the versioning of the work papers
- B.
  
  Approval of the audit phases
- C.
  
  Access rights to the work papers
- D.
  
  Confidentiality of the work papers
Correct Answer
D. Confidentiality of the work papers

Explanation
If the sensitive electronic work papers are not encrypted, it means that they are not protected from unauthorized access. This could compromise the confidentiality of the work papers, as anyone with access to the system or the files could potentially view or manipulate the information contained in the work papers. Encryption is an important security measure to ensure that sensitive data remains confidential and protected from unauthorized disclosure or tampering.

Rate this question:
13.

The MOST important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to:
- A.
  
  Comply with regulatory requirements
- B.
  
  Provide a basis for drawing reasonable conclusions
- C.
  
  Ensure complete audit coverage
- D.
  
  Perform the audit according to the defined scope
Correct Answer
B. Provide a basis for drawing reasonable conclusions

Explanation
The most important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to provide a basis for drawing reasonable conclusions. This means that the auditor needs to gather enough relevant and reliable evidence to support their findings and conclusions about the effectiveness and efficiency of the information systems being audited. Without sufficient and appropriate evidence, the auditor's conclusions may lack credibility and accuracy. Compliance with regulatory requirements, ensuring complete audit coverage, and performing the audit according to the defined scope are important considerations, but they are not the primary reason for obtaining audit evidence.

Rate this question:
14.

What function does the auditor provide?
- A.
  
  Second set of eyes, which are external from the subject under review
- B.
  
  Independent assurance that the claims of management are correct
- C.
  
  Assistance by fixing problems found during the audit
- D.
  
  Adapting standards to fit the needs of the client
Correct Answer
A. Second set of eyes, which are external from the subject under review

Explanation
The auditor provides a second set of eyes, which are external from the subject under review. This means that the auditor is an independent party who reviews and examines the financial statements, records, and processes of an organization to ensure their accuracy and compliance with regulations. The auditor's role is to provide an objective assessment and evaluation of the organization's financial statements, giving stakeholders confidence in the reliability of the information presented.

Rate this question:
15.

Which one of the following is an important characteristic of an information security policy?
- A.
  
  Identifies major functional areas of information.
- B.
  
  Quantifies the effect of the loss of the information.
- C.
  
  Requires the identification of information owners.
- D.
  
  Lists applications that support the business function.
Correct Answer
A. Identifies major functional areas of information.

Explanation
An important characteristic of an information security policy is that it identifies major functional areas of information. This means that the policy outlines the different categories or types of information that are important to the organization, such as customer data, financial records, or intellectual property. By identifying these major functional areas, the policy can then establish specific guidelines and controls for protecting and securing each type of information appropriately. This helps ensure that the organization's information assets are properly managed and protected from potential threats or breaches.

Rate this question:
16.

In which one of the following documents is the assignment of individual roles and responsibilities MOST appropriately defined?
- A.
  
  Security policy
- B.
  
  Enforcement guidelines
- C.
  
  Acceptable use policy
- D.
  
  Program manual
Correct Answer
C. Acceptable use policy

Explanation
The assignment of individual roles and responsibilities is most appropriately defined in an Acceptable Use Policy. This policy outlines the acceptable behavior and usage of a system or network and typically includes specific guidelines for users' roles and responsibilities. It helps to ensure that individuals understand their obligations and expectations when using the system or network, promoting security and compliance with organizational policies and procedures.

Rate this question:
17.

Which one of the following is NOT a fundamental component of a Regulatory Security Policy?
- A.
  
  What is to be done.
- B.
  
  When it is to be done.
- C.
  
  Who is to do it.
- D.
  
  Why is it to be done
Correct Answer
C. Who is to do it.

Explanation
The question asks for a component that is NOT a fundamental part of a Regulatory Security Policy. The options provided are "What is to be done," "When it is to be done," "Who is to do it," and "Why is it to be done." These options represent the key elements of a policy, such as the actions to be taken, the timing of those actions, the rationale behind them, and the individuals responsible for carrying them out. However, "Who is to do it" does not pertain to the policy itself, but rather to the assignment of tasks and responsibilities, which is typically addressed in procedures or job descriptions rather than a policy.

Rate this question:
18.

Network Security is a process that is:
- A.
  
  Product
- B.
  
  Protocols
- C.
  
  Ever evolving
- D.
  
  Quick-fix solution
Correct Answer
C. Ever evolving

Explanation
Network security is a continuous process that constantly adapts and evolves to keep up with the ever-changing landscape of threats and vulnerabilities. It involves implementing and updating various measures such as firewalls, encryption, access controls, and intrusion detection systems to protect networks from unauthorized access, data breaches, and other security risks. This ongoing evolution is necessary to stay ahead of new and emerging threats and to ensure that network security measures remain effective in mitigating risks.

Rate this question:
19.

A high profile company has been receiving a high volume of attacks on their web site. The network administrator wants to be able to collect information on the attacker(s) so legal action can be taken. What should be implemented?
- A.
  
  DMZ (Demilitarized Zone)
- B.
  
  A honey pot
- C.
  
  A firewall
- D.
  
  A new subnet
Correct Answer
B. A honey pot

Explanation
A honey pot should be implemented in this scenario to collect information on the attacker(s) and enable legal action. A honey pot is a decoy system designed to attract and trap potential attackers. It appears to be a legitimate target but is actually isolated from the main network, allowing the network administrator to monitor and gather information on the attackers' activities without risking the security of the actual system. This information can then be used as evidence for legal action against the attackers.

Rate this question:
20.

You are running cabling for a network through a boiler room where the furnace and some other heavy machinery reside. You are concerned about interference from these sources. Which of the following types of cabling provides the best protection from interference in this area?
- A.
  
  STP
- B.
  
  UTP
- C.
  
  Coaxial
- D.
  
  Fiber-optic
Correct Answer
D. Fiber-optic

Explanation
Fiber-optic cabling provides the best protection from interference in the given scenario. Unlike STP (shielded twisted pair), UTP (unshielded twisted pair), and coaxial cables, fiber-optic cables use light to transmit data instead of electrical signals. This means that they are not susceptible to electromagnetic interference (EMI) or radio frequency interference (RFI) caused by the furnace and heavy machinery in the boiler room. Fiber-optic cables also have a higher bandwidth and can transmit data over longer distances without loss of signal quality.

Rate this question:
21.

In order for a user to obtain a certificate from a trusted CA (Certificate Authority), the user must present proof of identity and a?
- A.
  
  Private Key
- B.
  
  Public Key
- C.
  
  Password
- D.
  
  Kerberos Key
Correct Answer
B. Public Key

Explanation
To obtain a certificate from a trusted CA, the user needs to present proof of identity and a public key. This is because the CA needs to verify the user's identity before issuing a certificate. The public key is required as it is used in the process of encrypting and decrypting data, ensuring secure communication between the user and the CA. The private key is not required in this scenario as it is kept confidential by the user and is used for decrypting data that has been encrypted with the corresponding public key. A password or Kerberos key is not relevant to the process of obtaining a certificate from a CA.

Rate this question:
22.

While performing a routing site audit of your wireless network, you discover an unauthorized Access Point placed on your network under the desk of Accounting department security. When questioned, she denies any knowledge of it, but informs you that her new boyfriend has been to visit her several times, including taking her to lunch one time. What type of attack have you just become a victim of?
- A.
  
  Piggybacking
- B.
  
  Masquerading
- C.
  
  Man-in-the-middle attack
- D.
  
  Social Engineering
Correct Answer
D. Social Engineering

Explanation
Based on the given scenario, the correct answer is Social Engineering. This is because the unauthorized Access Point was placed on the network under the desk of the Accounting department security without their knowledge. The fact that the security personnel denies any knowledge of it but mentions her new boyfriend's visits suggests that someone manipulated her trust and convinced her to allow the unauthorized access. This manipulation of human behavior and trust is a classic example of social engineering.

Rate this question:
23.

While connected from home to an ISP (Internet Service Provider), a network administrator performs a port scan against a corporate server and encounters four open TCP (Transmission Control Protocol) ports: 25, 110, 143 and 389. Corporate users in the organization must be able to connect from home, send and receive messages on the Internet, read e-mail by beams of the IMAPv.4 (Internet Message Access Protocol version 4) protocol, and search into a directory services database for user e-mail addresses, and digital certificates. All the e-mail relates services, as well as the directory server, run on the scanned server. Which of the above ports can be filtered out to decrease unnecessary exposure without affecting functionality?
- A.
  
  25
- B.
  
  110
- C.
  
  143
- D.
  
  389
Correct Answer
B. 110

Explanation
Port 110 can be filtered out to decrease unnecessary exposure without affecting functionality. Port 110 is used for the POP3 (Post Office Protocol version 3) protocol, which is not mentioned in the given scenario. Since the organization uses the IMAPv.4 protocol for reading emails, filtering out port 110 will not affect the ability of corporate users to send and receive messages on the Internet or read emails. Therefore, it can be safely filtered out to reduce exposure to potential security threats.

Rate this question:
24.

A piece of malicious code that can replicate itself, has no productive purpose, and exists only to damage computer systems or create further vulnerabilities is called a?
- A.
  
  Logic Bomb
- B.
  
  Worm
- C.
  
  Trojan Horse
- D.
  
  Virus
Correct Answer
D. Virus

Explanation
A virus is a type of malicious code that is capable of replicating itself and causing harm to computer systems. Unlike other types of malware such as logic bombs, worms, and Trojan horses, viruses do not have any productive purpose and are solely designed to damage computer systems or create vulnerabilities.

Rate this question:
25.

A user ID, PIN, and a palm scan are all required to authenticate a system. Which of the following is this an example of?
- A.
  
  SSO
- B.
  
  Two-factor authentication
- C.
  
  Single-factor authentication
- D.
  
  Three-factor authentication
Correct Answer
B. Two-factor authentication

Explanation
This is an example of two-factor authentication because it requires two different types of credentials for authentication - a user ID and PIN, and a palm scan. Two-factor authentication adds an extra layer of security by combining something the user knows (user ID and PIN) with something the user has (palm scan) to verify their identity.

Rate this question:
26.

A user sees an MD5 hash number beside a file that they wish to download. Which of the following BEST describes a hash?
- A.
  
  A hash is a uniue number that is generated based upon the TCP/IP transmission header and should be verified before download.
- B.
  
  A hash is a unique number that is generated based upon the file's contents and used as the SSL key during download.
- C.
  
  A hash is a unique number that is generated after the file has been encrypted and used as the SSL key during download.
- D.
  
  A hash is a unique number that is generated based upon the file's contents and should be verified after download.
Correct Answer
D. A hash is a unique number that is generated based upon the file's contents and should be verified after download.

Explanation
A hash is a unique number that is generated based upon the file's contents and should be verified after download. This means that the hash serves as a fingerprint or checksum for the file, allowing the user to compare the generated hash with the downloaded file's hash to ensure that the file has not been tampered with or corrupted during transmission.

Rate this question:

1
0
27.

Which of the following would give a technician the MOST information regarding an external attack on the network?
- A.
  
  Internet content filter
- B.
  
  Proxy server
- C.
  
  NIDS
- D.
  
  Firewall
Correct Answer
C. NIDS

Explanation
A Network Intrusion Detection System (NIDS) is designed to monitor network traffic and detect any suspicious or malicious activity. It analyzes packets of data flowing through the network and compares them against a database of known attack signatures. By doing so, it can identify and alert technicians about external attacks on the network, providing them with valuable information such as the source of the attack, the type of attack, and potential vulnerabilities that were exploited. This makes NIDS the most effective tool for gathering information about external attacks on a network.

Rate this question:
28.

Which of the following would BEST prevent night shift workers from logging in with IDs and passwords stolen from the day shift workers?
- A.
  
  Account expiration
- B.
  
  Time of day restriction
- C.
  
  Account lockout
- D.
  
  Domain password policy
Correct Answer
B. Time of day restriction

Explanation
Time of day restriction would be the best solution to prevent night shift workers from logging in with IDs and passwords stolen from day shift workers. By implementing time of day restrictions, the system can be configured to only allow access during specific hours that correspond to the night shift. This would prevent unauthorized access during other times of the day, effectively mitigating the risk of stolen credentials being used during the night shift.

Rate this question:
29.

Which of the following would BEST ensure that users have complex passwords?
- A.
  
  ACL
- B.
  
  Domain password policy
- C.
  
  Logical tokens
- D.
  
  Time of day restrictions
Correct Answer
B. Domain password policy

Explanation
The domain password policy is the best option to ensure that users have complex passwords. This policy allows administrators to set specific requirements for passwords, such as minimum length, use of special characters, and regular password changes. By implementing a strong password policy at the domain level, users are prompted and required to create passwords that meet these criteria, making it more difficult for hackers to guess or crack passwords. This helps to enhance the overall security of the system and protect user accounts from unauthorized access.

Rate this question:
30.

According to a good disaster recovery plan, which of the following must happen during a power outage before an uninterruptible power supply (UPS) drains its battery?
- A.
  
  The PKI CA is relocated
- B.
  
  The backup generator activates.
- C.
  
  The single point of failure is remedied.
- D.
  
  Full electrical service is restored.
Correct Answer
B. The backup generator activates.

Explanation
During a power outage, an uninterruptible power supply (UPS) is designed to provide temporary power to critical systems until a backup generator can be activated. The UPS serves as a bridge between the loss of electrical service and the activation of the backup generator. Therefore, the correct answer is "The backup generator activates."

Rate this question:
31.

A firewall has been configured to block egress traffic on TCP ports 80. Which of the following services would be affected?
- A.
  
  Inbound HTTP traffic
- B.
  
  Outbound HTTP traffic
- C.
  
  Inbound HTTPS traffic
- D.
  
  Outbound HTTPS traffic
Correct Answer
B. Outbound HTTP traffic

Explanation
If a firewall is configured to block egress traffic on TCP ports 80, it means that any outgoing traffic on port 80, which is used for HTTP communication, will be blocked. This would affect the Outbound HTTP traffic, as any requests or data being sent from the local network to external servers using HTTP would not be able to pass through the firewall. However, it would not affect the Inbound HTTP traffic, Inbound HTTPS traffic, or Outbound HTTPS traffic, as these use different ports (80 for HTTP and 443 for HTTPS) which are not being blocked by the firewall in this scenario.

Rate this question:
32.

A firewall has been configured to permit traffic on only TCP ports 25 and 110. Which of the following would be possible?
- A.
  
  File transfers via FTP
- B.
  
  Newsgroup access
- C.
  
  Internet browsing
- D.
  
  E-mail delivery
Correct Answer
D. E-mail delivery

Explanation
E-mail delivery would be possible because TCP ports 25 and 110 are commonly used for SMTP (Simple Mail Transfer Protocol) and POP3 (Post Office Protocol) respectively, which are protocols used for sending and receiving e-mails. The firewall allows traffic on these specific ports, so e-mails can be sent and received through the allowed protocols. However, other activities such as file transfers via FTP, newsgroup access, and internet browsing would not be possible as they require different protocols and ports that are not permitted by the firewall configuration.

Rate this question:
33.

Which of the following are required to transfer traffic between two VLANs (Virtual Local Area Network)?
- A.
  
  A router
- B.
  
  A firewall
- C.
  
  A switch
- D.
  
  A gateway
Correct Answer
A. A router

Explanation
To transfer traffic between two VLANs, a router is required. A router is responsible for routing packets between different networks, including VLANs. It can determine the destination of the packets based on their IP addresses and forward them accordingly. A firewall is used for network security purposes and does not play a direct role in transferring traffic between VLANs. A switch is used to connect devices within a VLAN, but it does not facilitate traffic transfer between different VLANs. A gateway is a network node that connects two different networks, but it is not specifically required for transferring traffic between VLANs.

Rate this question:
34.

Which of the following properties cannot be used to define VLAN (Virtual Local Area Network) membership?
- A.
  
  Ports on a network switch
- B.
  
  MAC addresses of the hosts
- C.
  
  Network protocol used by the hosts
- D.
  
  Fully qualified domain name (FQDN) of the hosts
Correct Answer
D. Fully qualified domain name (FQDN) of the hosts

Explanation
The fully qualified domain name (FQDN) of the hosts cannot be used to define VLAN membership. VLAN membership is typically determined based on the ports on a network switch, the MAC addresses of the hosts, or the network protocol used by the hosts. The FQDN is a domain name that specifies the exact location of a host in the DNS hierarchy and is used for domain name resolution, but it is not directly related to VLAN membership.

Rate this question:
35.

Which one of the following disk fault tolerance mechanisms consists of two disks and a single controller?
- A.
  
  Disk duplexing
- B.
  
  Disk mirroring
- C.
  
  Disk striping
- D.
  
  Disk imaging
Correct Answer
B. Disk mirroring

Explanation
Disk mirroring is a disk fault tolerance mechanism that involves two disks and a single controller. In this mechanism, the data is simultaneously written to both disks, creating an exact copy or mirror of the data. This redundancy ensures that if one disk fails, the other disk can take over seamlessly, providing continuous access to the data. Disk mirroring is a simple and effective way to protect against disk failures and ensure high availability of data.

Rate this question:
36.

A firewall determines what traffic is allowed through it based on this:
- A.
  
  Point-to-point protocol
- B.
  
  Channel bank
- C.
  
  Rule base
- D.
  
  Number portability
Correct Answer
C. Rule base

Explanation
A firewall determines what traffic is allowed through it based on a rule base. A rule base is a set of predefined rules or policies that dictate how the firewall should handle incoming and outgoing network traffic. These rules can specify criteria such as source and destination IP addresses, port numbers, protocols, and actions to be taken (allow, block, or log). The firewall evaluates each incoming or outgoing packet against these rules and makes decisions on whether to allow or deny the traffic based on the defined criteria.

Rate this question:
37.

Which of the following would best secure a wireless network from unauthorized access?
- A.
  
  Implement Wired Equivalent Privacy (WEP).
- B.
  
  Permit access to only authorized Media Access Control (MAC) addresses.
- C.
  
  Disable open broadcast of services set identifiers (SSID)
- D.
  
  Implement Wi-FI Protected Access (WPA) 2
Correct Answer
D. Implement Wi-FI Protected Access (WPA) 2

Explanation
Implementing Wi-Fi Protected Access (WPA) 2 would best secure a wireless network from unauthorized access. WPA2 is a security protocol that provides stronger encryption and authentication methods compared to WEP. It uses Advanced Encryption Standard (AES) encryption, which is more secure than the encryption used in WEP. Additionally, WPA2 supports the use of a Pre-Shared Key (PSK) or a more secure authentication method called 802.1X, which requires individual user authentication. By implementing WPA2, the wireless network is better protected against unauthorized access and potential security breaches.

Rate this question:
38.

Which of the following would be the most significant audit finding when reviewing a point-of-sale (POS) system?
- A.
  
  Invoices recorded on the POS system are manually entered into an accounting application.
- B.
  
  An optical scanner is not used to read bar codes for the generation of sales invoices.
- C.
  
  Frequent power outages occur, resulting in the manual preparation of invoices.
- D.
  
  Customer credit card information is stored encrypted on the local POS system.
Correct Answer
D. Customer credit card information is stored encrypted on the local POS system.

Explanation
The most significant audit finding when reviewing a point-of-sale (POS) system would be that customer credit card information is stored encrypted on the local POS system. This finding is significant because it indicates that the system is taking appropriate measures to protect sensitive customer data, ensuring privacy and security. Storing credit card information in an encrypted format helps prevent unauthorized access and reduces the risk of data breaches or identity theft. It demonstrates that the system is compliant with industry standards and best practices for handling sensitive information.

Rate this question:
39.

When conducting a penetration test of an IT system, an organization should be most concerned with:
- A.
  
  The confidentiality of the report
- B.
  
  Finding all possible weaknesses on the system
- C.
  
  Restoring all systems to the original state
- D.
  
  Logging all changes made to the production system
Correct Answer
C. Restoring all systems to the original state

Explanation
When conducting a penetration test of an IT system, an organization should be most concerned with restoring all systems to the original state. This is because during the penetration test, the system may be intentionally modified or compromised in order to identify vulnerabilities. Once the test is completed, it is crucial to restore the system back to its original state to ensure its normal functioning and security. This allows the organization to continue its operations without any lingering vulnerabilities or potential issues that may have been introduced during the testing process.

Rate this question:
40.

The human resources (HR) department has developed a system to allow employees to enroll in benefits via a web site on the corporate Intranet. Which of the following would protect the confidentiality of the data?
- A.
  
  Secure Socket Layer (SSL) encryption
- B.
  
  Two-factor authentication
- C.
  
  Encrypted session cookies
- D.
  
  IP address verification
Correct Answer
A. Secure Socket Layer (SSL) encryption

Explanation
SSL encryption is a security protocol that encrypts the data transmitted between a web server and a web browser, ensuring that the information remains confidential and cannot be intercepted by unauthorized parties. By using SSL encryption, the HR department can protect the confidentiality of the data when employees enroll in benefits through the web site on the corporate Intranet. This encryption technology prevents hackers or eavesdroppers from accessing and understanding the sensitive information being transmitted.

Rate this question:
41.

Inadequate programming and coding practices introduce the risk of:
- A.
  
  Phishing
- B.
  
  Buffer overflow exploitation
- C.
  
  SYN flood
- D.
  
  Brute force attacks
Correct Answer
B. Buffer overflow exploitation

Explanation
Inadequate programming and coding practices can lead to buffer overflow exploitation. This occurs when a program or system does not properly check the size of input data, allowing an attacker to overflow a buffer and overwrite adjacent memory. This can result in the execution of malicious code, unauthorized access to sensitive information, or system crashes. It is important to follow secure coding practices and validate input data to prevent buffer overflow vulnerabilities.

Rate this question:
42.

To prevent IP spoofing attacks, a firewall should be configured to drop a packet if:
- A.
  
  The source routing field is enabled
- B.
  
  It has a broadcast address in the destination field
- C.
  
  A reset flag (RST) is turned on for the TCP connection
- D.
  
  Dynamic routing is used instead of static routing
Correct Answer
A. The source routing field is enabled

Explanation
If the source routing field is enabled, it allows the sender of a packet to specify the route that the packet should take through the network. This can be exploited by an attacker to spoof their IP address and bypass security measures. Therefore, to prevent IP spoofing attacks, a firewall should be configured to drop any packet that has the source routing field enabled.

Rate this question:
43.

An organization can ensure that the recipients of e-mails from its employees can authenticate the identity of the sender by:
- A.
  
  Digitally signing all e-mail messages
- B.
  
  Encrypting all e-mail messages
- C.
  
  Compressing all e-mail messages
- D.
  
  Password protecting all e-mail messages
Correct Answer
A. Digitally signing all e-mail messages

Explanation
By digitally signing all e-mail messages, an organization can ensure that the recipients can authenticate the identity of the sender. Digital signatures use encryption technology to verify the integrity and authenticity of the message. The sender's digital signature is unique to them and can only be generated with their private key. When the recipient receives the digitally signed message, they can use the sender's public key to verify the signature and confirm that the message has not been tampered with and indeed originated from the claimed sender. This provides a level of trust and assurance in the authenticity of the e-mail.

Rate this question:
44.

The use of residual biometric information to gain unauthorized access is an example of which of the following attacks:
- A.
  
  Mimic
- B.
  
  Brute force
- C.
  
  Cryptographic
- D.
  
  Replay
Correct Answer
D. Replay

Explanation
The use of residual biometric information to gain unauthorized access is an example of a replay attack. In a replay attack, an attacker intercepts and records legitimate data or information and then replays it later to gain unauthorized access. In this case, the residual biometric information, such as fingerprints or facial recognition data, is captured and replayed to bypass the biometric authentication system and gain unauthorized access.

Rate this question:
45.

Use the diagram to answer this question. To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:
- A.
  
  Firewall and the organization's network
- B.
  
  Internet and the firewall
- C.
  
  Internet and the web server
- D.
  
  Web server and the firewall
Correct Answer
A. Firewall and the organization's network

Explanation
An IS auditor should recommend placing a network intrusion detection system (IDS) between the firewall and the organization's network. This is because the IDS is designed to detect and monitor network traffic for any suspicious or malicious activity that the firewall may not be able to recognize. By placing the IDS in this location, it can analyze the incoming and outgoing traffic and alert the organization of any potential attack attempts that the firewall may have missed. This helps to enhance the overall security of the network and protect against unrecognized threats.

Rate this question:
46.

Use the diagram to answer this question. E-mail traffic from the Internet is routed via firewall-1 to the mail gateway. Mail is routed from the mail gateway. via firewall-2, to the mail recipients in the internal network. Other traffic is not allowed. For example, the firewalls do not allow direct traffic from the Internet to the internal network. The intrusion detection system (IDS) detects traffic for the internal network that did not originate form the mail gateway. The first action triggered by the IDS should be to:
- A.
  
  Alert the appropriate staff
- B.
  
  Create an entry in the log
- C.
  
  Close firewall-2
- D.
  
  Close firewall-1
Correct Answer
C. Close firewall-2

Explanation
The correct answer is to close firewall-2 because the intrusion detection system (IDS) has detected traffic for the internal network that did not originate from the mail gateway. By closing firewall-2, it prevents any further unauthorized traffic from entering the internal network, ensuring the security and integrity of the network.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Mar 21, 2023

Quiz Edited by
ProProfs Editorial Team
Mar 05, 2015

Quiz Created by
Davidakidd

IT Security / Compliance Analyst

Which of the following would be the first step in establishing an information security program?

When developing an information security policy, what is the FIRST step that should be taken?

Which one of the following should NOT be contained within a computer policy?

Which must bear the primary responsibility for determining the level of protection needed for information systems resources?

A biometric fingerprint scanner is an example of which of the following?

Which of the following would an IS auditor consider to be the most helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program?

Which of the following procedures would most effectively detect the loading of illegal softwarepackages?

An IS auditor evaluating the resilience of a high-availability network should be most concernedif:

Information for detecting unauthorized input from a terminal would be best provided by the:

Which of the following could result from inadequate software baselining?

While reviewing sensitive electronic work papers, the IS auditor noticed that they were not encrypted. This could compromise the:

The MOST important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to:

What function does the auditor provide?

Which one of the following is an important characteristic of an information security policy?

In which one of the following documents is the assignment of individual roles and responsibilities MOST appropriately defined?

Which one of the following is NOT a fundamental component of a Regulatory Security Policy?

Network Security is a process that is:

A high profile company has been receiving a high volume of attacks on their web site. The network administrator wants to be able to collect information on the attacker(s) so legal action can be taken. What should be implemented?

You are running cabling for a network through a boiler room where the furnace and some other heavy machinery reside. You are concerned about interference from these sources. Which of the following types of cabling provides the best protection from interference in this area?

In order for a user to obtain a certificate from a trusted CA (Certificate Authority), the user must present proof of identity and a?

A piece of malicious code that can replicate itself, has no productive purpose, and exists only to damage computer systems or create further vulnerabilities is called a?

A user ID, PIN, and a palm scan are all required to authenticate a system. Which of the following is this an example of?

A user sees an MD5 hash number beside a file that they wish to download. Which of the following BEST describes a hash?

Which of the following would give a technician the MOST information regarding an external attack on the network?

Which of the following would BEST prevent night shift workers from logging in with IDs and passwords stolen from the day shift workers?

Which of the following would BEST ensure that users have complex passwords?

According to a good disaster recovery plan, which of the following must happen during a power outage before an uninterruptible power supply (UPS) drains its battery?

A firewall has been configured to block egress traffic on TCP ports 80. Which of the following services would be affected?

A firewall has been configured to permit traffic on only TCP ports 25 and 110. Which of the following would be possible?

Which of the following are required to transfer traffic between two VLANs (Virtual Local Area Network)?

Which of the following properties cannot be used to define VLAN (Virtual Local Area Network) membership?

Which one of the following disk fault tolerance mechanisms consists of two disks and a single controller?

A firewall determines what traffic is allowed through it based on this:

Which of the following would best secure a wireless network from unauthorized access?

Which of the following would be the most significant audit finding when reviewing a point-of-sale (POS) system?

When conducting a penetration test of an IT system, an organization should be most concerned with:

The human resources (HR) department has developed a system to allow employees to enroll in benefits via a web site on the corporate Intranet. Which of the following would protect the confidentiality of the data?

Inadequate programming and coding practices introduce the risk of:

To prevent IP spoofing attacks, a firewall should be configured to drop a packet if:

An organization can ensure that the recipients of e-mails from its employees can authenticate the identity of the sender by:

The use of residual biometric information to gain unauthorized access is an example of which of the following attacks:

Use the diagram to answer this question. To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the: