To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend
placing a network intrusion detection system (IDS) between the:
A.
Firewall and the organization’s network.
B.
Internet and the firewall.
C.
Internet and the web server.
D.
Web server and the firewall.
Explanation:
Attack attempts that could not be recognized by the firewall will be detected if a network-based
intrusion detection system is placed between the firewall and the organization’s network. A
network-based intrusion detection system placed between the internet and the firewall will detect
attack attempts, whether they do or do not enter the firewall.