Which of the following network components is PRIMARILY set up to serve as a security measure
by preventing unauthorized traffic between different segments of the network?

An IS auditor evaluating the resilience of a high-availability network should be MOST concerned if:

Which of the following would be an indicator of the effectiveness of a computer security incident
response team?

The MAIN criterion for determining the severity level of a service disruption incident is:

The computer security incident response team (CSIRT) of an organization disseminates detailed
descriptions of recent threats. An IS auditor’s GREATEST concern should be that the users might:

The PRIMARY objective of performing a postincident review is that it presents an opportunity to:

Which of the following is the MOST effective method for dealing with the spreading of a network
worm that exploits vulnerability in a protocol?

The FIRST step in managing the risk of a cyber attack is to:

After installing a network, an organization installed a vulnerability assessment tool or security
scanner to identify possible weaknesses. Which is the MOST serious risk associated with such
tools?

Time constraints and expanded needs have been found by an IS auditor to be the root causes for
recent violations of corporate data definition standards in a new business intelligence project.
Which of the following is the MOST appropriate suggestion for an auditor to make?