Which of the following intrusion detection systems (IDSs) monitors the general patterns of activity and traffic on a network and creates a database?

What would be the MOST effective control for enforcing accountability among database users accessing sensitive information?

An organization has created a policy that defines the types of web sites that users are forbidden to access. What is the MOST effective technology to enforce this policy?

The responsibility for authorizing access to a business application system belongs to the:

Which of the following should an IS auditor recommend for the protection of specific sensitive information stored in the data warehouse?

Which of the following would MOST effectively enhance the security of a challenge-response based authentication system?

An IS auditor has completed a network audit. Which of the following is the MOST significant logical security finding?

An IS auditor should expect the responsibility for authorizing access rights to production data and systems to be entrusted to the:

What should be the GREATEST concern to an IS auditor when employees use portable media (MP3 players, flash drives)?

An organization is using an enterprise resource management (ERP) application. Which of the following would be an effective access control?