When planning an audit of a network setup, an IS auditor should give highest priority to obtaining
which of the following network documentation?

Which of the following encrypt/decrypt steps provides the GREATEST assurance of achieving
confidentiality, message integrity and nonrepudiation by either sender or recipient?

Use of asymmetric encryption in an internet e-commerce site, where there is one private key for the
hosting server and the public key is widely distributed to the customers, is MOST likely to provide
comfort to the:

An organization is considering connecting a critical PC-based system to the Internet. Which of the
following would provide the BEST protection against hacking?

Which of the following is the MOST secure and economical method for connecting a private network
over the Internet in a small- to medium-sized organization?

The potential for unauthorized system access by way of terminals or workstations within an
organization’s facility is increased when:

Which of the following functions is performed by a virtual private network (VPN)?

Applying a digital signature to data traveling in a network provides:

Which of the following would an IS auditor consider a weakness when performing an audit of an
organization that uses a public key infrastructure with digital certificates for its business-toconsumer
transactions via the internet?

Which of the following implementation modes would provide the GREATEST amount of security for
outbound data connecting to the internet?