Over the long term, which of the following has the greatest potential to improve the security
incident response process?

When reviewing an intrusion detection system (IDS), an IS auditor should be MOST concerned about
which of the following?

Distributed denial-of-service (DDOS) attacks on Internet sites are typically evoked by hackers using
which of the following?

Validated digital signatures in an e-mail software application will:

In transport mode, the use of the Encapsulating Security Payload (ESP) protocol is advantageous
over the Authentication Header (AH) protocol because it provides:

An IS auditor notes that IDS log entries related to port scanning are not being analyzed. This lack of
analysis will MOST likely increase the risk of success of which of the following attacks?

IS management recently replaced its existing wired local area network (LAN) with a wireless
infrastructure to accommodate the increased use of mobile devices within the organization. This will
increase the risk of which of the following attacks?

Which of the following encryption techniques will BEST protect a wireless network from a maninthe- middle attack?

The IS management of a multinational company is considering upgrading its existing virtual private
network (VPN) to support voice-over IP (VoIP) communications via tunneling. Which of the following
considerations should be PRIMARILY addressed?

Which of the following antispam filtering techniques would BEST prevent a valid, variable-length
email message containing a heavily weighted spam keyword from being labeled as spam?