An IS auditor finds that conference rooms have active network ports. Which of the following is MOST
important to ensure?

What is the BEST action to prevent loss of data integrity or confidentiality in the case of an ecommerce application running on a LAN, processing electronic fund transfers (EFT) and orders?

When conducting a penetration test of an IT system, an organization should be MOST concerned
with:

Which of the following penetration tests would MOST effectively evaluate incident handling and
response capabilities of an organization?

When protecting an organization’s IT systems, which of the following is normally the next line of
defense after the network firewall has been compromised?

In wireless communication, which of the following controls allows the device receiving the
communications to verify that the received communications have not been altered in transit?

An organization is planning to replace its wired networks with wireless networks. Which of the
following would BEST secure the wireless network from unauthorized access?

An IS auditor is reviewing a software-based firewall configuration. Which of the following represents
the GREATEST vulnerability? The firewall software:

The GREATEST risk posed by an improperly implemented intrusion prevention system (IPS) is:

The MOST effective control for reducing the risk related to phishing is: