Académique Documents
Professionnel Documents
Culture Documents
approved by the:
A. A. security administrator.
B. B. database administrator.
C. C. resource owners. correct
D. D. IT group.
Difficulty: Hard30% got this correct
Incorrect Discuss this Question
10) An IS auditor should expect which of the following items to be included in the request for
proposal (RFP) when IS is procuring services from an independent service provider for
proposal (RFP) when IS is procuring services from an independent service provider
A. A. stored offsite.
B. B. written by IS management.
C. C. circulated to users.
D. D. updated frequently.
A. A. Encrypting the hash of the message with the sender's private key
2) An organization wants to protect a network from Internet attack. Which of the following
firewall structure would BEST ensure the protection?
D. D. Circuit-level gateway
3) E-mail traffic from the Internet is routed via firewall-1 to the mail gateway. Mail is routed
from the mail gateway, via firewall-2, to the mail recipients in the internal network. Other
traffic is not allowed. For example, the firewalls do not allow direct traffic from the Internet
to the internal network. The intrusion detection system (IDS) detects traffic for the internal
network that did not originate from the mail gateway. The FIRST action triggered by the IDS
should be to:
C. C. close firewall-2.
D. D. close firewall-1.
A. A. Encrypting the hash of the message with the sender's private key and thereafter
encrypting the hash of the message with the receiver's public key
B. B. The sender digitally signing the message and thereafter encrypting the hash of the
message with the sender's private key
C. C. Encrypting the hash of the message with the sender's private key and thereafter
encrypting the message with the receiver's public key
D. D. Encrypting the message with the sender's private key and encrypting the message
hash with the receiver's public key encrypting the message with the receiver's public key