01.
To make an electronic funds transfer (EFT), one employee enters the amount field and another employee reenters the same data again, before the money is transferred. The control adopted by the organization in this case is:
A. sequence check. B. key verification. C. check digit. D. completeness check.
02.
Which of the following Capability Maturity Model levels ensures achievement of documented process?
A. Repeatable (level 2) B. Defined (level 3) C. Managed (level 4) D. Optimizing (level 5)
03.
An IS auditor reviewing the implementation of IDS should be most concerned if:
A. High instances of false alarm by statistical based IDS.
B.IDS is placed between firewall and internal network.
C.IDS is used to detect encrypted traffic.
D.Signature based IDS is not able to identify new threats.
04.
Which of the following is the most routine problem in implementation of intrusion detection system (IDS)?
A. instances of false rejection rate.
B. instances of false acceptance rate.
C. instances of false positives.
D. denial-of-service attacks.
Answers:
01. B. key verification.
02. B. Defined (level 3)
03. C (IDS cannot detect attacks which are in form of encrypted traffic)
04. C. instances of false positives.
