When reviewing firewall configuration, which of the following represents the greatest vulnerability for an IS auditor?
A. The firewall software has been configured with rules permitting or denying access to systems or networks based upon source and destination networks or systems, protocols, and user authentication.
B. The firewall software is configured with an implicit deny rule as the last rule in the rule base.
C. The firewall software is installed on a common operating system that is configured with default settings.
D. The firewall software is configured as a VPN endpoint for site-to-site VPN connections.
Answer: C. The firewall software is installed on a common operating system that is configured with default settings.
You might also like to view...
The Department of Real Estate
A. disciplines unlicensed individuals B. can discipline anyone C. can only discipline real estate licensee's D. can monitor damages against real estate licensees
Companies typically start their international foray with ________, which involves working through independent intermediaries who sell their products abroad
A) indirect exporting B) licensing C) franchising D) direct exporting E) joint ventures