CISA Made Easy

                                           - easy CISA preparation

Wednesday, June 11, 2008

CISA Made Easy - Learn about Packet Filtering firewall in a minute

CISA Important Point to Remember :

Packet Filtering Firewall [Protection of Information Assets]











Characteristics

Shortcomings if any

 

Router/Firewall sits

 

between trusted and

 

untrusted network


 

Works at network layer

 

(OSI Layer 3).Checks IP

 

address of source and

 

destination

 

Susceptible to IP spoofing


Use Access Cotrol List

(ACL). Simple to

Configure


 

Maintaining ACL manually is sometimes

 

very difficult. ACL can sometimes

 

degrade performance if not properly and

 

skillfully configured

 

 

Monitors headers of every

 

packet

 

Susceptible to fragmentation attack

 

Very less auditing may

 

serve the purpose if

 

well configured

 

Lacks strong user authentication. Can be

 

attacked through permitted/configured

 

services



CISA Type Question 2.


An IS Auditor while auditing a software Firewall will look which source

for audit trails? [Protection of Information Assets]

1. Firewall Log

2. Operating System Log

3. Both 1 & 2

4. None of the above.


Answer to CISA Type Question 1


Audit Charter is not only related to scope of audit, but it grants authority from one

person/organization to another person/organization, It documents Purpose,

Accountabilities & Responsibilities related to Audit function and describe

independence, objectivity and Standards of Audit to be conducted. So, the correct

Answer is 4. Audit Charter is only related to scope of the Audit.




Add Post To: | Digg| Technorati| del.icio.us| Stumbleupon| Reddit| BlinkList| Furl| Spurl| Yahoo| Simpy|

Posted by PassCISA | Permalink |  

Labels:

Readers who visited this post also read :

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 

Home | | | | |

CISA made Easy - Easy CISA Preparation