When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor’s BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:

CISA V2 0 Comments

When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor’s BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:
A . the Internet.
B . the demilitarized zone (DMZ).
C . the organization’s web server.
D . the organization’s network.

Answer: A

Explanation:

When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor’s best recommendation is to place an intrusion detection system (IDS) between the firewall and the Internet, as this would provide an additional layer of security and alert the organization of any malicious traffic that bypasses or penetrates the firewall. Placing an IDS between the firewall and the demilitarized zone (DMZ), the organization’s web server, or the organization’s network would not

be as effective, as it would only monitor the traffic that has already passed through the firewall.

References: CISA Review Manual (Digital Version), Chapter 5, Section 5.4.3

Latest CISA Dumps Valid Version with 2694 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISA PDF     CISA Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments