Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 751 discussion

Actual exam question from Isaca's CISA
Question #: 751
Topic #: 1
[All CISA Questions]

When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:

  • A. the organization's web server.
  • B. the demilitarized zone (DMZ).
  • C. the Internet.
  • D. the organization's network.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by shiowbah at Oct. 29, 2023, 10:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Action
1 week, 4 days ago
Selected Answer: C
The BEST recommendation is to place an intrusion detection system (IDS) between the firewall and C. the Internet. Here's the reasoning: Placing the IDS before the firewall would allow it to detect attacks before they reach the firewall, potentially preventing them from causing damage. Placing the IDS after the firewall would only detect attacks that managed to bypass the firewall, which is less effective. Therefore, placing the IDS between the firewall and the Internet provides the best protection against a wide range of attacks.
upvoted 1 times
...
RS66
4 months ago
Selected Answer: D
If u place the IDS as a first line of defense, it will overloaded with traffic. Use the firewall to filter incomming traffic then use the IDS to identify intrusions. The answer is D.
upvoted 1 times
...
Swallows
5 months, 3 weeks ago
Selected Answer: B
Placing the IDS between the firewall and the Internet (option C) may be effective in monitoring incoming traffic from external sources, but it wouldn't provide visibility into traffic passing through the firewall and potentially targeting the DMZ. Similarly, placing the IDS between the firewall and the organization's network (option D) would focus on internal traffic but wouldn't specifically address threats targeting the DMZ. Therefore, placing the IDS between the firewall and the DMZ is the best recommendation for enhancing security and detecting attacks targeting the organization's public-facing servers.
upvoted 1 times
...
3008
11 months, 1 week ago
Selected Answer: D
Attack attempts that could not be recognized by the firewall will be detected if a network- based intrusion detection system is placed between the firewall and the organization’s network. A network-based intrusion detection system placed between the internet and the firewall will detect attack attempts, whether they do or do not enter the firewall.
upvoted 1 times
...
[Removed]
11 months, 1 week ago
Selected Answer: C
If a network-based IDS is placed between the Internet and the firewall, it will detect all the attack attempts, whether or not they enter the firewall. If the IDS is placed between a firewall and the corporate network, it will detect those attacks that enter the firewall (it will detect intruders).
upvoted 1 times
[Removed]
11 months, 1 week ago
Correction - D is the correct answer since firewall is unable to recognize the attack attempts, IDS should be placed between the firewall and organization's network so as to alert the organization about such threats. Placing IDS between internet and firewall in this case will lead to attack attempts recognized by the IDS but allowed by the firewall
upvoted 2 times
...
...
shiowbah
1 year ago
B. the demilitarized zone (DMZ).
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel