I am really blown away by everybody saying it is A.
The config will tell you where and what the firewall does. Location of firewall means absolutely nothing. Physical location? I mean a firewall ALWAYS sits in front of your business network...
A firewall should protect the application against attacks from the Internet and also from the untrusted users inside the corporate network (internal hackers). Firewalls may be implemented using hardware or software platforms. The location, firewall type, and configuration is important.
What is the purpose of reviewing configuration first when the firewall have been placed at the worng place? Of course when you audit a network security first thing you say to the the client you ask for the network topology to understand the how the devices are set up. When it comes to the MOST important I agree should be D.
ChatGPT
Reviewing firewall standards (option B) is indeed an important aspect of auditing the security architecture of an online application. Firewall standards provide guidelines and best practices for configuring, managing, and monitoring firewalls, which are critical components of network security. By reviewing firewall standards first, an IS auditor can establish a baseline understanding of the organization's firewall requirements and expectations.
When auditing the security architecture of an online application, the FIRST step for an IS auditor should be to review the firewall standards. These standards define the rules, policies, and configurations governing the firewall’s operation. By assessing compliance with established standards, the auditor can gain insights into the effectiveness of the firewall’s design and implementation.
First, you need to review the firewall configuration, then you will have to determine whether this configuration is suitable to where the firewall was placed or not.
whatever reviewing that you are doing, it is useless if you dont know what should be taken care by that device. It is very important to understand the location, the deployment and the protection that device is taking care for the organization.
Hence, location of firewall must be identified first before anything else.
I also vote for A because a firewall not connected to the Internet does not have the same risk as one that is connected to the Internet. This is because internal firewalls tend to be more permissive than external firewalls.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Broesweelies
Highly Voted 1 year, 8 months agokGiGa
1 year, 3 months agoPurpleParrot
Most Recent 1 month, 3 weeks agoNoKev
3 months, 1 week agoRS66
4 months, 3 weeks agoshalota2
5 months, 1 week agoSwallows
5 months, 2 weeks agoa84n
6 months, 3 weeks ago5b56aae
7 months agodan08
8 months, 4 weeks agoRachy
9 months, 3 weeks ago001Yogesh
11 months, 2 weeks ago001Yogesh
11 months, 2 weeks ago007Georgeo
1 year, 6 months agoMohamedAbdelaal
1 year, 6 months agoMichaelHoang
1 year, 10 months agoDavid_Hu
1 year, 10 months agoLilik
2 years, 1 month ago