Are you studying for the Certified Information Systems Auditor or CISA certifications?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
A company is developing new online ordering application. It will provide customers easier access for placing and tracking orders. What security measure is the most effective to protect this application from hackers?
Perform a web application security review.
Review file and access permissions on all servers to ensure that all files have read-only access.
Confirm that only the IP addresses of existing customers are allowed through the firewall.
Validate that ports 80 and 443 are blocked at the firewall.
Performing a web application security review would uncover security vulnerabilities that could be exploited by hackers. Confirm customer IP addresses is not correct since port 80 must be open for a web application to work and port 443 for a secured hypertext transmission protocol (HTTPS) to operate. Reviewing all files for read-only access is not correct because, in order for customer orders to be placed, some data must be saved to the server and is not as encompassing as a full web application security review. No customer orders could be placed on a read-only server. Reviewing firewall IP connections might be appropriate for some types of web applications, but is not the best solution since a new customer could not place an order until the firewall rules were changed to allow the customer to connect.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.