Please note: In order to obtain your CPE certificate for having passed the quiz, you must turn off your pop-up blocker.
Stanley Article
Nelson and Lu Article
Chan Article
Kennedy Article
Pidanick Article
CPE Quiz #
96
Based on Information Systems Control Journal Volume 3, 2004
A passing score of 75 percent qualifies for one (1) hour of CISA/CISM/CGEIT Continuing Professional Education (CPE) Credit
Your results will appear in a new window.
Enter your name below so it displays on the quiz results page:
Name:
Stanley Article1. Wireless technology is predominantly a "pull" technology, meaning that business requirements, such as mobility or flexibility, are driving its implementation.
2. Wireless networks are like radio stations in that information-bearing signals are radiated into space or in the air. This results in potential compromises to the network traffic, through unauthorized read access to the network traffic or possibly unauthorized connection to the network.
3. The author identifies encryption as a beneficial control technique for wireless connectivity. Benefits of encryption include improved confidentiality, authenticity and availability of data being accessed across a wireless network.
4. Wireless networks that are interconnected with wired networks can compromise the availability of the wired network, due to new threats such as jamming or interference that are specific to wireless.
5. In the author's opinion, elements of good wireless security include access controls, intrusion detection and integrity hashes.
Nelson and Lu Article6. The author advocates a multilayered approach for securing a wireless LAN to include architectural, device, link level and network layer security.
7. Device security can be further segmented into password security, data security and device identity. Device identity can be accomplished by public key infrastructure.
8. Link level security is accomplished at level 4 of the OSI stack, and generally combines Wi-Fi Protocol (WEP) and encryption tunneling to create a secure, private connection to a network.
Chan Article9. Encryption can provide value and improved internal controls because of the reduction in unauthorized read access risk and unauthorized alter access.
10. Encryption can provide improved control over nonrepudiation in that it can provide assurance that transactions are actually executed by the purported party.
Kennedy Article11. One type of risk in wireless networking is rogue access points. Rogue access points are wireless access points installed by end users without coordination or even sometimes knowledge of the access points by an information technology team.
12. Risks of MAC spoofing and session hijacking can be mitigated by implementing strong physical security and up-to-date virus protection throughout a wireless network.
13. Improved speed offered in 802.11b networks, relative to lower speed 802.11a wireless networks also improves security, because encryption is an integral part of the 802.11b protocol.
Pidanick Article14. Computer evidence is like any other evidence; it must be authentic, accurate, complete, convincing to juries and in conformity with common law and legislative rules.
15. Because of the increased risk of computer fraud and cyberterrorism, the author advocates that the US Department of Defense should form a counterintelligence function specifically for protecting homeland security.
16. Advances in encryption technology threaten to challenge computer forensics by making it harder to decrypt and then piece together useful encrypted files into meaningful information.
|
Your results will appear in a new window.
|
Please note: This quiz requires a JavaScript-enabled browser.
If the quiz is not displayed above, you either do not have a browser which
supports JavaScript or JavaScript support has been disabled.
|
|
|