When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:
In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?
Which of the following must be in place before an IS auditor initiates audit follow-up activities?
An organization has developed mature risk management practices that are followed across all departments What is the MOST effective way for the audit team to leverage this risk management maturity?