Answered step by step
Verified Expert Solution
Question
1 Approved Answer
1 . [ 1 0 points ] Describe why the Sarbanes - Oxley Act ( SOX ) was passed and provide a detailed description of
points Describe why the SarbanesOxley Act SOX was passed and provide a detailed description of the Act. How did SOX change IT auditing?
points List and describe HIPAA Security Rules. For each security rule, describe one internal control for each security rule.
points You are conducting an IT audit. You review the Windows firewall rules and determine that ports and are open and listening on a Windows server. Logging into this server is permitted by policy by anyone. Answer the following questions.
a What services are running?
b Do you have any concerns about the security of the server?
c If you have concerns from b what suggestions do you have to improve the security of the Windows server? Describe your solution and what you would have to do to implement your solution you do not need to provide the exact commands
points Describe what a firewall does and explain how a firewall can be used to protect against a ICMP ping flood denialofservice DoS attack. Describe a firewalls functionality and this type of attack ICMP ping flood in detail. Describe a rule to detect this type of attack and block it
points List and provide a one sentence description of each of the pillars of Information Assurance. For each pillar, provide one example of a vulnerability or threat to the pillar.
points Describe in detail SaaS, PaaS, and IaaS Cloud computing models. Describe three considerations when auditing Cloud technologies.
points A company discovers that there is no offsite or backup storage for a financial application. The application leaves port open for web requests. There is a known vulnerability that can be exploited by sending a specifically formatted message to the application on port There is no policy to remove user accounts for the application when employees change jobs or leave the company. Answer the following questions.
a What are the threats?
b What are the risks?
c How would you mitigate the risks?
points A companys IT policy states that passwords should contain characters with a mix of letters, numbers, and special characters. After reviewing the implemented policy within the IT system, it is noted that the current security settings stated that passwords only need to be character long and no multifactor authentication is required. Answer the following questions.
a What are the threats?
b What are the risks?
c How would you mitigate the risks?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started