Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization’s security policy?

Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization’s security policy?

Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization’s security policy?

A.
Review the parameter settings.

B.
Interview the firewall administrator.

C.
Review the actual procedures.

D.
Review the device’s log file for recent attacks.

Explanation:
A review of the parameter settings will provide a good basis for comparison of the actual configuration to the security policy and will provide audit evidence documentation. The other choices do not provide audit evidence as strong as choice A.



Leave a Reply 0

Your email address will not be published. Required fields are marked *