Certified Information Systems Auditor (CISA) — Question 1359

Which of the following is the BEST control to mitigate attacks that redirect Internet traffic to an unauthorized website?

Answer options

• A. Utilize a network-based firewall.
• B. Conduct regular user security awareness training.
• C. Enforce a strong password policy meeting complexity requirements.
• D. Perform domain name system (DNS) server security hardening.

Correct answer: D

Explanation

The correct answer is D because securing the DNS server helps prevent attackers from manipulating DNS responses, which can redirect users to unauthorized sites. Options A, B, and C do not directly address the issue of DNS manipulation and are therefore less effective in mitigating such specific attacks.