Certified Information Systems Auditor (CISA) — Question 1393

An IS auditors reviewing the perimeter security design of a network. Which of the following provides the GREATEST assurance that both incoming and outgoing internet traffic is controlled?

Answer options

• A. Load batancer
• B. Security information and event management (SIEM) system
• C. Intrusion detection system (IDS)
• D. Statetul firewall

Correct answer: D

Explanation

A stateful firewall is designed to monitor and control both incoming and outgoing traffic based on established rules, providing the most comprehensive security for network traffic. In contrast, a load balancer primarily distributes traffic, a SIEM system focuses on monitoring and analysis of security events, and an IDS detects potential threats but does not actively control traffic.