Certified Information Systems Auditor (CISA) — Question 638

Which of the following security risks can be reduced by a properly configured network firewall?

Answer options

• A. SQL injection attacks
• B. Phishing attacks
• C. Denial of service (DoS) attacks
• D. Insider attacks

Correct answer: C

Explanation

A properly configured network firewall can help prevent Denial of Service (DoS) attacks by filtering incoming traffic and blocking malicious requests. While it can provide some level of protection against SQL injection and phishing attacks, these threats often require application-level security measures. Insider attacks are typically beyond the scope of what a firewall can control since they involve authorized users.