Certified Information Systems Auditor (CISA) — Question 775
Which of the following is an IS auditor's BEST recommendation to protect an organization from attacks when its file server needs to be accessible to external users?
Answer options
- A. Enhance internal firewalls.
- B. Enforce a secure tunnel connection.
- C. Set up a demilitarized zone (DMZ).
- D. Implement a secure protocol.
Correct answer: B
Explanation
The best recommendation is to enforce a secure tunnel connection, as it ensures that data transmitted between external users and the file server is encrypted and protected from interception. While enhancing internal firewalls, setting up a DMZ, and implementing secure protocols are all valuable measures, they do not provide the same level of security specifically for external access as a secure tunnel does.