CISM Certified Information Security Manager – Question1081

What is the BEST method to confirm that all firewall rules and router configuration settings are adequate?

A.
Periodic review of network configuration
B. Review intrusion detection system (IDS) logs for evidence of attacks
C. Periodically perform penetration tests
D. Daily review of server logs for evidence of hacker activity

Correct Answer: C

Explanation:

Explanation:
Due to the complexity of firewall rules and router tables, plus the sheer size of intrusion detection systems (IDSs) and server logs, a physical review will be insufficient. The best approach for confirming the adequacy of these configuration settings is to periodically perform attack and penetration tests.