Examice

Exam IIA-CIA-Part1 All QuestionsBrowse all questions from this exam

Question 183

What type of risk management strategy is being employed when an organization installs two firewalls to provide protection from unauthorized access to the network?

Diversifying the risk that network access will not be available to legitimate, authorized users.

Accepting the risk that there may be attempts at unauthorized access to the network.

Avoiding the risk of having a direct network connection to un-trusted networks.

Sharing the risk that either firewall could be compromised by hackers.

Correct Answer: C

The organization is avoiding the risk of having a direct network connection to un-trusted networks by installing two firewalls. This serves to create multiple layers of security, reducing the chances of unauthorized access. This approach is commonly referred to as defense-in-depth, which is a primary strategy for avoiding risk by preventing potential threats from reaching critical network resources.

Discussion

hustinOption: A

I think one firewall is for restriction but two firewalls are just for diversifying the risk

NanachangOption: C

The answer should be C. I do not understand why A.

ElvooOption: C

I think C should be correct.