Home MCQs CISA Question #6836
Back to Questions
CISA QUESTION #6836
Question 1
During an audit, management claims their firewall provides adequate security. Testing reveals the firewall has not been configured with any rules beyond installation defaults and logs are not monitored. What does this BEST represent?
  • Adequate security posture
  • Security device providing false sense of security without effective implementation✔️
  • Cost-effective implementation
  • Appropriate risk acceptance
Correct Answer Explanation
A firewall with default settings and no monitoring provides minimal actual protection despite management's belief in its effectiveness. This creates a dangerous false sense of security where management believes they are protected when they are not. The presence of a security device without proper configuration and monitoring offers little real protection.