CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 264
1. Which of the following exposures could be caused by a line grabbing technique?
A) Unauthorized data access
B) Excessive CPU cycle usage
C) Lockout of terminal polling
D) Multiplexor control dysfunction
2. Electromagnetic emissions from a terminal represent an exposure because they:
A) affect noise pollution.
B) disrupt processor functions.
C) produce dangerous levels of electric current.
D) can be detected and displayed.
3. Security administration procedures require read-only access to:
A) access control tables.
B) security log files.
C) logging options.
D) user profiles.
4. With the help of a security officer, granting access to data is the responsibility of:
A) data owners.
B) programmers.
C) system analysts.
D) librarians.
5. The FIRST step in data classification is to:
A) establish ownership.
B) perform a criticality analysis.
C) define access rules.
D) create a data dictionary.
A) Unauthorized data access
B) Excessive CPU cycle usage
C) Lockout of terminal polling
D) Multiplexor control dysfunction
2. Electromagnetic emissions from a terminal represent an exposure because they:
A) affect noise pollution.
B) disrupt processor functions.
C) produce dangerous levels of electric current.
D) can be detected and displayed.
3. Security administration procedures require read-only access to:
A) access control tables.
B) security log files.
C) logging options.
D) user profiles.
4. With the help of a security officer, granting access to data is the responsibility of:
A) data owners.
B) programmers.
C) system analysts.
D) librarians.
5. The FIRST step in data classification is to:
A) establish ownership.
B) perform a criticality analysis.
C) define access rules.
D) create a data dictionary.
1. Right Answer: A
Explanation: Line grabbing will enable eavesdropping, thus allowing unauthorized data access, it will not necessarily cause multiplexor dysfunction, excessive CPU usage or lockout of terminal polling.
2. Right Answer: D
Explanation: Emissions can be detected by sophisticated equipment and displayed, thus giving unauthorized person access to data. They should not cause disruption of CPUs or effect noise pollution.
3. Right Answer: B
Explanation: Security administration procedures require read-only access to security log files to ensure that, once generated, the logs are not modified. Logs provide evidence and track suspicious transactions and activities. Security administration procedures require write access to access control tables to manage and update the privileges according to authorized business requirements. Logging options require write access to allow the administrator to update the way the transactions and user activities are monitored, captured, stored, processed and reported.
4. Right Answer: A
Explanation: Data owners are responsible for the use of data. Written authorization for users to gain access to computerized information should be provided by the data owners. Security administration with the owners' approval sets up access rules stipulating which users or group of users are authorized to access data or files and the level of authorized access (e.g., read or update).
5. Right Answer: A
Explanation: Data classification is necessary to define access rules based on a need-to-do and need-to- know basis. The data owner is responsible for defining the access rules; therefore, establishing ownership is the first step in data classification. The other choices are incorrect. A criticality analysis is required for protection of data, which takes input from data classification. Access definition is complete after data classification and input for a data dictionary is prepared from the data classification process.
Explanation: Line grabbing will enable eavesdropping, thus allowing unauthorized data access, it will not necessarily cause multiplexor dysfunction, excessive CPU usage or lockout of terminal polling.
2. Right Answer: D
Explanation: Emissions can be detected by sophisticated equipment and displayed, thus giving unauthorized person access to data. They should not cause disruption of CPUs or effect noise pollution.
3. Right Answer: B
Explanation: Security administration procedures require read-only access to security log files to ensure that, once generated, the logs are not modified. Logs provide evidence and track suspicious transactions and activities. Security administration procedures require write access to access control tables to manage and update the privileges according to authorized business requirements. Logging options require write access to allow the administrator to update the way the transactions and user activities are monitored, captured, stored, processed and reported.
4. Right Answer: A
Explanation: Data owners are responsible for the use of data. Written authorization for users to gain access to computerized information should be provided by the data owners. Security administration with the owners' approval sets up access rules stipulating which users or group of users are authorized to access data or files and the level of authorized access (e.g., read or update).
5. Right Answer: A
Explanation: Data classification is necessary to define access rules based on a need-to-do and need-to- know basis. The data owner is responsible for defining the access rules; therefore, establishing ownership is the first step in data classification. The other choices are incorrect. A criticality analysis is required for protection of data, which takes input from data classification. Access definition is complete after data classification and input for a data dictionary is prepared from the data classification process.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment