CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 275
1. Which of the following acts as a decoy to detect active internet attacks?
A) Honeypots
B) Firewalls
C) Trapdoors
D) Traffic analysis
2. A certificate authority (CA) can delegate the processes of:
A) revocation and suspension of a subscriber's certificate.
B) generation and distribution of the CA public key.
C) establishing a link between the requesting entity and its public key.
D) issuing and distributing subscriber certificates.,
3. Which of the following results in a denial-of-service attack?
A) Brute force attack
B) Ping of death
C) Leapfrog attack
D) Negative acknowledgement (NAK) attack
4. Which of the following is the GREATEST advantage of elliptic curve encryption over RSA encryption?
A) Computation speed
B) Ability to support digital signatures
C) Simpler key distribution
D) Greater strength for a given key length
5. Which of the following would be the BEST overall control for an Internet business looking for confidentiality, reliability and integrity of data?
A) Secure Sockets Layer (SSL)
B) Intrusion detection system (IDS)
C) Public key infrastructure (PKI)
D) Virtual private network (VPN)
A) Honeypots
B) Firewalls
C) Trapdoors
D) Traffic analysis
2. A certificate authority (CA) can delegate the processes of:
A) revocation and suspension of a subscriber's certificate.
B) generation and distribution of the CA public key.
C) establishing a link between the requesting entity and its public key.
D) issuing and distributing subscriber certificates.,
3. Which of the following results in a denial-of-service attack?
A) Brute force attack
B) Ping of death
C) Leapfrog attack
D) Negative acknowledgement (NAK) attack
4. Which of the following is the GREATEST advantage of elliptic curve encryption over RSA encryption?
A) Computation speed
B) Ability to support digital signatures
C) Simpler key distribution
D) Greater strength for a given key length
5. Which of the following would be the BEST overall control for an Internet business looking for confidentiality, reliability and integrity of data?
A) Secure Sockets Layer (SSL)
B) Intrusion detection system (IDS)
C) Public key infrastructure (PKI)
D) Virtual private network (VPN)
1. Right Answer: A
Explanation: Honeypots are computer systems that are expressly set up to attract and trap individuals who attempt to penetrate other individuals' computer systems. The concept of a honeypot is to learn from intruder's actions. A properly designed and configured honeypot provides data on methods used to attack systems. The data are then used to improve measures that could curb future attacks. A firewall is basically a preventive measure. Trapdoors create a vulnerability that provides an opportunity for the insertion of unauthorized code into a system. Traffic analysis is a type of passive attack.
2. Right Answer: C
Explanation: Establishing a link between the requesting entity and its public key is a function of a registration authority. This may or may not be performed by a CA; therefore, this function can be delegated. Revocation and suspension and issuance and distribution of the subscriber certificate are functions of the subscriber certificate life cycle management, which the CA must perform.Generation and distribution of the CA public key is a part of the CA key life cycle management process and, as such, cannot be delegated.
3. Right Answer: B
Explanation: The use of Ping with a packet size higher than 65 KB and no fragmentation flag on will cause a denial of service. A brute force attack is typically a text attack that exhausts all possible key combinations. A leapfrog attack, the act of tenting through one or more hosts to preclude a trace, makes use of user ID and password information obtained illicitly from one host to compromise another host. A negative acknowledgement attack is a penetration technique that capitalizes on a potential weakness in an operating system that does not handle asynchronous interrupts properly, leaving the system in an unprotected state during such interrupts.
4. Right Answer: A
Explanation: The main advantage of elliptic curve encryption over RSA encryption is its computation speed. This method was first independently suggested by Neal Koblitz andVictor S. Miller. Both encryption methods support digital signatures and are used for public key encryption and distribution. However, a stronger key per se does not necessarily guarantee better performance, but rather the actual algorithm employed.
5. Right Answer: C
Explanation: PKl would be the best overall technology because cryptography provides for encryption, digital signatures and non-repudiation controls for confidentiality and reliability. SSL can provide confidentiality. IDS is a detective control. A VPN would provide confidentiality and authentication (reliability).
Explanation: Honeypots are computer systems that are expressly set up to attract and trap individuals who attempt to penetrate other individuals' computer systems. The concept of a honeypot is to learn from intruder's actions. A properly designed and configured honeypot provides data on methods used to attack systems. The data are then used to improve measures that could curb future attacks. A firewall is basically a preventive measure. Trapdoors create a vulnerability that provides an opportunity for the insertion of unauthorized code into a system. Traffic analysis is a type of passive attack.
2. Right Answer: C
Explanation: Establishing a link between the requesting entity and its public key is a function of a registration authority. This may or may not be performed by a CA; therefore, this function can be delegated. Revocation and suspension and issuance and distribution of the subscriber certificate are functions of the subscriber certificate life cycle management, which the CA must perform.Generation and distribution of the CA public key is a part of the CA key life cycle management process and, as such, cannot be delegated.
3. Right Answer: B
Explanation: The use of Ping with a packet size higher than 65 KB and no fragmentation flag on will cause a denial of service. A brute force attack is typically a text attack that exhausts all possible key combinations. A leapfrog attack, the act of tenting through one or more hosts to preclude a trace, makes use of user ID and password information obtained illicitly from one host to compromise another host. A negative acknowledgement attack is a penetration technique that capitalizes on a potential weakness in an operating system that does not handle asynchronous interrupts properly, leaving the system in an unprotected state during such interrupts.
4. Right Answer: A
Explanation: The main advantage of elliptic curve encryption over RSA encryption is its computation speed. This method was first independently suggested by Neal Koblitz andVictor S. Miller. Both encryption methods support digital signatures and are used for public key encryption and distribution. However, a stronger key per se does not necessarily guarantee better performance, but rather the actual algorithm employed.
5. Right Answer: C
Explanation: PKl would be the best overall technology because cryptography provides for encryption, digital signatures and non-repudiation controls for confidentiality and reliability. SSL can provide confidentiality. IDS is a detective control. A VPN would provide confidentiality and authentication (reliability).
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment