CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 291
1. The IS management of a multinational company is considering upgrading its existing virtual private network (VPN) to support voice-over IP (VoIP) communications via tunneling. Which of the following considerations should be PRIMARILY addressed?
A) Reliability and quality of service (QoS)
B) Means of authentication
C) Privacy of voice transmissions
D) Confidentiality of data transmissions
2. Which of the following antispam filtering techniques would BEST prevent a valid, variable- length e-mail message containing a heavily weighted spam keyword from being labeled as spam?
A) Heuristic (rule-based)
B) Signature-based
C) Pattern matching
D) Bayesian (statistical)
3. Which of the following public key infrastructure (PKI) elements provides detailed descriptions for dealing with a compromised private key?
A) Certificate revocation list (CRL)
B) Certification practice statement (CPS)
C) Certificate policy (CP)
D) PKI disclosure statement (PDS)
4. Active radio frequency ID (RFID) tags are subject to which of the following exposures?
A) Session hijacking
B) Eavesdropping
C) Malicious code
D) Phishing
5. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected on the network?
A) Use the IP address of an existing file server or domain controller.
B) Pause the scanning every few minutes to allow thresholds to reset.
C) Conduct the scans during evening hours when no one is logged-in.
D) Use multiple scanning tools since each tool has different characteristics.
A) Reliability and quality of service (QoS)
B) Means of authentication
C) Privacy of voice transmissions
D) Confidentiality of data transmissions
2. Which of the following antispam filtering techniques would BEST prevent a valid, variable- length e-mail message containing a heavily weighted spam keyword from being labeled as spam?
A) Heuristic (rule-based)
B) Signature-based
C) Pattern matching
D) Bayesian (statistical)
3. Which of the following public key infrastructure (PKI) elements provides detailed descriptions for dealing with a compromised private key?
A) Certificate revocation list (CRL)
B) Certification practice statement (CPS)
C) Certificate policy (CP)
D) PKI disclosure statement (PDS)
4. Active radio frequency ID (RFID) tags are subject to which of the following exposures?
A) Session hijacking
B) Eavesdropping
C) Malicious code
D) Phishing
5. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected on the network?
A) Use the IP address of an existing file server or domain controller.
B) Pause the scanning every few minutes to allow thresholds to reset.
C) Conduct the scans during evening hours when no one is logged-in.
D) Use multiple scanning tools since each tool has different characteristics.
1. Right Answer: A
Explanation: The company currently has a VPN; issues such as authentication and confidentiality have been implemented by the VPN using tunneling. Privacy of voice transmissions is provided by the VPN protocol. Reliability and QoS are, therefore, the primary considerations to be addressed.
2. Right Answer: D
Explanation: Bayesian filtering applies statistical modeling to messages, by performing a frequency analysis on each word within the message and then evaluating the message as a whole. Therefore, it can ignore a suspicious keyword if the entire message is within normal bounds. Heuristic filtering is less effective, since new exception rules may need to be defined when a valid message is labeled as spam. Signature-based filtering is useless against variable- length messages, because the calculated MD5 hash changes all the time. Finally, pattern matching is actually a degraded rule- based technique, where the rules operate at the word level using wildcards, and not at higher levels.
3. Right Answer: B
Explanation: The CPS is the how-to part in policy-based PKI. The CRL is a list of certificates that have been revoked before their scheduled expiration date. The CP sets the requirements that are subsequently implemented by the CPS. The PDS covers critical items such as the warranties, limitations and obligations that legally bind each party.
4. Right Answer: B
Explanation: Like wireless devices, active RFID tags are subject to eavesdropping. They are by nature not subject to session hijacking, malicious code or phishing.
5. Right Answer: B
Explanation: Pausing the scanning every few minutes avoids overtaxing the network as well as exceeding thresholds that may trigger alert messages to the network administrator. Using the IP address of a server would result in an address contention that would attract attention. Conducting scans after hours would increase the chance of detection, since there would be less traffic to conceal ones activities. Using different tools could increase the likelihood that one of them would be detected by an intrusion detection system.
Explanation: The company currently has a VPN; issues such as authentication and confidentiality have been implemented by the VPN using tunneling. Privacy of voice transmissions is provided by the VPN protocol. Reliability and QoS are, therefore, the primary considerations to be addressed.
2. Right Answer: D
Explanation: Bayesian filtering applies statistical modeling to messages, by performing a frequency analysis on each word within the message and then evaluating the message as a whole. Therefore, it can ignore a suspicious keyword if the entire message is within normal bounds. Heuristic filtering is less effective, since new exception rules may need to be defined when a valid message is labeled as spam. Signature-based filtering is useless against variable- length messages, because the calculated MD5 hash changes all the time. Finally, pattern matching is actually a degraded rule- based technique, where the rules operate at the word level using wildcards, and not at higher levels.
3. Right Answer: B
Explanation: The CPS is the how-to part in policy-based PKI. The CRL is a list of certificates that have been revoked before their scheduled expiration date. The CP sets the requirements that are subsequently implemented by the CPS. The PDS covers critical items such as the warranties, limitations and obligations that legally bind each party.
4. Right Answer: B
Explanation: Like wireless devices, active RFID tags are subject to eavesdropping. They are by nature not subject to session hijacking, malicious code or phishing.
5. Right Answer: B
Explanation: Pausing the scanning every few minutes avoids overtaxing the network as well as exceeding thresholds that may trigger alert messages to the network administrator. Using the IP address of a server would result in an address contention that would attract attention. Conducting scans after hours would increase the chance of detection, since there would be less traffic to conceal ones activities. Using different tools could increase the likelihood that one of them would be detected by an intrusion detection system.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment