CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 300
1. Which of the following penetration tests would MOST effectively evaluate incident handling and response capabilities of an organization?
A) Targeted testing
B) External testing
C) internal testing
D) Double-blind testing
2. When protecting an organization's IT systems, which of the following is normally the next line of defense after the network firewall has been compromised?
A) Personal firewall
B) Antivirus programs
C) Intrusion detection system (IDS)
D) Virtual local area network (VLAN) configuration
3. In wireless communication, which of the following controls allows the device receiving the communications to verify that the received communications have not been altered in transit?
A) Device authentication and data origin authentication
B) Wireless intrusion detection (IDS) and prevention systems (IPS)
C) The use of cryptographic hashes
D) Packet headers and trailers
4. An organization is planning to replace its wired networks with wireless networks. Which of the following would BEST secure the wireless network from unauthorized access?
A) Implement Wired Equivalent Privacy (WEP)
B) Permit access to only authorized Media Access Control (MAC) addresses
C) Disable open broadcast of service set identifiers (SSID)
D) Implement Wi-Fi Protected Access (WPA) 2
5. An IS auditor is reviewing a software-based configuration. Which of the following represents the GREATEST vulnerability? The firewall software:
A) is configured with an implicit deny rule as the last rule in the rule base.
B) is installed on an operating system with default settings.
C) has been configured with rules permitting or denying access to systems or networks.
D) is configured as a virtual private network (VPN) endpoint.
A) Targeted testing
B) External testing
C) internal testing
D) Double-blind testing
2. When protecting an organization's IT systems, which of the following is normally the next line of defense after the network firewall has been compromised?
A) Personal firewall
B) Antivirus programs
C) Intrusion detection system (IDS)
D) Virtual local area network (VLAN) configuration
3. In wireless communication, which of the following controls allows the device receiving the communications to verify that the received communications have not been altered in transit?
A) Device authentication and data origin authentication
B) Wireless intrusion detection (IDS) and prevention systems (IPS)
C) The use of cryptographic hashes
D) Packet headers and trailers
4. An organization is planning to replace its wired networks with wireless networks. Which of the following would BEST secure the wireless network from unauthorized access?
A) Implement Wired Equivalent Privacy (WEP)
B) Permit access to only authorized Media Access Control (MAC) addresses
C) Disable open broadcast of service set identifiers (SSID)
D) Implement Wi-Fi Protected Access (WPA) 2
5. An IS auditor is reviewing a software-based configuration. Which of the following represents the GREATEST vulnerability? The firewall software:
A) is configured with an implicit deny rule as the last rule in the rule base.
B) is installed on an operating system with default settings.
C) has been configured with rules permitting or denying access to systems or networks.
D) is configured as a virtual private network (VPN) endpoint.
1. Right Answer: D
Explanation: In a double-blind test, the administrator and security staff are not aware of the test, which will result in an assessment of the incident handling and response capability in an organization. In targeted, external, and internal testing, the system administrator and security staff are aware of the tests since they are informed before the start of the tests.
2. Right Answer: C
Explanation: An intrusion detection system (IDS) would be the next line of defense after the firewall. It would detect anomalies in the network/server activity and try to detect the perpetrator. Antivirus programs, personal firewalls and VIAN configurations would be later in the line of defense.
3. Right Answer: C
Explanation: Calculating cryptographic hashes for wireless communications allows the device receiving the communications to verify that the received communications have not been altered in transit. This prevents masquerading and message modification attacks. Device authentication and data origin authentication is not the correct answer since authenticating wireless endpoints to each other prevents man-in-the-middle attacks and masquerading. Wireless iDS/lPSs is not the correct answer since wireless IDS/lPS shave the ability to detect misconfigured devices and rogue devices, and detect and possibly stop certain types of attacks. Packet headers and trailers alone do not ensure that the content has not been altered.
4. Right Answer: D
Explanation: Wi-Fi Protected Access (WPA) 2 implements most of the requirements of the IEEE 802.11i standard. The Advanced Encryption Standard (AESJ used in WPA2 provides better security. Also, WPA2 supports both the Extensible Authentication Protocol and the preshared secret key authentication model. Implementing WiredEquivalent Privacy (WEP) is incorrect since it can be cracked within minutes. WEP uses a static key which has to be communicated to all authorized users, thus management is difficult. Also, there is a greater vulnerability if the static key is not changed at regular intervals. The practice of allowing access based on MediaAccess Control (MAC) is not a solution since MAC addresses can be spoofed by attackers to gain access to the network. Disabling open broadcast of service set identifiers (SSID) is not the correct answer as they cannot handle access control.
5. Right Answer: B
Explanation: Default settings are often published and provide an intruder with predictable configuration information, which allows easier system compromise. To mitigate this risk, firewall software should be installed on a system using a hardened operating system that has limited functionality, providing only the services necessary to support the firewall software. Choices A, C and D are normal or best practices for firewall configurations.
Explanation: In a double-blind test, the administrator and security staff are not aware of the test, which will result in an assessment of the incident handling and response capability in an organization. In targeted, external, and internal testing, the system administrator and security staff are aware of the tests since they are informed before the start of the tests.
2. Right Answer: C
Explanation: An intrusion detection system (IDS) would be the next line of defense after the firewall. It would detect anomalies in the network/server activity and try to detect the perpetrator. Antivirus programs, personal firewalls and VIAN configurations would be later in the line of defense.
3. Right Answer: C
Explanation: Calculating cryptographic hashes for wireless communications allows the device receiving the communications to verify that the received communications have not been altered in transit. This prevents masquerading and message modification attacks. Device authentication and data origin authentication is not the correct answer since authenticating wireless endpoints to each other prevents man-in-the-middle attacks and masquerading. Wireless iDS/lPSs is not the correct answer since wireless IDS/lPS shave the ability to detect misconfigured devices and rogue devices, and detect and possibly stop certain types of attacks. Packet headers and trailers alone do not ensure that the content has not been altered.
4. Right Answer: D
Explanation: Wi-Fi Protected Access (WPA) 2 implements most of the requirements of the IEEE 802.11i standard. The Advanced Encryption Standard (AESJ used in WPA2 provides better security. Also, WPA2 supports both the Extensible Authentication Protocol and the preshared secret key authentication model. Implementing WiredEquivalent Privacy (WEP) is incorrect since it can be cracked within minutes. WEP uses a static key which has to be communicated to all authorized users, thus management is difficult. Also, there is a greater vulnerability if the static key is not changed at regular intervals. The practice of allowing access based on MediaAccess Control (MAC) is not a solution since MAC addresses can be spoofed by attackers to gain access to the network. Disabling open broadcast of service set identifiers (SSID) is not the correct answer as they cannot handle access control.
5. Right Answer: B
Explanation: Default settings are often published and provide an intruder with predictable configuration information, which allows easier system compromise. To mitigate this risk, firewall software should be installed on a system using a hardened operating system that has limited functionality, providing only the services necessary to support the firewall software. Choices A, C and D are normal or best practices for firewall configurations.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment