CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 126
1. Which of the following is the MOST appropriate method to protect a password that opens a confidential file?
A) Delivery path tracing
B) Reverse lookup translation
C) Out-of-band channels
D) Digital signatures
2. What is the MOST effective access control method to prevent users from sharing files with unauthorized users?
A) Mandatory
B) Discretionary
C) Walled garden
D) Role-based
3. Which of the following is an inherent weakness of signature-based intrusion detection systems?
A) A higher number of false positives
B) New attack methods will be missed
C) Long duration probing will be missed
D) Attack profiles can be easily spoofed
4. Data owners are normally responsible for which of the following?
A) Applying emergency changes to application data
B) Administering security over database records
C) Migrating application code changes to production
D) Determining the level of application security required
5. Which of the following is the MOST appropriate individual to ensure that new exposures have not been introduced into an existing application during the change management process?
A) System analyst
B) System user
C) Operations manager
D) Data security officer
A) Delivery path tracing
B) Reverse lookup translation
C) Out-of-band channels
D) Digital signatures
2. What is the MOST effective access control method to prevent users from sharing files with unauthorized users?
A) Mandatory
B) Discretionary
C) Walled garden
D) Role-based
3. Which of the following is an inherent weakness of signature-based intrusion detection systems?
A) A higher number of false positives
B) New attack methods will be missed
C) Long duration probing will be missed
D) Attack profiles can be easily spoofed
4. Data owners are normally responsible for which of the following?
A) Applying emergency changes to application data
B) Administering security over database records
C) Migrating application code changes to production
D) Determining the level of application security required
5. Which of the following is the MOST appropriate individual to ensure that new exposures have not been introduced into an existing application during the change management process?
A) System analyst
B) System user
C) Operations manager
D) Data security officer
1. Right Answer: C
Explanation: Out-of-band channels are useful when it is necessary, for confidentiality, to break a message into two parts that are then sent by different means. Digital signatures only provide nonrepudiation. Reverse lookup translation involves converting; in Internet Protocol (IP) address to a username. Delivery path tracing shows the route taken but does not confirm the identity of the sender.
2. Right Answer: A
Explanation: Mandatory access controls restrict access to files based on the security classification of the file. This prevents users from sharing files with unauthorized users.Role-based access controls grant access according to the role assigned to a user; they do not prohibit file sharing. Discretionary and lattice-based access controls are not as effective as mandatory access controls in preventing file sharing. A walled garden is an environment that controls a user's access to web content and services. In effect, the walled garden directs the user's navigation within particular areas, and does not necessarily prevent sharing of other material.
3. Right Answer: B
Explanation: Signature-based intrusion detection systems do not detect new attack methods for which signatures have not yet been developed. False positives are not necessarily any higher, and spoofing is not relevant in this case. Long duration probing is more likely to fool anomaly-based systems (boiling frog technique).
4. Right Answer: D
Explanation: Data owners approve access to data and determine the degree of protection that should be applied (data classification). Administering database security, making emergency changes to data and migrating code to production are infrastructure tasks performed by custodians of the data.
5. Right Answer: B
Explanation: System users, specifically the user acceptance testers, would be in the best position to note whether new exposures are introduced during the change management process. The system designer or system analyst, data security officer and operations manager would not be as closely involved in testing code changes.
Explanation: Out-of-band channels are useful when it is necessary, for confidentiality, to break a message into two parts that are then sent by different means. Digital signatures only provide nonrepudiation. Reverse lookup translation involves converting; in Internet Protocol (IP) address to a username. Delivery path tracing shows the route taken but does not confirm the identity of the sender.
2. Right Answer: A
Explanation: Mandatory access controls restrict access to files based on the security classification of the file. This prevents users from sharing files with unauthorized users.Role-based access controls grant access according to the role assigned to a user; they do not prohibit file sharing. Discretionary and lattice-based access controls are not as effective as mandatory access controls in preventing file sharing. A walled garden is an environment that controls a user's access to web content and services. In effect, the walled garden directs the user's navigation within particular areas, and does not necessarily prevent sharing of other material.
3. Right Answer: B
Explanation: Signature-based intrusion detection systems do not detect new attack methods for which signatures have not yet been developed. False positives are not necessarily any higher, and spoofing is not relevant in this case. Long duration probing is more likely to fool anomaly-based systems (boiling frog technique).
4. Right Answer: D
Explanation: Data owners approve access to data and determine the degree of protection that should be applied (data classification). Administering database security, making emergency changes to data and migrating code to production are infrastructure tasks performed by custodians of the data.
5. Right Answer: B
Explanation: System users, specifically the user acceptance testers, would be in the best position to note whether new exposures are introduced during the change management process. The system designer or system analyst, data security officer and operations manager would not be as closely involved in testing code changes.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment