CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 129
1. Good information security procedures should:
A) define the allowable limits of behavior.
B) underline the importance of security governance.
C) describe security baselines for each platform.
D) be updated frequently as new software is released.
2. What is the MAIN drawback of e-mailing password-protected zip files across the Internet? They:
A) all use weak encryption.
B) are decrypted by the firewall.
C) may be quarantined by mail filters.
D) may be corrupted by the receiving mail server.
3. A major trading partner with access to the internal network is unwilling or unable to remediate serious information security exposures within its environment. Which of the following is the BEST recommendation?
A) Sign a legal agreement assigning them all liability for any breach
B) Remove all trading partner access until the situation improves
C) Set up firewall rules restricting network traffic from that location
D) Send periodic reminders advising them of their noncompliance
4. Documented standards/procedures for the use of cryptography across the enterprise should PRIMARILY:
A) define the circumstances where cryptography should be used.
B) define cryptographic algorithms and key lengths.
C) describe handling procedures of cryptographic keys.
D) establish the use of cryptographic solutions.
5. Which of the following is the MOST immediate consequence of failing to tune a newly installed intrusion detection system (IDS) with the threshold set to a low value?
A) The number of false positives increases
B) The number of false negatives increases
C) Active probing is missed
D) Attack profiles are ignored
A) define the allowable limits of behavior.
B) underline the importance of security governance.
C) describe security baselines for each platform.
D) be updated frequently as new software is released.
2. What is the MAIN drawback of e-mailing password-protected zip files across the Internet? They:
A) all use weak encryption.
B) are decrypted by the firewall.
C) may be quarantined by mail filters.
D) may be corrupted by the receiving mail server.
3. A major trading partner with access to the internal network is unwilling or unable to remediate serious information security exposures within its environment. Which of the following is the BEST recommendation?
A) Sign a legal agreement assigning them all liability for any breach
B) Remove all trading partner access until the situation improves
C) Set up firewall rules restricting network traffic from that location
D) Send periodic reminders advising them of their noncompliance
4. Documented standards/procedures for the use of cryptography across the enterprise should PRIMARILY:
A) define the circumstances where cryptography should be used.
B) define cryptographic algorithms and key lengths.
C) describe handling procedures of cryptographic keys.
D) establish the use of cryptographic solutions.
5. Which of the following is the MOST immediate consequence of failing to tune a newly installed intrusion detection system (IDS) with the threshold set to a low value?
A) The number of false positives increases
B) The number of false negatives increases
C) Active probing is missed
D) Attack profiles are ignored
1. Right Answer: D
Explanation: Security procedures often have to change frequently to keep up with changes in software. Since a procedure is a how-to document, it must be kept up-to-date with frequent changes in software. A security standard such as platform baselines '' defines behavioral limits, not the how-to process; it should not change frequently.High-level objectives of an organization, such as security governance, would normally be addressed in a security policy.
2. Right Answer: C
Explanation: Often, mail filters will quarantine zip files that are password-protected since the filter (or the firewall) is unable to determine if the file contains malicious code. Many zip file products are capable of using strong encryption. Such files are not normally corrupted by the sending mail server.
3. Right Answer: C
Explanation: It is incumbent on an information security manager to see to the protection of their organization's network, but to do so in a manner that does not adversely affect the conduct of business. This can be accomplished by adding specific traffic restrictions for that particular location. Removing all access will likely result in lost business. Agreements and reminders do not protect the integrity of the network.
4. Right Answer: A
Explanation: There should be documented standards-procedures for the use of cryptography across the enterprise; they should define the circumstances where cryptography should be used. They should cover the selection of cryptographic algorithms and key lengths, but not define them precisely, and they should address the handling of cryptographic keys. However, this is secondary to how and when cryptography should be used. The use of cryptographic solutions should be addressed but, again, this is a secondary consideration.
5. Right Answer: A
Explanation: Failure to tune an intrusion detection system (IDS) will result in many false positives, especially when the threshold is set to a low value. The other options are less likely given the fact that the threshold for sounding an alarm is set to a low value.
Explanation: Security procedures often have to change frequently to keep up with changes in software. Since a procedure is a how-to document, it must be kept up-to-date with frequent changes in software. A security standard such as platform baselines '' defines behavioral limits, not the how-to process; it should not change frequently.High-level objectives of an organization, such as security governance, would normally be addressed in a security policy.
2. Right Answer: C
Explanation: Often, mail filters will quarantine zip files that are password-protected since the filter (or the firewall) is unable to determine if the file contains malicious code. Many zip file products are capable of using strong encryption. Such files are not normally corrupted by the sending mail server.
3. Right Answer: C
Explanation: It is incumbent on an information security manager to see to the protection of their organization's network, but to do so in a manner that does not adversely affect the conduct of business. This can be accomplished by adding specific traffic restrictions for that particular location. Removing all access will likely result in lost business. Agreements and reminders do not protect the integrity of the network.
4. Right Answer: A
Explanation: There should be documented standards-procedures for the use of cryptography across the enterprise; they should define the circumstances where cryptography should be used. They should cover the selection of cryptographic algorithms and key lengths, but not define them precisely, and they should address the handling of cryptographic keys. However, this is secondary to how and when cryptography should be used. The use of cryptographic solutions should be addressed but, again, this is a secondary consideration.
5. Right Answer: A
Explanation: Failure to tune an intrusion detection system (IDS) will result in many false positives, especially when the threshold is set to a low value. The other options are less likely given the fact that the threshold for sounding an alarm is set to a low value.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment