CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 147
1. Which of the following measures is the MOST effective deterrent against disgruntled stall abusing their privileges?
A) Layered defense strategy
B) System audit log monitoring
C) Signed acceptable use policy
D) High-availability systems
2. The advantage of sending messages using steganographic techniques, as opposed to utilizing encryption, is that:
A) the existence of messages is unknown.
B) required key sizes are smaller.
C) traffic cannot be sniffed.
D) reliability of the data is higher in transit.
3. As an organization grows, exceptions to information security policies that were not originally specified may become necessary at a later date. In order to ensure effective management of business risks, exceptions to such policies should be:
A) considered at the discretion of the information owner.
B) approved by the next higher person in the organizational structure.
C) formally managed within the information security framework.
D) reviewed and approved by the security manager.
4. There is reason to believe that a recently modified web application has allowed unauthorized access. Which is the BEST way to identify an application backdoor?
A) Black box pen test
B) Security audit
C) Source code review
D) Vulnerability scan
5. Simple Network Management Protocol v2 (SNMP v2) is used frequently to monitor networks. Which of the following vulnerabilities does it always introduce?
A) Remote buffer overflow
B) Cross site scripting
C) Clear text authentication
D) Man-in-the-middle attack
A) Layered defense strategy
B) System audit log monitoring
C) Signed acceptable use policy
D) High-availability systems
2. The advantage of sending messages using steganographic techniques, as opposed to utilizing encryption, is that:
A) the existence of messages is unknown.
B) required key sizes are smaller.
C) traffic cannot be sniffed.
D) reliability of the data is higher in transit.
3. As an organization grows, exceptions to information security policies that were not originally specified may become necessary at a later date. In order to ensure effective management of business risks, exceptions to such policies should be:
A) considered at the discretion of the information owner.
B) approved by the next higher person in the organizational structure.
C) formally managed within the information security framework.
D) reviewed and approved by the security manager.
4. There is reason to believe that a recently modified web application has allowed unauthorized access. Which is the BEST way to identify an application backdoor?
A) Black box pen test
B) Security audit
C) Source code review
D) Vulnerability scan
5. Simple Network Management Protocol v2 (SNMP v2) is used frequently to monitor networks. Which of the following vulnerabilities does it always introduce?
A) Remote buffer overflow
B) Cross site scripting
C) Clear text authentication
D) Man-in-the-middle attack
1. Right Answer: C
Explanation: A layered defense strategy would only prevent those activities that are outside of the user's privileges. A signed acceptable use policy is often an effective deterrent against malicious activities because of the potential for termination of employment and/or legal actions being taken against the individual. System audit log monitoring is after the fact and may not be effective. High-availability systems have high costs and are not always feasible for all devices and components or systems.
2. Right Answer: A
Explanation: The existence of messages is hidden when using steganography. This is the greatest risk. Keys are relevant for encryption and not for steganography. Sniffing of steganographic traffic is also possible. Option D is not relevant.
3. Right Answer: C
Explanation: A formal process for managing exceptions to information security policies and standards should be included as part of the information security framework. The other options may be contributors to the process but do not in themselves constitute a formal process.
4. Right Answer: C
Explanation: Source code review is the best way to find and remove an application backdoor. Application backdoors can be almost impossible to identify' using a black box pen test or a security audit. A vulnerability scan will only find 'known' vulnerability patterns and will therefore not find a programmer's application backdoor.
5. Right Answer: C
Explanation: One of the main problems with using SNMP vl and v�°2 is the clear text 'community string' that it uses to authenticate. It is easy to sniff and reuse. Most times, theSNMP community string is shared throughout the organization's servers and routers, making this authentication problem a serious threat to security. There have been some isolated cases of remote buffer overflows against SNMP daemons, but generally that is not a problem. Cross site scripting is a web application vulnerability that is not related to SNMP. A man-in-the-middle attack against a user datagram protocol (UDP) makes no sense since there is no active session; every request has the community string and is answered independently.
Explanation: A layered defense strategy would only prevent those activities that are outside of the user's privileges. A signed acceptable use policy is often an effective deterrent against malicious activities because of the potential for termination of employment and/or legal actions being taken against the individual. System audit log monitoring is after the fact and may not be effective. High-availability systems have high costs and are not always feasible for all devices and components or systems.
2. Right Answer: A
Explanation: The existence of messages is hidden when using steganography. This is the greatest risk. Keys are relevant for encryption and not for steganography. Sniffing of steganographic traffic is also possible. Option D is not relevant.
3. Right Answer: C
Explanation: A formal process for managing exceptions to information security policies and standards should be included as part of the information security framework. The other options may be contributors to the process but do not in themselves constitute a formal process.
4. Right Answer: C
Explanation: Source code review is the best way to find and remove an application backdoor. Application backdoors can be almost impossible to identify' using a black box pen test or a security audit. A vulnerability scan will only find 'known' vulnerability patterns and will therefore not find a programmer's application backdoor.
5. Right Answer: C
Explanation: One of the main problems with using SNMP vl and v�°2 is the clear text 'community string' that it uses to authenticate. It is easy to sniff and reuse. Most times, theSNMP community string is shared throughout the organization's servers and routers, making this authentication problem a serious threat to security. There have been some isolated cases of remote buffer overflows against SNMP daemons, but generally that is not a problem. Cross site scripting is a web application vulnerability that is not related to SNMP. A man-in-the-middle attack against a user datagram protocol (UDP) makes no sense since there is no active session; every request has the community string and is answered independently.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment