CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 193
1. When collecting evidence for forensic analysis, it is important to:
A) ensure the assignment of qualified personnel.
B) request the IT department do an image copy.
C) disconnect from the network and isolate the affected devices.
D) ensure law enforcement personnel are present before the forensic analysis commences.
2. What is the BEST method for mitigating against network denial of service (DoS) attacks?
A) Ensure all servers are up-to-date on OS patches
B) Employ packet filtering to drop suspect packets
C) Implement network address translation to make internal addresses nonroutable
D) Implement load balancing for Internet facing devices
3. To justify the establishment of an incident management team, an information security manager would find which of the following to be the MOST effective?
A) Assessment of business impact of past incidents
B) Need of an independent review of incident causes
C) Need for constant improvement on the security level
D) Possible business benefits from incident impact reduction
4. A database was compromised by guessing the password for a shared administrative account and confidential customer information was stolen. The information security manager was able to detect this breach by analyzing which of the following?
A) Invalid logon attempts
B) Write access violations
C) Concurrent logons
D) Firewall logs
5. Which of the following is an example of a corrective control?
A) Diverting incoming traffic upon responding to the denial of service (DoS) attack
B) Filtering network traffic before entering an internal network from outside
C) Examining inbound network traffic for viruses
D) Logging inbound network traffic
A) ensure the assignment of qualified personnel.
B) request the IT department do an image copy.
C) disconnect from the network and isolate the affected devices.
D) ensure law enforcement personnel are present before the forensic analysis commences.
2. What is the BEST method for mitigating against network denial of service (DoS) attacks?
A) Ensure all servers are up-to-date on OS patches
B) Employ packet filtering to drop suspect packets
C) Implement network address translation to make internal addresses nonroutable
D) Implement load balancing for Internet facing devices
3. To justify the establishment of an incident management team, an information security manager would find which of the following to be the MOST effective?
A) Assessment of business impact of past incidents
B) Need of an independent review of incident causes
C) Need for constant improvement on the security level
D) Possible business benefits from incident impact reduction
4. A database was compromised by guessing the password for a shared administrative account and confidential customer information was stolen. The information security manager was able to detect this breach by analyzing which of the following?
A) Invalid logon attempts
B) Write access violations
C) Concurrent logons
D) Firewall logs
5. Which of the following is an example of a corrective control?
A) Diverting incoming traffic upon responding to the denial of service (DoS) attack
B) Filtering network traffic before entering an internal network from outside
C) Examining inbound network traffic for viruses
D) Logging inbound network traffic
1. Right Answer: A
Explanation: Without the initial assignment of forensic expertise, the required levels of evidence may not be preserved. In choice B. the IT department is unlikely to have that level of expertise and should, thus, be prevented from taking action. Choice C may be a subsequent necessity that comes after choice A. Choice D, notifying law enforcement, will likely occur after the forensic analysis has been completed.
2. Right Answer: B
Explanation: Packet filtering techniques are the only ones which reduce network congestion caused by a network denial of service (DoS) attack. Patching servers, in general, will not affect network traffic. Implementing network address translation and load balancing would not be as effective in mitigating most network DoS attacks.
3. Right Answer: D
Explanation: Business benefits from incident impact reduction would be the most important goal for establishing an incident management team. The assessment of business impact of past incidents would need to be completed to articulate the benefits. Having an independent review benefits the incident management process. The need for constant improvement on the security level is a benefit to the organization.
4. Right Answer: A
Explanation: Since the password for the shared administrative account was obtained through guessing, it is probable that there were multiple unsuccessful logon attempts before the correct password was deduced. Searching the logs for invalid logon attempts could, therefore, lead to the discovery of this unauthorized activity.Because the account is shared, reviewing the logs for concurrent logons would not reveal unauthorized activity since concurrent usage is common in this situation.Write access violations would not necessarily be observed since the information was merely copied and not altered. Firewall logs would not necessarily contain information regarding logon attempts.
5. Right Answer: A
Explanation: Diverting incoming traffic corrects the situation and. therefore, is a corrective control. Choice B is a preventive control. Choices C and D are detective controls.
Explanation: Without the initial assignment of forensic expertise, the required levels of evidence may not be preserved. In choice B. the IT department is unlikely to have that level of expertise and should, thus, be prevented from taking action. Choice C may be a subsequent necessity that comes after choice A. Choice D, notifying law enforcement, will likely occur after the forensic analysis has been completed.
2. Right Answer: B
Explanation: Packet filtering techniques are the only ones which reduce network congestion caused by a network denial of service (DoS) attack. Patching servers, in general, will not affect network traffic. Implementing network address translation and load balancing would not be as effective in mitigating most network DoS attacks.
3. Right Answer: D
Explanation: Business benefits from incident impact reduction would be the most important goal for establishing an incident management team. The assessment of business impact of past incidents would need to be completed to articulate the benefits. Having an independent review benefits the incident management process. The need for constant improvement on the security level is a benefit to the organization.
4. Right Answer: A
Explanation: Since the password for the shared administrative account was obtained through guessing, it is probable that there were multiple unsuccessful logon attempts before the correct password was deduced. Searching the logs for invalid logon attempts could, therefore, lead to the discovery of this unauthorized activity.Because the account is shared, reviewing the logs for concurrent logons would not reveal unauthorized activity since concurrent usage is common in this situation.Write access violations would not necessarily be observed since the information was merely copied and not altered. Firewall logs would not necessarily contain information regarding logon attempts.
5. Right Answer: A
Explanation: Diverting incoming traffic corrects the situation and. therefore, is a corrective control. Choice B is a preventive control. Choices C and D are detective controls.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment