CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 64
1. An information security manager is advised by contacts in law enforcement that there is evidence that his/ her company is being targeted by a skilled gang of hackers known to use a variety of techniques, including social engineering and network penetration. The FIRST step that the security manager should take is to:
A) perform a comprehensive assessment of the organization's exposure to the hacker's techniques.
B) initiate awareness training to counter social engineering.
C) immediately advise senior management of the elevated risk.
D) increase monitoring activities to provide early detection of intrusion.
2. Which of the following steps should be performed FIRST in the risk assessment process?
A) Staff interviews
B) Threat identification
C) Asset identification and valuation
D) Determination of the likelihood of identified risks
3. Which of the following authentication methods prevents authentication replay?
A) Password hash implementation
B) Challenge/response mechanism
C) Wired Equivalent Privacy (WEP) encryption usage
D) HTTP Basic Authentication
4. An organization has a process in place that involves the use of a vendor. A risk assessment was completed during the development of the process. A year after the implementation a monetary decision has been made to use a different vendor. What, if anything, should occur?
A) Nothing, since a risk assessment was completed during development.
B) A vulnerability assessment should be conducted.
C) A new risk assessment should be performed.
D) The new vendor's SAS 70 type II report should be reviewed.
5. Which of the following is MOST important to consider when developing a business case to support the investment in an information security program?
A) Senior management support
B) Results of a cost-benefit analysis
C) Results of a risk assessment
D) Impact on the risk profile
A) perform a comprehensive assessment of the organization's exposure to the hacker's techniques.
B) initiate awareness training to counter social engineering.
C) immediately advise senior management of the elevated risk.
D) increase monitoring activities to provide early detection of intrusion.
2. Which of the following steps should be performed FIRST in the risk assessment process?
A) Staff interviews
B) Threat identification
C) Asset identification and valuation
D) Determination of the likelihood of identified risks
3. Which of the following authentication methods prevents authentication replay?
A) Password hash implementation
B) Challenge/response mechanism
C) Wired Equivalent Privacy (WEP) encryption usage
D) HTTP Basic Authentication
4. An organization has a process in place that involves the use of a vendor. A risk assessment was completed during the development of the process. A year after the implementation a monetary decision has been made to use a different vendor. What, if anything, should occur?
A) Nothing, since a risk assessment was completed during development.
B) A vulnerability assessment should be conducted.
C) A new risk assessment should be performed.
D) The new vendor's SAS 70 type II report should be reviewed.
5. Which of the following is MOST important to consider when developing a business case to support the investment in an information security program?
A) Senior management support
B) Results of a cost-benefit analysis
C) Results of a risk assessment
D) Impact on the risk profile
1. Right Answer: C
Explanation: Information about possible significant new risks from credible sources should be provided to management along with advice on steps that need to be taken to counter the threat. The security manager should assess the risk, but senior management should be immediately advised. It may be prudent to initiate an awareness campaign subsequent to sounding the alarm if awareness training is not current. Monitoring activities should also be increased.
2. Right Answer: C
Explanation: The first step in the risk assessment methodology is a system characterization, or identification and valuation, of all of the enterprise's assets to define the boundaries of the assessment. Interviewing is a valuable tool to determine qualitative information about an organization's objectives and tolerance for risk.Interviews are used in subsequent steps. Identification of threats comes later in the process and should not be performed prior to an inventory since many possible threats will not be applicable if there is no asset at risk. Determination of likelihood comes later in the risk assessment process.
3. Right Answer: B
Explanation: A challenge/response mechanism prevents replay attacks by sending a different random challenge in each authentication event. The response is linked to that challenge. Therefore, capturing the authentication handshake and replaying it through the network will not work. Using hashes by itself will not prevent a replay. AWEP key will not prevent sniffing (it just takes a few more minutes to break the WEP key if the attacker does not already have it) and therefore will not be able to prevent recording and replaying an authentication handshake. HTTP Basic Authentication is clear text and has no mechanisms to prevent replay.
4. Right Answer: C
Explanation: The risk assessment process is continual and any changes to an established process should include a new- risk assessment. While a review of the SAS 70 report and a vulnerability assessment may be components of a risk assessment, neither would constitute sufficient due diligence on its own.
5. Right Answer: D
Explanation: Explanation -The information security manager must understand the business risk profile of the organization. No model provides a complete picture, but logically categorizing the risk areas of an organization facilitates focusing on key risk management strategies and decisions. It also enables the organization to develop and implement risk treatment approaches that are relevant to the business and cost effective.
Explanation: Information about possible significant new risks from credible sources should be provided to management along with advice on steps that need to be taken to counter the threat. The security manager should assess the risk, but senior management should be immediately advised. It may be prudent to initiate an awareness campaign subsequent to sounding the alarm if awareness training is not current. Monitoring activities should also be increased.
2. Right Answer: C
Explanation: The first step in the risk assessment methodology is a system characterization, or identification and valuation, of all of the enterprise's assets to define the boundaries of the assessment. Interviewing is a valuable tool to determine qualitative information about an organization's objectives and tolerance for risk.Interviews are used in subsequent steps. Identification of threats comes later in the process and should not be performed prior to an inventory since many possible threats will not be applicable if there is no asset at risk. Determination of likelihood comes later in the risk assessment process.
3. Right Answer: B
Explanation: A challenge/response mechanism prevents replay attacks by sending a different random challenge in each authentication event. The response is linked to that challenge. Therefore, capturing the authentication handshake and replaying it through the network will not work. Using hashes by itself will not prevent a replay. AWEP key will not prevent sniffing (it just takes a few more minutes to break the WEP key if the attacker does not already have it) and therefore will not be able to prevent recording and replaying an authentication handshake. HTTP Basic Authentication is clear text and has no mechanisms to prevent replay.
4. Right Answer: C
Explanation: The risk assessment process is continual and any changes to an established process should include a new- risk assessment. While a review of the SAS 70 report and a vulnerability assessment may be components of a risk assessment, neither would constitute sufficient due diligence on its own.
5. Right Answer: D
Explanation: Explanation -The information security manager must understand the business risk profile of the organization. No model provides a complete picture, but logically categorizing the risk areas of an organization facilitates focusing on key risk management strategies and decisions. It also enables the organization to develop and implement risk treatment approaches that are relevant to the business and cost effective.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment