CISMβCertified Information Security Manager - Part 99
1. Which of the following guarantees that data in a file have not changed?
A) Inspecting the modified date of the file
B) Encrypting the file with symmetric encryption
C) Using stringent access control to prevent unauthorized access
D) Creating a hash of the file, then comparing the file hashes
2. Which of the following mechanisms is the MOST secure way to implement a secure wireless network?
A) Filter media access control (MAC) addresses
B) Use a Wi-Fi Protected Access (WPA2) protocol
C) Use a Wired Equivalent Privacy (WEP) key
D) Web-based authentication
3. Which of the following devices could potentially stop a Structured Query Language (SQL) injection attack?
A) An intrusion prevention system (IPS)
B) An intrusion detection system (IDS)
C) A host-based intrusion detection system (HIDS)
D) A host-based firewall
4. Nonrepudiation can BEST be ensured by using:
A) strong passwords.
B) a digital hash.
C) symmetric encryption.
D) digital signatures.
5. Which of the following tasks should be performed once a disaster recovery plan has been developed?
A) Analyze the business impact
B) Define response team roles
C) Develop the test plan
D) Identify recovery time objectives
A) Inspecting the modified date of the file
B) Encrypting the file with symmetric encryption
C) Using stringent access control to prevent unauthorized access
D) Creating a hash of the file, then comparing the file hashes
2. Which of the following mechanisms is the MOST secure way to implement a secure wireless network?
A) Filter media access control (MAC) addresses
B) Use a Wi-Fi Protected Access (WPA2) protocol
C) Use a Wired Equivalent Privacy (WEP) key
D) Web-based authentication
3. Which of the following devices could potentially stop a Structured Query Language (SQL) injection attack?
A) An intrusion prevention system (IPS)
B) An intrusion detection system (IDS)
C) A host-based intrusion detection system (HIDS)
D) A host-based firewall
4. Nonrepudiation can BEST be ensured by using:
A) strong passwords.
B) a digital hash.
C) symmetric encryption.
D) digital signatures.
5. Which of the following tasks should be performed once a disaster recovery plan has been developed?
A) Analyze the business impact
B) Define response team roles
C) Develop the test plan
D) Identify recovery time objectives
1. Right Answer: D
Explanation: A hashing algorithm can be used to mathematically ensure that data haven't been changed by hashing a file and comparing the hashes after a suspected change.
2. Right Answer: B
Explanation: WPA2 is currently one of the most secure authentication and encryption protocols for mainstream wireless products. MAC address filtering by itself is not a good security mechanism since allowed MAC addresses can be easily sniffed and then spoofed to get into the network. WEP is no longer a secure encryption mechanism for wireless communications. The WEP key can be easily broken within minutes using widely available software. And once the WEP key is obtained, all communications of every other wireless client are exposed. Finally, a web-based authentication mechanism can be used to prevent unauthorized user access to a network, but it will not solve the wireless network's main security issues, such as preventing network sniffing.
3. Right Answer: A
Explanation: SQL injection attacks occur at the application layer. Most IPS vendors will detect at least basic sets of SQL injection and will be able to stop them. IDS will detect, but not prevent I IIDS will be unaware of SQL injection problems. A host-based firewall, be it on the web server or the database server, will allow the connection because firewalls do not check packets at an application layer.
4. Right Answer: D
Explanation: Digital signatures use a private and public key pair, authenticating both parties. The integrity of the contents exchanged is controlled through the hashing mechanism that is signed by the private key of the exchanging party. A digital hash in itself helps in ensuring integrity of the contents, but not nonrepudiation.Symmetric encryption wouldn't help in nonrepudiation since the keys are always shared between parties. Strong passwords only ensure authentication to the system and cannot be used for nonrepudiation involving two or more parties.
5. Right Answer: B
Explanation:
Explanation: A hashing algorithm can be used to mathematically ensure that data haven't been changed by hashing a file and comparing the hashes after a suspected change.
2. Right Answer: B
Explanation: WPA2 is currently one of the most secure authentication and encryption protocols for mainstream wireless products. MAC address filtering by itself is not a good security mechanism since allowed MAC addresses can be easily sniffed and then spoofed to get into the network. WEP is no longer a secure encryption mechanism for wireless communications. The WEP key can be easily broken within minutes using widely available software. And once the WEP key is obtained, all communications of every other wireless client are exposed. Finally, a web-based authentication mechanism can be used to prevent unauthorized user access to a network, but it will not solve the wireless network's main security issues, such as preventing network sniffing.
3. Right Answer: A
Explanation: SQL injection attacks occur at the application layer. Most IPS vendors will detect at least basic sets of SQL injection and will be able to stop them. IDS will detect, but not prevent I IIDS will be unaware of SQL injection problems. A host-based firewall, be it on the web server or the database server, will allow the connection because firewalls do not check packets at an application layer.
4. Right Answer: D
Explanation: Digital signatures use a private and public key pair, authenticating both parties. The integrity of the contents exchanged is controlled through the hashing mechanism that is signed by the private key of the exchanging party. A digital hash in itself helps in ensuring integrity of the contents, but not nonrepudiation.Symmetric encryption wouldn't help in nonrepudiation since the keys are always shared between parties. Strong passwords only ensure authentication to the system and cannot be used for nonrepudiation involving two or more parties.
5. Right Answer: B
Explanation:
Comments
0
CA Foundation Business Economics Questions 2023 - Part 32
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 29
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 28
03 Mar 2023
