Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ag-CISA 3.0 - ISACA > A5-1 -285 > Flashcards

A5-1 -285 Flashcards

1
Q

Web application developers sometimes use hidden fields on web pages to save information about a client session. This technique is used, in some cases, to store session variables that enable persistence across web pages, such as maintaining the contents of a shopping cart on a retail web site application. The MOST likely web-based attack due to this practice is:

A. parameter tampering
B. cross-site scripting
C. cookie poisoning
D. stealth commanding

A

A. parameter tampering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which control is the BEST way to ensure that the data in a file have not been changed during transmission?

A. Reasonableness check
B. Parity bits
C. Hash values
D. Check digits

A

C. Hash values

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The PRIMARY purpose of audit trails is to:

A. improve response time for users.
B. establish accountability for processes transactions.
C. improve operational efficiency of the system.
D. provide information to auditors who which to track transactions.

A

B. establish accountability for processes transactions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following systems or tools can recognize that a credit card transaction is more likely to have resulted from a stolen credit card than from the holder of the credit card?

A. Intrusion detection systems
B. Data mining techniques
C. Stateful inspection firewalls
D. Packet filtering routers

A

B. Data mining techniques

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following BEST ensures the integrity of a server’s operating system?

A. Protecting the server in a secure location
B. Setting a boot password
C. Hardening the server configuration
D. Implementing activity logging

A

C. Hardening the server configuration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following network components is PRIMARILY set up to serve as a security measure by preventing unauthorized traffic between different segments of the networks?

A. Firewalls
B. Routers
C. Layer 2 switches
D. Virtual local area networks

A

A. Firewalls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An IS auditor discovers that the chief information officer (CIO) of an organization is using a wireless broadband modem using global system for mobile communications (GSM) technology. This modem is being used to connect the CIO’s laptop to the corporate virtual private network (VPN) when the CIO travels outside the office. The IS auditor should:

A. do nothing because the inherent security features of GSM technology are appropriate
B. recommend that the CIO stop using the laptop computer until encryption is enabled.
C. ensure that the medical access control address filtering is enables on the network so unauthorized wireless users cannot connect.
D. suggest that two-factor authentication be used over the wireless link to prevent unauthorized communications.

A

A. do nothing because the inherent security features of GSM technology are appropriate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is the BEST way to minimize unauthorized access to unattended end-user PC systems?

A. Enforce use of a password-protected screen saver
B. Implement proximity-based authentication system
C. Terminate user session at predefined intervals
D. Adjust power management settings so the monitor screen is black.

A

A. Enforce use of a password-protected screen saver

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The implementation of which of the following would MOST effectively prevent unauthorized access to a system administration account on a web server?

A. Host intrusion detection software installed on the server
B. Password expiration and lockout policy
C. Password complexity rules
D. Two-factor authentication

A

D. Two-factor authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An organization’s IT director has approved the installation of a wireless local area network access point in a conference room for a team of consultants to access the Internet with their laptop computers. The BEST control to protect the corporate servers from unauthorized access is to ensure that:

A. encryption is enables on the access point
B. the conference room network is on a separate virtual local area network (VLAN).
C. antivirus signatures and patch levels are current on the consultants’ laptops.
D. default user IDs are disabled and strong passwords are set on the corporate servers.

A

B. the conference room network is on a separate virtual local area network (VLAN).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The IS auditor is reviewing an organization’s Human Resources (HR) database implementation. The IS auditor discovers that the database servers are clustered for high availability, all default database accounts have been removed and database audit logs are kept and reviewed on a weekly basis. What other area should the IS auditor check to ensure that the databases are appropriately secured?

A. Database administrators are restricted from access to HR data.
B. Database logs are encrypted.
C. Database store procedures are encrypted.
D. Database initialization parameters are appropriate.

A

D. Database initialization parameters are appropriate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An IS auditor has been asked by management to review a potentially fraudulent transaction. The PRIMARY focus of an IS auditor while evaluating the transaction should be to:

A. maintain impartiality while evaluating the transaction.
B. ensure that the independence of an IS auditor is maintained.
C. assure that the integrity of the evidence is maintained
D. assess all relevant evidence for the transaction.

A

C. assure that the integrity of the evidence is maintained.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A new business application has been designed in a large, complex organization and the business owner has requested that the various reports be viewed on a “need to know” basis. Which of the following access control methods would be the BEST method to achieve this requirement?

A. Mandatory
B. Role-based
C. Discretionary
D. Single sign-on

A

B. Role-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is the BEST control to prevent the deletion of audit logs by unauthorized individuals in an organization?

A. Actions performed on log files should be tracked in a separate log.
B. Write access to audit logs should be disabled.
C. Only select personnel should have rights to view or delete audit logs.
D. Backups of audit logs should be performed periodically.

A

C. Only select personnel should have rights to view or delete audit logs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A company is implementing a Dynamic Host Configuration Protocol (DHCP). Given that the following conditions exists, which represents the GREATEST concern?

A. Most employees use laptop
B. A packet filtering firewall is used.
C. The IP address space is smaller than the number of PCs.
D. Access to a network port is not restricted.

A

D. Access to a network port is not restricted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is an effective preventative control to ensure that a database administrator (DBA) complies with the custodianship of the enterprise’s data?

A. Exception reports
B. Segregation of duties (SoD)
C. Review of access logs and activities
D. Management supervision

A

B. Segregation of duties (SoD)

17
Q

An employee has received a digital photo Fram as a gift and has connected it to his/her work PC to transfer digital photos. The PRIMARY risk that this scenario introduces is that:

A. the photo frame storage media could be used to steal corporate data.
B. the drivers for the photo frame may be incompatible and crash the user’s PC
C. the employee may bring inappropriate photographs into the office.
D. the photo frame could be infected with malware.

A

D. the photo frame could be infected with malware.

18
Q

An organization discovers that the computer of the chief financial officer (CFO) has been infected with malware the includes a keystroke logger and a rootlet. The FIRST action to take would be to:

A. Contact the appropriate law enforcement authorities to begin an investigation
B. Immediately ensure that no additional data are compromised.
C. Disconnect the PC from the network.
D. Update the antivirus signature on the PC to ensure that the malware or virus is detected and removed.

A

C. Disconnect the PC from the network.

19
Q

The IS auditor is reviewing findings from a prior IS audit of a hospital. One finding indicates that the organization was using email to communicate sensitive patient issues. The IT manager indicates that to address this finding, the organization has implemented digital signatures for all email users. What should the IS auditor’s response be?

A. Digital signatures are not adequate to protect confidentiality.
B. Digital signatures are adequate to protect confidentiality.
C. The IS auditor should gather more information about the specific implementation.
D. The IS auditor should recommend implementation of Digital watermarking for secure email.

A

A. Digital signatures are not adequate to protect confidentiality.

20
Q

Which of the following line media would provide the BEST security for a telecommunication network?

A. Broadband network digital transmission.
B. Baseband network.
C. Dialup
D. Dedicated lines.

A

D. Dedicated lines.

21
Q

To ensure that an organization is complying with privacy requirements, an IS auditor should FIRST review:

A. the IT infrastructure.
B. organizational policies, standards, and procedures
C. legal and regulatory requirements
D. adherence to organizational policies, standards and procedures.

A

C. legal and regulatory requirements

22
Q

A Human Resources company offers wireless Internet access to its guests, after authenticating with a generic user ID and password. The generic ID and password are requested from the reception desk. Which of the following controls BEST addresses the situation?

A. The password for the wireless network is changed on a weekly basis.
B. A stateful inspection firewall is used between the public wireless and company network.
C. The public wireless network is physically segregated from the company network.
D. An intrusion detection system is deployed within the wireless network.

A

C. The public wireless network is physically segregated from the company network.

23
Q

When reviewing the implementation of a local area network, an IS auditor should FIRST review the:

A. node list
B. acceptance test reports
C. network diagram
D. users list

A

C. network diagram

24
Q

An IS auditor discovers that the configuration settings for password controls are more stringent for business users than IT developers. Which of the following is the BEST action for the IS auditor to take?

A. Determine if this is a policy violation and document it.
B. Document the observations as an exception.
C. Recommend that all password configuration settings be identical.
D. Recommend that logs of IT developer access are reviewed periodically.

A

A. Determine if this is a policy violation and document it.

25
Q

An organization is developing a new web-based application to process orders from customers. Which of the following security measures should be taken to protect this application from hackers?

A. Ensure that port 80 and 443 are blocked at the firewall.
B. Inspect file and access permissions on all servers to ensure that all files have read-only access.
C. Perform a web application security review.
D. Make sure that only the IP addresses of existing customers are allowed through the firewall.

A

C. Perform a web application security review.

26
Q

Which of the types of penetration tests simulates a real attack and is used to test incident handling and response capability of the target?

A. Blind testing
B. Target testing
C. Double-blind testing
D. External testing

A

C. Double-blind testing

27
Q

An organization has requested that an IS auditor provide a recommendation to enhance the security and reliability of its Voice-over Internet Protocol (VoIP) system and data traffic. Which of the following would meet this objective?

A. VoIP infrastructure needs to be segregated using virtual local area networks.
B. Buffers need to be introduced at the VoIP endpoints.
C. Ensure that end-to-end encryption is enabled in the VoIP system.
D. Ensure that emergency backup power is available for all parts of the VoIP infrastructure.

A

A. VoIP infrastructure needs to be segregated using virtual local area networks.

28
Q

During a review of intrusion detection logs, an IS auditor notices traffic coming from the Internet, which appears to originate from the internal IP address of the company payroll server. Which of the following malicious activities would MOST likely cause this type of result?

A. A-denial-of-service-attack
B. Spoofing
C. Port Scanning
D. A man-in-the-middle attack.

A

B. Spoofing

29
Q

An IS auditor is reviewing an organization’s information security policy, which requires encryption of all data places on Universal Serial Bus (USB) drives. The

A

.>

ag-CISA 3.0 - ISACA (43 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions