Download New Updated (July) Isaca CISA Actual Test 571-580

Ensurepass

 

 

QUESTION 571

An IS auditor analyzing the audit log of a database management system (DBMS) finds that some transactions were partially executed as a result of an error, and are not rolled back. Which of the following transaction processing features has been violated?

 

A.

Consistency

B.

Isolation

C.

Durability

D.

Atomicity

 

Correct Answer: D

Explanation:

Atomicity guarantees that either the entire transaction is processed or none of it is. Consistency ensures that the database is in a legal state when the transaction begins and ends, isolation means that, while in an intermediate state, the transaction data is invisible to external operations. Durability guarantees that a successful transaction will persist, and cannot be undone.

 

 

QUESTION 572

An IS auditor notes that patches for the operating system used by an organization are deployed by the IT department as advised by the vendor. The MOST significant concern an IS auditor should have with this practice is the nonconsideration bylT of:

 

A.

the training needs for users after applying the patch.

B.

any beneficial impact of the patch on the operational systems.

C.

delaying deployment until testing the impact of the patch.

D.

the necessity of advising end users of new patches.

 

Correct Answer: C

Explanation:

Deploying patches without testing exposes an organization to the risk of system disruption or failure. Normally, there is no need for training or advising users when a new operating system patch has been installed. Any beneficial impact is less important than the risk of unavailability that could be avoided with proper testing.

 

 

QUESTION 573

Which of the following would be the MOST secure firewall system?

 

A.

Screened-host firewall

B.

Screened-subnet firewall

C.

Dual-homed firewall

D.

Stateful-inspection firewall

 

Correc
t Answer:
B

Explanation:

A screened-subnet firewall, also used as a demilitarized zone (DMZ), utilizes two packet filtering routers and a bastion host. This provides the most secure firewall system, since it supports both network- and application-level security while defining a separate DMZ network. A screened-host firewall utilizes a packet filtering router and a bastion host. This approach implements basic network layer security (packet filtering) and application server security (proxy services). A dual-homed firewall system is a more restrictive form of a screened-host firewall system, configuring one interface for information servers and another for private network host computers. A stateful-inspection firewall working at the transport layer keeps track of thedestination IP address of each packet that leaves the organization’s internal network and allows a reply from the recorded IP addresses.

 

 

QUESTION 574

Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization’s security policy?

 

A.

Review the parameter settings.

B.

Interview the firewall administrator.

C.

Review the actual procedures.

D.

Review the device’s log file for recent attacks.

 

Correct Answer: A

Explanation:

A review of the parameter settings will provide a good basis for comparison of the actual configuration to the security policy and will provide audit evidence documentation. The other choices do not provide audit evidence as strong as choice A.

 

 

QUESTION 575

Which of the following types of firewalls would BEST protect a network from an internet attack?

 

A.

Screened subnet firewall

B.

Application filtering gateway

C.

Packet filtering router

D.

Circuit-level gateway

 

Correct Answer: A

Explanation:

A screened subnet firewall would provide the best protection. The screening router can be a commercial router or a node with routing capabilities and the ability to allow or avoid traffic between nets or nodes based on addresses, ports, protocols, interfaces, etc. Application-level gateways are mediators between two entities that want to communicate, also known as proxy gateways. The application level (proxy) works at the application level, not just at a package level. The screening controls atthe package level, addresses and ports, but does not see the contents of the package. A packet filtering router examines the header of every packet or data traveling between the internet and the corporate network.

 

 

QUESTION 576

Assuming this diagram represents an internal facility and the organization is implementing a firewall protection program, where should firewalls be installed?

 

clip_image002

 

A.

No firewalls are needed

B.

Op-3 location only

C.

MIS (Global) and NAT2

D.

SMTP Gateway and op-3

Correct Answer: D

Explanation:

The objective of a firewall is to protect a trusted network from an untrusted network; therefore, locations needing firewall implementations would be at the existence of the external connections. All other answers are incomplete or represent internal connections.

 

 

QUESTION 577

During maintenance of a relational database, several values of the foreign key in a transaction table of a relational database have been corrupted. The consequence is that:

 

A.

the detail of involved transactions may no longer be associated with master data, causing errors when these transactions are processed.

B.

there is no way of reconstructing the lost information, except by deleting the dangling tuples and reentering the transactions.

C.

the database will immediately stop execution and lose more information.

D.

the database will no longer accept input data.

 

Correct Answer: A

Explanation:

When the external key of a transaction is corrupted or lost, the application system will normally be incapable of directly attaching the master data to the transaction datA. This will normally cause the system to undertake a sequential search and slow down the processing. If the concerned files are big, this slowdown will be unacceptable. Choice B is incorrect, since a system can recover the corrupted external key by reindexing the table. Choices C and D would not result from a corrupted foreignkey.

 

 

QUESTION 578

When auditing a proxy-based firewall, an IS auditor should:

 

A.

verify that the firewall is not dropping any forwarded packets.

B.

review Address Resolution Protocol (ARP) tables for appropriate mapping between media access control (MAC) and IP addresses.

C.

verify that the filters applied to services such as HTTP are effective.

D.

test whether routing information is forwarded by the firewall.

 

Correct Answer: C

Explanation:

A proxy-based firewall works as an intermediary (proxy) between the service or application and the client, it makes a connection with the client and opens a different connection with the server and, based on specific filters and rules, analyzes all the traffic between the two connections. Unlike a packet-filtering gateway, a proxy-based firewall does not forward any packets. Mapping between media access control (MAC) and IP addresses is a task for protocols such as Address Resolution Protocol/Reverse Address Resolution Protocol (ARP/RARP).

 

 

QUESTION 579

Which of the following procedures would MOST effectively detect the loading of illegal software packages onto a network?

 

A.

The use of diskless workstations

B.

Periodic checking of hard drives

C.

The use of current antivirus software

D.

Policies that result in instant dismissal if violated

 

Correct Answer: B

Explanation:

The periodic checking of hard drives would be the most effective method of identifying illegal software packages loaded to the network. Antivirus software will not necessarily identify illegal software, unless the software contains a virus. Disklessworkstations act as a preventive control and are not effective, since users could still download software from other than diskless workstations. Policies lay out the rules about loading the software, but will not detect the actual occurrence.

 

 

QUESTION 580

When reviewing the configuration of network devices, an IS auditor should FIRST identify:

 

A.

the best practices for the type of network devices deployed.

B.

whether components of the network are missing.

C.

the importance of the network device in the topology.

D.

whether subcomponents of the network are being used appropriately.

 

Correct Answer: C

Explanation:

The first step is to understand the importance and role of the network device within the organization’s network topology. After understanding the devices in the network, the best practice for using the device should be reviewed to ensure that there are no anomalies within the configuration. Identification of which component or subcomponent is missing or being used inappropriately can only be known upon reviewing and understanding the topology and the best practice for deployment of the device in the network.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CISA Real Tests (July) and tagged , , , , , , . Bookmark the permalink.