Download New Updated (July) Isaca CISA Actual Test 701-710

Ensurepass

 

QUESTION 701

The MOST effective control for reducing the risk related to phishing is:

 

A.

centralized monitoring of systems.

B.

including signatures for phishing in antivirus software.

C.

publishing the policy on antiphishing on the intranet.

D.

security training for all users.

 

Correct Answer: D

Explanation:

Phishing is a type of e-mail attack that attempts to convince a user that the originator is genuine, with the intention of obtaining information. Phishing is an example of a social engineering attack. Any social engineering type of attack can best Decontrolled through security and awareness training.

 

 

QUESTION 702

A certificate authority (CA) can delegate the processes of:

 

A.

revocation and suspension of a subscriber’s certificate.

B.

generation and distribution of the CA public key.

C.

establishing a link between the requesting entity and its public key.

D.

issuing and distributing subscriber certificates.,

 

Correct Answer: C

Explanation:

Establishing a link between the requesting e
ntity and its public key is a function of a registration authority. This may or may not be performed by a CA; therefore, this function can be delegated. Revocation and suspension and issuance and distribution of the subscriber certificate are functions of the subscriber certificate life cycle management, which the CA must perform. Generation and distribution of the CA public key is a part of the CA key life cycle management process and, as such, cannot be delegated.

 

 

 

QUESTION 703

The logical exposure associated with the use of a checkpoint restart procedure is:

 

A.

denial of service.

B.

an asynchronous attack.

C.

wire tapping.

D.

computer shutdown.

 

Correct Answer: B

Explanation:

Asynchronous attacks are operating system-based attacks. A checkpoint restart is a feature that stops a program at specified intermediate points for later restart in an orderly manner without losing data at the checkpoint. The operating system savesa copy of the computer programs and data in their current state as well as several system parameters describing the mode and security level of the program at the time of stoppage. An asynchronous attack occurs when an individual with access to this information is able to gain access to the checkpoint restart copy of the system parameters and change those parameters such that upon restart the program would function at a higher-priority security level.

 

 

QUESTION 704

Which of the following fire suppression systems is MOST appropriate to use in a data center environment?

 

A.

Wet-pipe sprinkler system

B.

Dry-pipe sprinkler system

C.

FM-200system

D.

Carbon dioxide-based fire extinguishers

 

Correct Answer: C

Explanation:

FM-200 is safer to use than carbon dioxide. It is considered a clean agent for use in gaseous fire suppression applications. A water-based fire extinguisher is suitable when sensitive computer equipment could be damaged before the fire department personnel arrive at the site. Manual firefighting (fire extinguishers) may not provide fast enough protection for sensitive equipment (e.g., network servers).

 

 

QUESTION 705

An organization has been recently downsized, in light of this, an IS auditor decides to test logical access controls. The IS auditor’s PRIMARY concern should be that:

 

A.

all system access is authorized and appropriate for an individual’s role and responsibilities.

B.

management has authorized appropriate access for all newly-hired individuals.

C.

only the system administrator has authority to grant or modify access to individuals.

D.

access authorization forms are used to grant or modify access to individuals.

 

Correct Answer: A

Explanation:

The downsizing of an organization implies a large number of personnel actions over a relatively short period of time. Employees can be assigned new duties while retaining some or all of their former duties. Numerous employees may be laid off. The auditor should be concerned that an appropriate segregation of duties is maintained, that access is limited to what is required for an employee’s role and responsibilities, and that access is revoked for those that are no longer employed by the organization. Choices B, C and D are all potential concerns of an IS auditor, but in light of the particular risks associated with a downsizing, should not be the primary concern.

 

 

QUESTION 706

The responsibility for authorizing access to a business application system belongs to the:

 

A.

data owner.

B.

security administrator.

C.

IT security manager.

D.

requestor’s immediate supervisor.

 

Correct Answer: A

Explanation:

When a business application is developed, the best practice is to assign an information or data owner to the application. The Information owner should be responsible for authorizing access to the application itself or to back-end databases for queries. Choices B and C are not correct because the security administrator and manager normally do not have responsibility for authorizing access to business applications. The requestor’s immediate supervisor may share the responsibility for approving user access to a business application system; however, the final responsibility should go to the information owner.

 

 

QUESTION 707

Inadequate programming and coding practices introduce the risk of:

 

A.

phishing.

B.

buffer overflow exploitation.

C.

SYN flood.

D.

brute force attacks.

 

Correct Answer: B

Explanation:

Buffer overflow exploitation may occur when programs do not check the length of the data that are input into a program. An attacker can send data that exceed the length of a buffer and override part of the program with malicious code. The countermeasure is proper programming and good coding practices. Phishing, SYN flood and brute force attacks happen independently of programming and coding practices.

 

 

QUESTION 708

In auditing a web server, an IS auditor should be concerned about the risk of individuals gaining unauthorized access to confidential information through:

 

A.

common gateway interface (CGI) scripts.

B.

enterprise Java beans (EJBs).

C.

applets.

D.

web services.

 

Correct Answer: A

Explanation:

Common gateway interface (CGI) scripts are executable machine independent software programs on the server that can be called and executed by a web server page. CGI performs specific tasks such as processing inputs received from clients. The use of CGI scripts needs to be evaluated, because as they run in the server, a bug in them may allow a user to gain unauthorized access to the server and from there gain access to the organization’s network. Applets are programs downloaded from a web server and executed on web browsers on client machines to run any web-based applications. Enterprise java beans (EJBs) and web services have to be deployed by the web server administrator and are controlled by the application server. Their execution requiresknowledge of the parameters and expected return values.

 

 

QUESTION 709

Which of the following is the MOST important action in recovering from a cyberattack?

 

A.

Creation of an incident response team

B.

Use of cybenforensic investigators

C.

Execution of a business continuity plan

D.

Filing an insurance claim

 

Correct Answer: C

Explanation:

The most important key step in recovering from cyberattacks is the execution of a business continuity plan to quickly and cost-effectively recover critical systems, processes and datA. The incident response team should exist prior to a cyberattack. When a cyberattack is suspected, cyberforensics investigators should be used to set up alarms, catch intruders within the network, and track and trace them over the Internet. After taking the above steps, an organization may have a residual risk thatneeds to be insured and claimed for traditional and electronic exposures.

 

 

QUESTION 710

Which of the following acts as a decoy to detect active internet attacks?

 

A.

Honeypots

B.

Firewalls

C.

Trapdoors

D.

Traffic analysis

 

Correct Answer: A

Explanation:

Honeypots are computer systems that are expressly set up to attract and trap individuals who attempt to penetrate other individuals’ computer systems. The concept of a honeypot is to learn from intruder’s actions. A properly designed and configured honeypot provides data on methods used to attack systems. The data are then used to improve measures that could curb future attacks. A firewall is basically a preventive measure. Trapdoors create a vulnerability that provides an opportunity for the insertion of unauthorized code into a system. Traffic analysis is a type of passive attack.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CISA Real Tests (July) and tagged , , , , , , . Bookmark the permalink.