Download New Updated (July) Isaca CISA Actual Test 751-760

Ensurepass

 

QUESTION 751

Validated digital signatures in an e-mail software application will:

 

A.

help detect spam.

B.

provide confidentiality.

C.

add to the workload of gateway servers.

D.

significantly reduce available bandwidth.

 

Correct Answer: A

Explanation:

Validated electronic signatures are based on qualified certificates that are created by a certification authority (CA), with the technical standards required to ensure the key can neither be forced nor reproduced in a reasonable time. Such certificates are only delivered through a registration authority (RA) after a proof of identity has been passed. Using strong signatures in e-mail traffic, nonrepudiation
can be assured and a sender can be tracked. The recipient can configure their e-mail server or client to automatically delete e-mails from specific senders. For confidentiality issues, one must use encryption, not a signature, although both methods can be based on qualified certificates. Without any filters directly applied on mail gateway servers to block traffic without strong signatures, the workload will not increase. Using filters directly on a gateway server will result in an overhead less than antivirus software imposes. Digital signatures are only a few bytes in size and will not slash bandwidth. Even if gateway servers were to check CRLs, there is little overhead.

 

 

QUESTION 752

Which of the following would MOST effectively enhance the security of a challenge- response based authentication system?

 

A.

Selecting a more robust algorithm to generate challenge strings

B.

implementing measures to prevent session hijacking attacks

C.

increasing the frequency of associated password changes

D.

increasing the length of authentication strings

 

Correct Answer: B

Explanation:

Challenge response-based authentication is prone to session hijacking or man-in-the- middle attacks. Security management should be aware of this and engage in risk assessment and control design when they employ this technology. Selecting a more robust algorithm will enhance the security; however, this may not be as important in terms of risk when compared to man-in-the-middle attacks. Choices C and D are good security practices; however, they are not as effective a preventive measure. Frequently changing passwords is a good security practice; however, the exposures lurking in communication pathways may pose a greater risk.

 

 

QUESTION 753

An information security policy stating that ‘the display of passwords must be masked or suppressed’ addresses which of the following attack methods?

 

A.

Piggybacking

B.

Dumpster diving

C.

Shoulder surfing

D.

Impersonation

 

Correct Answer: C

Explanation:

If a password is displayed on a monitor, any person nearby could look over the shoulder of the user to obtain the password. Piggybacking refers to unauthorized persons following, either physically or virtually, authorized persons into restricted areas. Masking the display of passwords would not prevent someone from tailgating an authorized person. This policy only refers to ‘the display of passwords.’ If the policy referred to ‘the display and printing of passwords’ thenit would address shoulder surfing and dumpster diving (looking through an organization’s trash for valuable information), impersonation refers to someone acting as an employee in an attempt to retrieve desired information.

 

 

QUESTION 754

IS management recently replaced its existing wired local area network (LAN) with a wireless infrastructure to accommodate the increased use of mobile devices within the organization. This will increase the risk of which of the following attacks?

 

A.

Port scanning

B.

Back door

C.

Man-in-the-middle

D.

War driving

 

Correct Answer: D

Explanation:

A war driving attack uses a wireless Ethernet card, set in promiscuous mode, and a powerful antenna to penetrate wireless systems from outside. Port scanning will often target the external firewall of the organization. A back door is an opening leftin software that enables an unknown entry into a system. Man-in-the-middle attacks intercept a message and either replace or modify it.

 

 

 

 

 

 

 

 

QUESTION 755

A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted?

 

A.

Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP).

B.

A digital signature with RSA has been implemented.

C.

Digital certificates with RSA are being used.

D.

Work is being completed in TCP services.

 

Correct Answer: A

Explanation:

Tunnel mode with IP security provides encryption and authentication of the complete IP package. To accomplish this, the AH and ESP services can be nested. Choices B and C provide authentication and integrity. TCP services do not provide encryption and authentication.

 

 

QUESTION 756

An IS auditor is reviewing the physical security measures of an organization. Regarding the access card system, the IS auditor should be MOST concerned that:

 

A.

nonpersonalized access cards are given to the cleaning staff, who use a sign-in sheet but show no proof of identity.

B.

access cards are not labeled with the organization’s name and address to facilitate easy return of a lost card.

C.

card issuance and rights administration for the cards are done by different departments, causing unnecessary lead time for new cards.

D.

the computer system used for programming the cards can only be replaced after three weeks in the event of a system failure.

 

Correct Answer: A

Explanation:

Physical security is meant to control who is entering a secured area, so identification of all individuals is of utmost importance. It is not adequateto trust unknown external people by allowing them to write down their alleged name without proof, e.g., identity card, driver’s license. Choice B is not a concern because if the name and address of the organization was written on the card, a malicious finder could use the card to enter the organization’s premises. Separating card issuance from technical rights management is a method to ensure a proper segregation of duties so that no single person can produce a functioning card for a restrictedarea within the organization’s premises. Choices B and C are good practices, not concerns. Choice D may be a concern, but not as important since a system failure of the card programming device would normally not mean that the readers do not functionanymore. It simply means that no new cards can be issued, so this option is minor compared to the threat of improper identification.

 

 

QUESTION 757

When using a digital signature, the message digest is computed:

 

A.

only by the sender.

B.

only by the receiver.

C.

by both the sender and the receiver.

D.

by the certificate authority (CA).

 

Correct Answer: C

Explanation:

A digital signature is an electronic identification of a person or entity. It is created by using asymmetric encryption. To verify integrity of data, the sender uses a cryptographic hashing algorithm against the entire message to create a message digest to be sent along with the message. Upon receipt of the message, the receiver will recompute the hash using the same algorithm and compare results with what was sent to ensure the integrity of the message.

 

 

QUESTION 758

Which of the following results in a denial-of-service attack?

 

A.

Brute force attack

B.

Ping of death

C.

Leapfrog attack

D.

Negative acknowledgement (NAK) attack

 

Correct Answer: B

Explanation:

The use of Ping with a packet size higher than 65 KB and no fragmentation flag on will cause a denial of service. A brute force attack is typically a text attack that exhausts all possible key combinations. A leapfrog attack, the act of telneting through one or more hosts to preclude a trace, makes use of user ID and password information obtained illicitly from one host to compromise another host. A negative acknowledgement attack is a penetration technique that capitalizes on a potential weakness in an operating system that does not handle asynchronous interrupts properly, leaving the system in an unprotected state during such interrupts.

 

 

QUESTION 759

Confidentiality of the data transmitted in a wireless LAN is BEST protected if the session is:

 

A.

restricted to predefined MAC addresses.

B.

encrypted using static keys.

C.

encrypted using dynamic keys.

D.

initiated from devices that have encrypted storage.

 

Correct Answer: C

Explanation:

When using dynamic keys, the encryption key is changed frequently, thus reducing the risk of the key being compromised and the message being decrypted. Limiting the number of devices that can access the network does not address the issue of encrypting the session. Encryption with static keys-using the same key for a long period of time-risks that the key would be compromised. Encryption of the data on the connected device (laptop, PDA, etc.) addresses the confidentiality of the data on the device, not the wireless session.

 

 

QUESTION 760

After observing suspicious activities in a server, a manager requests a forensic analysis. Which of the following findings should be of MOST concern to the investigator?

 

A.

Server is a member of a workgroup and not part of the server domain

B.

Guest account is enabled on the server

C.

Recently, 100 users were created in the server

D.

Audit logs are not enabled for the server

Correct Answer: D

Explanation:

Audit logs can provide evidence which is required to proceed with an investigation and should not be disabled. For business needs, a server can be a member of a workgroup and, therefore, not a concern. Having a guest account enabled on a system is apoor security practice but not a forensic investigation concern. Recently creating 100 users in the server may have been required to meet business needs and should not be a concern.

 

Free VCE & PDF Fil
e for Isaca CISA Real Exam


Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CISA Real Tests (July) and tagged , , , , , , . Bookmark the permalink.