Download New Updated (July) Isaca CISA Actual Test 761-770

Ensurepass

 

QUESTION 761

The MOST important success factor in planning a penetration test is:

 

A.

the documentation of the planned testing procedure.

B.

scheduling and deciding on the timed length of the test.

C.

the involvement of the management of the client organization.

D.

the qualifications and experience of staff involved in the test.

 

Correct Answer: C

Explanation:

The most important part of planning any penetration test is the involvement of the management of the client organization. Penetration testing without management approval could reasonably be considered espionage and is illegal in many jurisdictions.

 

 

QUESTION 762

To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:

 

clip_image002

 

A.

Firewall and the organization’s network.

B.

Internet and the firewall.

C.

Internet and the web server.

D.

Web server and the firewall.

 

Correct Answer: A

Explanation:

Attack attempts that could not be recognized by the firewall will be detected if a network- based intrusion detection system is placed between the firewall and the organization’s network. A network-based intrusion detection system placed between the internet and the firewall will detect attack attempts, whether they do or do not enter the firewall.

 

 

QUESTION 763

The BEST overall quantitative measure of the performance of biometric control devices is:

 

A.

false-rejection rate.

B.

false-acceptance rate.

C.

equal-error rate.

D.

estimated-error rate.

 

Correct Answer: C

Explanation:

A low equal-error rate (EER) is a combination of a low false-rejection rate and a low false- acceptance rate. EER, expressed as a percentage, is a measure of the number of times that the false-rejection and false-acceptance rates are equal. A low EERis the measure of the more effective biometrics control device. Low false-rejection rates or low false- acceptance rates alone do not measure the efficiency of the device. Estimated-error rate is nonexistent and therefore irrelevant.

 

 

QUESTION 764

The GREATEST risk posed by an improperly implemented intrusion prevention system (IPS) is:

 

A.

that there will be too many alerts for system administrators to verify.

B.

decreased network performance due to IPS traffic.

C.

the blocking of critical systems or services due to false triggers.

D.

reliance on specialized expertise within the IT organization.

 

Correct Answer: C

Explanation:

An intrusion prevention system (IPS) prevents a connection or service based on how it is programmed to react to specific incidents. If the packets are coming from a spoofed address and the IPS is triggered based on previously defined behavior, it maybiock the service or connection of a critical internal system. The other choices are risks that are not as severe as blocking critical systems or services due to false triggers.

 

 

QUESTION 765

An IS auditor reviewing the implementation of an intrusion detection system (IDS) should be MOST concerned if:

 

A.

IDS sensors are placed outside of the firewall.

B.

a behavior-based IDS is causing many false alarms.

C.

a signature-based IDS is weak against new types of attacks.

D.

the IDS is used to detect encrypted traffic.

 

Correct Answer: D

Explanation:

An intrusion detection system (IDS) cannot detect attacks within encrypted traffic, and it would be a concern if someone was misinformed and thought that the IDS could detect attacks in encrypted traffic. An organization can place sensors outside of the firewall to detect attacks. These sensors are placed in highly sensitive areas and on extranets. Causing many false alarms is normal for a behavior-based IDS, and should not be a matter of concern. Being weak against new types of attacks is also expected from a signature- based IDS, because it can only recognize attacks that have been previously identified.

 

 

QUESTION 766

An IS auditor should expect the responsibility for authorizing access rights to production data and systems to be entrusted to the:

 

A.

process owners.

B.

system administrators.

C.

security administrator.

D.

data owners.

 

Correct Answer: D

Explanation:

Data owners are primarily responsible for safeguarding the data and authorizing access to production data on a need-to-know basis.

 

 

QUESTION 767

IS management is considering a Voice-over Internet Protocol (VoIP) network to reduce telecommunication costs and management asked the IS auditor to comment on appropriate security controls. Which of the following security measures is MOST appropriate?

 

A.

Review and, where necessary, upgrade firewall capabilities

B.

Install modems to allow remote maintenance support access

C.

Create a physically distinct network to handle VoIP traffic

D.

Redirect all VoIP traffic to allow clear text logging of authentication credentials

 

Correct Answer: A

Explanation:

Firewalls used as entry points to a Voice-over Internet Protocol (VoIP) network should be VoIP-capable. VoIP network services such as H.323 introduce complexities that are likely to strain the capabilities of older firewalls. Allowing for remote support access is an important consideration. However, a virtual private network (VPN) would offer a more secure means of enabling this access than reliance on modems. Logically separating the VoIP and data network is a good ideA. Options such as virtualLANS (VLA.NS), traffic shaping, firewalls and network address translation (NAT) combined with private IP addressing can be used; however, physically separating the networks will increase both cost and administrative complexity. Transmitting or storing clear text information, particularly sensitive information such as authentication credentials, will increase network vulnerability. When designing a VoIP network, it is important to avoid introducing any processing that will unnecessarily in crease latency since this will adversely impact VoIP quality.

 

 

QUESTION 768

E-mail message authenticity and confidentiality is BEST achieved by signing the message using the:

 

A.

sender’s private key and encrypting the message using the receiver’s public key.

B.

sender’s public key and encrypting the message using the receiver’s private key.

C.

receiver’s private key and encrypting the message using the sender’s public key.

D.

receiver’s public key and encrypting the message using the sender’s private key.

 

Correct Answer: A

 

 

QUESTION 769

Which of the following potentially blocks hacking attempts?

 

A.

intrusion detection system

B.

Honeypot system

C.

Intrusion prevention system

D.

Network security scanner

 

Correct Answer: C

Explanation:

An intrusion prevention system (IPS) is deployed as an in-line device that can detect and block hacking attempts. An intrusion detection system (IDS) normally is deployed in sniffing mode and can detect intrusion attempts, but cannot effectively stopthem. A honeypot solution traps the intruders to explore a simulated target. A network security scanner scans for the vulnerabilities, but it will not stop the intrusion.

 

 

QUESTION 770

At a hospital, medical personal carry handheld computers which contain patient health data. These handheld computers are synchronized with PCs which transfer data from a hospital database. Which of the following would be of the most importance?

 

A.

The handheld computers are properly protected to prevent loss of data confidentiality, in case of theft or loss.

B.

The employee who deletes temporary files from the local PC, after usage, is authorized to maintain PCs.

C.

Timely synchronization is ensured by policies and procedures.

D.

The usage of the handheld computers is allowed by the hospital policy.

 

Correct Answer: A

Explanation:

Data confidentiality is a major requirement of privacy regulations. Choices B, C and D relate to internal security requirements, and are secondary when compared to compliance with data privacy laws.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CISA Real Tests (July) and tagged , , , , , , . Bookmark the permalink.