[Aug-2023] Study resources for the Valid CISA Braindumps! [Q67-Q89]

[Aug-2023] Study resources for the Valid CISA Braindumps! [Q67-Q89]

August 12, 2023 latestexam 0 Comments

Rate this post

[Aug-2023] Study resources for the Valid CISA Braindumps!

Updated CISA Tests Engine pdf – All Free Dumps Guaranteed!

The Certified Information Systems Auditor (CISA) certification exam is a globally recognized certification offered by ISACA (Information Systems Audit and Control Association). The CISA certification is designed for IT professionals who possess expertise in information systems auditing, control, and security. Certified Information Systems Auditor certification validates the knowledge and skills required to audit, control, monitor, and assess an organization’s information technology and business systems.

Q67. An organization is in the process of deciding whether to allow a bring your own device (BYOD) program. If approved, which of the following should be the FIRST control required before implementation?

Device baseline configurations

Device registration

An acceptable use policy

An awareness program

Section: Information System Acquisition, Development and Implementation

Q68. What is the best defense against Distributed DoS Attack?

patch your systems.

run a virus checker.

run an anti-spy software.

find the DoS program and kill it.

None of the choices.

Section: Protection of Information Assets
Explanation:
Distributed DoS Attack is a network-based attack from many servers used remotely to send packets.
Examples of tools for conducting such attack include TFN, TFN2K, Trin00, Stacheldracht, and variants.
The best defense is to make sure all systems patches are up-to-date. Also make sure your firewalls are configured appropriately.

Q69. An IS auditor reviewing an organization’s data file control procedures finds that transactions are applied to the most current files, while restart procedures use earlier versions. The IS auditor should recommend the implementation of:

source documentation retention.

data file security.

version usage control.

one-for-one checking.

For processing to be correct, it is essential that the proper version of a file is used. Transactions should be applied to the most current database, while restart procedures should use earlier versions. Source documentation should be retained for anadequate time period to enable documentation retrieval, reconstruction or verification of data, but it does not aid in ensuring that the correct version of a file will be used. Data file security controls prevent access by unauthorized users who could then alter the data files; however, it does not ensure that the correct file will be used. It is necessary to ensure that all documents have been received for processing, one-for-one; however, this does not ensure the use of the correct file.

Q70. Which of the following would BEST help to ensure that potential security issues are considered by the development team as pan: of incremental changes to agile-developed software?

Assign the security risk analysis to a specially trained member of the project management office.

Deploy changes in a controlled environment and observe for security defects.

Include a mandatory step to analyze the security impact when making changes.

Mandate that the change analyses are documented in a standard format.

Q71. In order to properly protect against unauthorized disclosure of sensitive data, how should hard disks be sanitized?

The data should be deleted and overwritten with binary 0s.

The data should be demagnetized.

The data should be low-level formatted.

The data should be deleted.

Explanation/Reference:
Explanation:
To properly protect against unauthorized disclosure of sensitive data, hard disks should be demagnetized before disposal or release.

Q72. Which of the following is a benefit of using callback devices?

Provide an audit trail

Can be used in a switchboard environment

Permit unlimited user mobility

Allow call forwarding

A callback feature hooks into the access control software and logs all authorized and unauthorized access attempts, permitting the follow-up and further review of potential breaches. Call forwarding (choice D) is a means of potentially bypassing callback control. By dialing through an authorized phone number from an unauthorized phone number, a perpetrator can gain computer access. This vulnerability can be controlled through callback systems that are available.

Q73. Which of the following BEST ensures the quality and integrity of test procedures used in audit analytics?

Developing and communicating test procedure best practices to audit teams

Centralizing procedures and implementing change control

Developing and implementing an audit data repository

Decentralizing procedures and implementing periodic peer review

Q74. Which of the following is the MAIN purpose of implementing an incident response process?

Provide substantial audit-trail evidence.

Assign roles and responsibilities.

Comply with policies and procedures.

Manage impact due to breaches.

Section: Protection of Information Assets

Q75. The computer security incident response team (CSIRT) of an organization disseminates detailed
descriptions of recent threats. An IS auditor’s GREATEST concern should be that the users might:

use this information to launch attacks.

forward the security alert.

implement individual solutions.

fail to understand the threat.

Section: Protection of Information Assets
Explanation: An organization’s computer security incident response team (CSIRT) should disseminate
recent threats, security guidelines and security updates to the users to assist them in understanding the
security risk of errors and omissions. However, this introduces the risk that the users may use this
information to launch attacks, directly or indirectly. An IS auditor should ensure that the CSIRT is actively
involved with users to assist them in mitigation of risks arising from security failures and to prevent
additional security incidents resulting from the same threat. Forwarding the security alert is not harmful to
the organization, implementing individual solutions is unlikely and users failing to understand the threat
would not be a serious concern.

Q76. Which of the following is a dynamic analysis tool for the purpose of testing software modules?

Black box test

Desk checking

Structured walkthrough

Design and code

A black box test is a dynamic analysis tool for testing software modules. During the testing of software modules a black box test works first in a cohesive manner as a single unit/entity consisting of numerous modules, and second with the user data that flows across software modules, in some cases, this even drives the software behavior. In choices B, C and D, the software (design or code) remains static and someone closely examines it by applying their mind, without actually activating the software. Therefore, these cannot be referred to as dynamic analysis tools.

Q77. Which of the following is a concern associated with virtualization?

The physical footprint of servers could decrease within the data center.

Performance issues with the host could impact the guest operating systems.

Processing capacity may be shared across multiple operating systems.

One host may have multiple versions of the same operating system.

Q78. Processing controls ensure that data is accurate and complete, and is processed only through which of the following?

Documented routines

Authorized routines

Accepted routines

Approved routines

Section: Protection of Information Assets
Explanation:
Processing controls ensure that data is accurate and complete, and is processed only through authorized routines.

Q79. Which of the following is the MOST appropriate control to ensure integrity of online orders?

Data Encryption Standard (DES)

Digital signature

Public key encryption

Multi-factor authentication

Q80. Which of the following BEST protects evidence in a forensic investigation?

imaging the affected system

Powering down the affected system

Protecting the hardware of the affected system

Rebooting the affected system

This creates a duplicate copy of the data that can be used for examination, while preserving the original evidence in its original state. This helps to ensure that the data is not altered or corrupted during the examination process and the integrity of the evidence is maintained.

Q81. Which of the following would MOST effectively control the usage of universal storage bus (USB) storage
devices?

Policies that require instant dismissal if such devices are found

Software for tracking and managing USB storage devices

Administratively disabling the USB port

Searching personnel for USB storage devices at the facility’s entrance

Section: Protection of Information Assets
Explanation:
Software for centralized tracking and monitoring would allow a USB usage policy to be applied to each user
based on changing business requirements, and would provide for monitoring and reporting exceptions to
management. A policy requiring dismissal may result in increased employee attrition and business
requirements would not be properly addressed. Disabling ports would be complex to manage and might not
allow for new business needs. Searching of personnel for USB storage devices at the entrance to a facility
is not a practical solution since these devices are small and could be easily hidden.

Q82. While planning a security audit, an IS auditor is made aware of a security review carried out by external consultants. It is MOST implement for the auditor to:

Re-perform the security review

Asses the objectively and competence of the consultant

Review similar reports issued by the consultants.

Accept the finding and conclusion of the consultants

Q83. An organization allows its employees to use personal mobile devices for work. Which of the following would BEST maintain information security without compromising employee privacy?

Installing security software on the devices

Restricting the use of devices for personal purposes during working hours

Partitioning the work environment from personal space on devices

Preventing users from adding applications

Q84. During a business continuity audit, an IS auditor found that the business continuity plan (BCP) only covers critical processes. The auditor should:

recommend that the BCP consider all business processes.

assess the impact of processes not covered.

redefine the critical processes.

report findings to the chief executive officer (CEO).
The business impact analysis needs to be either updated or revisited to assess the risk of not covering all processes in the plan. It is possible that the cost of including all processes might exceed the value of those processes; therefore, they should not be covered. An IS auditor should substantiate this by analyzing the risk.

Q85. An organization’s sensitive data is stored in a cloud computing environment and is encrypted. Which of the following findings should be of GREATEST concern to an IS auditor?

Symmetric keys are used for encryption.

Encryption keys are not rotated on a regular basis.

Test data encryption keys are being used in production

Data encryption keys are accessible lo the service provider.

Q86. Which of the following would BEST maintain the integrity of a firewall log?

Granting access to log information only to administrators

Capturing log events in the operating system layer

Writing dual logs onto separate storage media

Sending log information to a dedicated third-party log server

Explanation/Reference:
Explanation:
Establishing a dedicated third-party log server and logging events in it is the best procedure for maintaining the integrity of a firewall log. When access control to the log server is adequately maintained, the risk of unauthorized log modification will be mitigated, therefore improving the integrity of log information. To enforce segregation of duties, administrators should not have access to log files. This primarily contributes to the assurance of confidentiality rather than integrity. There are many ways to capture log information: through the application layer, network layer, operating systems layer, etc.; however, there is no log integrity advantage in capturing events in the operating systems layer. If it is a highly mission-critical information system, it may be nice to run the system with a dual log mode. Having logs in two different storage devices will primarily contribute to the assurance of the availability of log information, rather than to maintaining its integrity.

Q87. Audit management has just completed the annual audit plan for the upcoming year, which consists entirely of high-risk processor. However it is determined that there are insufficient resources to execute the plan. What should be done NEXT?

Remove audit from the annual plan to better match the number of resources available.

Review the audit plan and defer some audits to the subsequent year

Present the annual plan to the audit committee and ask for more resources

Reduce the scope of the audit to better match the number of resources available

Q88. An IS auditor is reviewing security controls related to collaboration to unit responsible for intellectual property and patents. Which of the following observations should be of MOST concern to the auditor?

Logging and monitoring for content filtering is not enabled.

Employees can share files with users outside the company through collaboration tools

The collaboration tool is hosted and can only be accessed via an Internet browser.

Training was not provided to the department that handles intellectual property and patents

Q89. Which of the following antispam filtering techniques would BEST prevent a valid, variable-length e-mail message containing a heavily weighted spam keyword from being labeled as spam?

Heuristic (rule-based)

Signature-based

Pattern matching

Bayesian (statistical)

Explanation/Reference:
Explanation:
Bayesian filtering applies statistical modeling to messages, by performing a frequency analysis on each word within the message and then evaluating the message as a whole. Therefore, it can ignore a suspicious keyword if the entire message is with innormal bounds. Heuristic filtering is less effective, since new exception rules may need to be defined when a valid message is labeled as spam. Signature-based filtering is useless against variable-length messages, because the calculated MD5 hash changes all the time. Finally, pattern matching is actually a degraded rule-based technique, where the rules operate at the word level using wildcards, and not at higher levels.

Loading …

CISA Dumps Updated Practice Test and 690 unique questions: https://www.latestcram.com/CISA-exam-cram-questions.html

Related Certifications

C-TS452-2022 (1)
C_ARSCC_2208 (1)
P_S4FIN_2020 (1)
C_SACP_2221 (1)
C-TSCM62-67 (1)
C-C4H450-21 (1)
C_THR97_2211 (1)
E-ACTCLD-23 (1)
C_TS462_1909 (1)
C-C4H620-34 (1)

Free Cram & Latest Exams Dumps

[Aug-2023] Study resources for the Valid CISA Braindumps! [Q67-Q89]

leave a comment Cancel reply

Related Certifications

Recent Posts

Archives

Categories