Certified Information Systems Auditor Exam Prep And Dumps Exam Review Guide for ISACA CISA Exam PART 3

Exam Dumps

Certified Information Systems Auditor

Exam Prep And Dumps

Exam Review Guide for ISACA CISA Exam PART 3

Copyright © 2023 by Byte Books

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher, except for brief quotations embodied in critical reviews and certain other noncommercial uses permitted by copyright law.

For permissions inquiries or to request permission to use specific content from this book, please contact the publisher at:

Any individual or entity found infringing upon the copyright of this book will be liable for damages and legal expenses incurred as a result of such infringement.

While every effort has been made to ensure the accuracy and completeness of the information contained in this book, the author and the publisher assume no responsibility for errors or omissions or for any consequences arising from the use of the information contained herein.

Cover design and layout by Lara McCarthy.

First Edition:  Aug 2023

Welcome to Byte Books: Your Path to Exam Success!

At Byte Books, we are dedicated to helping aspiring professionals achieve their career goals through comprehensive exam certification guides and practice questions. We understand that exams can be daunting, and the path to success may seem challenging. That's why we're here to provide you with the knowledge, confidence, and support you need to excel in your chosen field.

Our Mission: Empowering Your Success

Our mission is simple yet powerful: to empower your success. We believe that with the right study materials and guidance, you can overcome any exam hurdle and unlock new opportunities for personal and professional growth. At Byte Books, we go the extra mile to curate top-notch resources that cater to a wide range of certification exams, covering various industries and professions.

QUESTION 952

In auditing a web server, an IS auditor should be concerned about the risk of individuals gaining unauthorized access to confidential information through:

common gateway interface (CGI) scripts.

enterprise Java beans (EJBs).

applets.

web services.

––––––––

QUESTION 953

An IS auditor reviewing the implementation of an intrusion detection system (IDS) should be MOST concerned if:

IDS sensors are placed outside of the firewall.

a behavior-based IDS is causing many false alarms.

a signature-based IDS is weak against new types of attacks.

the IDS is used to detect encrypted traffic.

––––––––

QUESTION 954

Which of the following BEST describes the role of a directory server in a public key infrastructure (PKI)?

Encrypts the information transmitted over the network

Makes other users' certificates available to applications

Facilitates the implementation of a password policy

Stores certificate revocation lists (CRLs)

––––––––

QUESTION 955

An organization is using symmetric encryption. Which of the following would be a valid reason for moving to asymmetric encryption? Symmetric encryption:

provides authenticity.

is faster than asymmetric encryption.

can cause key management to be difficult.

requires a relatively simple algorithm.

––––––––

QUESTION 956

Which of the following would provide the BEST protection against the hacking of a computer connected to the Internet?

A remote access server

A proxy server

A personal firewall

A password-generating token

QUESTION 957

Which of the following ensures confidentiality of information sent over the internet?

Digital signature

Digital certificate

Online Certificate Status Protocol

Private key cryptosystem

––––––––

QUESTION 958

To protect a VoIP infrastructure against a denial-of-service (DoS) attack, it is MOST important to secure the:

access control servers.

session border controllers.

backbone gateways.

intrusion detection system (IDS).

––––––––

QUESTION 959

A sender of an e-mail message applies a digital signature to the digest of the message. This action provides assurance of the:

date and time stamp of the message.

identity of the originating computer.

confidentiality of the message's content.

authenticity of the sender.

––––––––

QUESTION 960

The BEST filter rule for protecting a network from being used as an amplifier in a denial of service (DoS) attack is to deny all:

outgoing traffic with IP source addresses externa! to the network.

incoming traffic with discernible spoofed IP source addresses.

incoming traffic with IP options set.

incoming traffic to critical hosts.

––––––––

QUESTION 961

A company has decided to implement an electronic signature scheme based on public key infrastructure. The user's private key will be stored on the computer's hard drive and protected by a password. The MOST significant risk of this approach is:

use of the user's electronic signature by another person if the password is compromised.

forgery by using another user's private key to sign a message with an electronic signature.

impersonation of a user by substitution of the user's public key with another person's public key.

forgery by substitution of another person's private key on the computer.

QUESTION 962

An IS auditor selects a server for a penetration test that will be carried out by a technical specialist. Which of the following is MOST important?

The tools used to conduct the test

Certifications held by the IS auditor

Permission from the data owner of the server

An intrusion detection system (IDS) is enabled

––––––––

QUESTION 963

A firewall is being deployed at a new location. Which of the following is the MOST important factor in ensuring a successful deployment?

Reviewing logs frequently

Testing and validating the rules

Training a local administrator at the new location

Sharing firewall administrative duties

––––––––

QUESTION 964

The human resources (HR) department has developed a system to allow employees to enroll in

benefits via a web site on the corporate Intranet. Which of the following would protect the confidentiality of the data?

SSL encryption

Two-factor authentication

Encrypted session cookies

IP address verification

––––––––

QUESTION 965

What is the MOST prevalent security risk when an organization implements remote virtual private network (VPN) access to its network?

Malicious code could be spread across the network

VPN logon could be spoofed

Traffic could be sniffed and decrypted

VPN gateway could be compromised

––––––––

QUESTION 966

The use of digital signatures:

requires the use of a one-time password generator.

provides encryption to a message.

validates the source of a message.

ensures message confidentiality.

QUESTION 967

The sender of a public key would be authenticated by a:

certificate authority,

digital signature.

digital certificate.

registration authority.

––––––––

QUESTION 968

An IS auditor finds that conference rooms have active network ports. Which of the following is MOST important to ensure?

The corporate network is using an intrusion prevention system (IPS)

This part of the network is isolated from the corporate network

A single sign-on has been implemented in the corporate network

Antivirus software is in place to protect the corporate network

––––––––

QUESTION 969

What is the BEST action to prevent loss of data integrity or confidentiality in the case of an e- commerce application running on a LAN, processing electronic fund transfers (EFT) and orders?

Using virtual private network (VPN) tunnels for data transfer

Enabling data encryption within the application

Auditing the access control to the network

Logging all changes to access lists

––––––––

QUESTION 970

Which of the following penetration tests would MOST effectively evaluate incident handling and response capabilities of an organization?

Targeted testing

External testing

internal testing

Double-blind testing

––––––––

QUESTION 971

When protecting an organization's IT systems, which of the following is normally the next line of defense after the network firewall has been compromised?

Personal firewall

Antivirus programs

Intrusion detection system (IDS)

Virtual local area network (VLAN) configuration

QUESTION 972

An organization is planning to replace its wired networks with wireless networks. Which of the following would BEST secure the wireless network from unauthorized access?

Implement Wired Equivalent Privacy (WEP)

Permit access to only authorized Media Access Control (MAC) addresses

Disable open broadcast of service set identifiers (SSID)

Implement Wi-Fi Protected Access (WPA) 2

––––––––

QUESTION 973

An IS auditor is reviewing a software-based configuration. Which of the following represents the GREATEST vulnerability? The firewall software:

is configured with an implicit deny rule as the last rule in the rule base.

is installed on an operating system with default settings.

has been configured with rules permitting or denying access to systems or networks.

is configured as a virtual private network (VPN) endpoint.

––––––––

QUESTION 974

When using a digital signature, the message digest is computed:

only by the sender.

only by the receiver.

by both the sender and the receiver.

by the certificate authority (CA).

––––––––

QUESTION 975

IS management is considering a Voice-over Internet Protocol (VoIP) network to reduce telecommunication costs and management asked the IS auditor to comment on appropriate security controls. Which of the following security measures is MOST appropriate?

Review and, where necessary, upgrade firewall capabilities

Install modems to allow remote maintenance support access

Create a physically distinct network to handle VoIP traffic

Redirect all VoIP traffic to allow clear text logging of authentication credentials

––––––––

QUESTION 976

Which of the following intrusion detection systems (IDSs) will MOST likely generate false alarms resulting from normal network activity?

Statistical-based

Signature-based

Neural network

Host-based

QUESTION 977

An IS auditor inspected a windowless room containing phone switching and networking equipment and documentation binders. The room was equipped with two handheld fire extinguishers-one filled with CO2, the other filled with halon. Which of the following should be given the HIGHEST priority in the auditor's report?

The halon extinguisher should be removed because halon has a negative impact on the atmospheric ozone layer.

Both fire suppression systems present a risk of suffocation when used in a closed room.

The CO2 extinguisher should be removed, because CO2 is ineffective for suppressing fires involving solid combustibles (paper).

The documentation binders should be removed from the equipment room to reduce potential risks.

––––––––

QUESTION 978

Which of the following would be BEST prevented by a raised floor in the computer machine room?

Damage of wires around computers and servers

A power failure from static electricity

Shocks from earthquakes

Water flood damage.

––––––––

QUESTION 979

A penetration test performed as part of evaluating network security:

provides assurance that all vulnerabilities are discovered.

should be performed without warning the organization's management.

exploits the existing vulnerabilities to gain unauthorized access.

would not damage the information assets when performed at network perimeters.

––––––––

QUESTION 980

Which of the following fire suppression systems is MOST appropriate to use in a data center environment?

Wet-pipe sprinkler system

Dry-pipe sprinkler system

FM-200system

Carbon dioxide-based fire extinguishers

––––––––

QUESTION 981

During the review of a biometrics system operation, an IS auditor should FIRST review the stage of:

enrollment.

identification.

verification.

storage.

QUESTION 982

What is a risk associated with attempting to control physical access to sensitive areas such as computer rooms using card keys or locks?

Unauthorized individuals wait for controlled doors to open and walk in behind those authorized.

The contingency plan for the organization cannot effectively test controlled access practices.

Access cards, keys and pads can be easily duplicated allowing easy compromise of the control.

Removing access for those who are no longer authorized is complex.

––––––––

QUESTION 983

An organization with extremely high security requirements is evaluating the effectiveness of biometric systems. Which of the following performance indicators is MOST important?

False-acceptance rate (FAR)

Equal-error rate (EER)

False-rejection rate (FRR)

False-identification rate (FIR)

––––––––

QUESTION 984

The BEST overall quantitative measure of the performance of biometric control devices is:

false-rejection rate.

false-acceptance rate.

equal-error rate.

estimated-error rate.

––––––––

QUESTION 985

Which of the following is the MOST effective control over visitor access to a data center?

Visitors are escorted.

Visitor badges are required.

Visitors sign in.

Visitors are spot-checked by operators.

––––––––

QUESTION 986

A firm is considering using biometric fingerprint identification on all PCs that access critical datA. This requires:

that a registration process is executed for all accredited PC users.

the full elimination of the risk of a false acceptance.

the usage of the fingerprint reader be accessed by a separate password.

assurance that it will be impossible to gain unauthorized access to critical data.

QUESTION 987

Which of the following biometrics has the highest reliability and lowest false-acceptance rate (FAR)?

Palm scan

Face recognition

Retina scan

Hand geometry

––––––––

QUESTION 988

The purpose of a dead man door controlling access to a computer facility is primarily to:

prevent piggybacking.

prevent toxic gases from entering the data center.

starve a fire of oxygen.

prevent an excessively rapid entry to, or exit from, the facility.

––––––––

QUESTION 989

Which of the following is the MOST reliable form of single factor personal identification?

Smart card

Password

Photo identification

iris scan

––––––––

QUESTION 990

A data center has a badge-entry system. Which of the following is MOST important to protect the computing assets in the center?

Badge readers are installed in locations where tampering would be noticed

The computer that controls the badge system is backed up frequently

A process for promptly deactivating lost or stolen badges exists

All badge entry attempts are logged

––––––––

QUESTION 991

Which of the following physical access controls effectively reduces the risk of piggybacking?

Biometric door locks

Combination door locks

Deadman doors

Bolting door locks

QUESTION 992

What should an organization do before providing an external agency physical access to its information processing facilities (IPFs)?

The processes of the external agency should be subjected to an IS audit by an independent agency.

Employees of the external agency should be trained on the security procedures of the organization.

Any access by an external agency should be limited to the demilitarized zone (DMZ).

The organization should conduct a risk assessment and design and implement appropriate controls.

––––––––

QUESTION 993

Which of the following is the BEST way to handle obsolete magnetic tapes before disposing of them?

Overwriting the tapes

initializing the tape labels

Degaussing the tapes

Erasing the tapes

––––––––

QUESTION 994

Which of the following aspects of symmetric key encryption influenced the development of asymmetric encryption?

Processing power

Volume of data

Key distribution

Complexity of the algorithm

––––––––

QUESTION 995

Which of the following is the MOST robust method for disposing of magnetic media that contains confidential information?

Degaussing

Defragmenting

Erasing

Destroying

QUESTION 996

Which of the following would MOST effectively control the usage of universal storage bus (USB) storage devices?

Policies that require instant dismissal if such devices are found

Software for tracking and managing USB storage devices

Administratively disabling the USB port

Searching personnel for USB storage devices at the facility's entrance

QUESTION 997

An organization is disposing of a number of laptop computers. Which of the following data destruction methods would be the MOST effective?

Run a low-level data wipe utility on all hard drives

Erase all data file directories

Format all hard drives

Physical destruction of the hard drive

––––––––

QUESTION 998

Which of the following would BEST support 24/7 availability?

Daily backup

offsite storage

Mirroring

Periodic testing

––––––––

QUESTION 999

The PRIMARY purpose of implementing Redundant Array of Inexpensive Disks (RAID) level 1 in a file server is to:

achieve performance improvement.

provide user authentication.

ensure availability of data.

ensure the confidentiality of data.

––––––––

QUESTION 1000

Which of the following is the MOST important criterion when selecting a location for an offsite storage facility for IS backup files? The offsite facility must be:

physically separated from the data center and not subject to the same risks.

given the same level of protection as that of the computer data center.

outsourced to a reliable third party.

equipped with surveillance capabilities.

––––––––

QUESTION 1001

In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems?

Maintaining system software parameters

Ensuring periodic dumps of transaction logs

Ensuring grandfather-father-son file backups

Maintaining important data at an offsite location

QUESTION 1002

An offsite information processing facility:

should have the same amount of physical access restrictions as the primary processing site.

should be easily identified from the outside so that, in the event of an emergency, it can be easily found.

should be located in proximity to the originating site, so it can quickly be made operational.

need not have the same level of environmental monitoring as the originating site.

––––––––

QUESTION 1003

An IS auditor performing a review of the backup processing facilities should be MOST concerned that:

adequate fire insurance exists.

regular hardware maintenance is performed.

offsite storage of transaction and master files exists.

backup processing facilities are fully tested.

––––––––

QUESTION 1004

Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist?

Reviewing program code

Reviewing operations documentation

Turning off the UPS, then the power

Reviewing program documentation

QUESTION 1005

Which of the following findings should an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault?

There are three individuals with a key to enter the area.

Paper documents are also stored in the offsite vault.

Data files that are stored in the vault are synchronized.

The offsite vault is located in a separate facility.

––––––––

QUESTION 1006

Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is BEST ensured by:

database integrity checks.

validation checks.

input controls.

database commits and rollbacks.

QUESTION 1007

In the event of a data center disaster, which of the following would be the MOST appropriate strategy to enable a complete recovery of a critical database?

Daily data backup to tape and storage at a remote site

Real-time replication to a remote site

Hard disk mirroring to a local server

Real-time data backup to the local storage area network (SAN)

––––––––

QUESTION 1008

What is the BEST backup strategy for a large database with data supporting online sales?

Weekly full backup with daily incremental backup

Daily full backup

Clustered servers

Mirrored hard disks

––––––––

QUESTION 1009

Which of the following is the MOST important consideration when defining recovery point objectives (RPOs)?

Minimum operating requirements

Acceptable data loss

Mean time between failures

Acceptable time for recovery

––––––––

QUESTION 1010

A structured walk-through test of a disaster recovery plan involves:

representatives from each of the functional areas coming together to go over the plan.

all employees who participate in the day-to-day operations coming together to practice executing the plan.

moving the systems to the alternate processing site and performing processing operations.

distributing copies of the plan to the various functional areas for review.

––––––––

QUESTION 1011

In a contract with a hot, warm or cold site, contractual provisions should cover which of the following considerations?

Physical security measures

Total number of subscribers

Number of subscribers permitted to use a site at one time

References by other users

QUESTION 1012

Which of the following is the GREATEST concern when an organization's backup facility is at a warm site?

Timely availability of hardware

Availability of heat, humidity and air conditioning equipment

Adequacy of electrical power connections

Effectiveness of the telecommunications network

––––––––

QUESTION 1013

Which of the following recovery strategies is MOST appropriate for a business having multiple offices within a region and a limited recovery budget?

A hot site maintained by the business

A commercial cold site

A reciprocal arrangement between its offices

A third-party hot site

––––––––

QUESTION 1014

The PRIMARY purpose of a business impact analysis (BIA) is to:

provide a plan for resuming operations after a disaster.

identify the events that could impact the continuity of an organization's operations.

publicize the commitment of the organization to physical and logical security.

provide the framework for an effective disaster recovery plan.

––––––––

QUESTION 1015

After implementation of a disaster recovery plan, pre-disaster and post-disaster operational costs for an organization will:

decrease.

not change (remain the same).

increase.

increase or decrease depending upon the nature of the business.

QUESTION 1016

Which of the following is the MOST reasonable option for recovering a noncritical system?

Warm site

Mobile site

Hot site

Cold site

QUESTION 1017

An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following:

-The existing disaster recovery plan was compiled two years earlier by a systems analyst in the organization's IT department using transaction flow projections from the operations department.

-The plan was presented to the deputy CEO for approval and formal issue, but it is