ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 10

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

CISA Question 1031

Question

What process is used to validate a subject’s identity?

A. Identification
B. Nonrepudiation
C. Authorization
D. Authentication

Answer

D. Authentication

Explanation

Authentication is used to validate a subject’s identity.

CISA Question 1032

Question

What determines the strength of a secret key within a symmetric key cryptosystem?

A. A combination of key length, degree of permutation, and the complexity of the data- encryption algorithm that uses the key
B. A combination of key length, initial input vectors, and the complexity of the data- encryption algorithm that uses the key
C. A combination of key length and the complexity of the data-encryption algorithm that uses the key
D. Initial input vectors and the complexity of the data-encryption algorithm that uses the key

Answer

B. A combination of key length, initial input vectors, and the complexity of the data- encryption algorithm that uses the key

Explanation

The strength of a secret key within a symmetric key cryptosystem is determined by a combination of key length, initial input vectors, and the complexity of the data-encryption algorithm that uses the key.

CISA Question 1033

Question

What is used to provide authentication of the website and can also be used to successfully authenticate keys used for data encryption?

A. An organizational certificate
B. A user certificate
C. A website certificate
D. Authenticode

Answer

C. A website certificate

Explanation

A website certificate is used to provide authentication of the website and can also be used to successfully authenticate keys used for data encryption.

CISA Question 1034

Question

Which of the following provides the BEST single-factor authentication?

A. Biometrics
B. Password
C. Token
D. PIN

Answer

A. Biometrics

Explanation

Although biometrics provides only single-factor authentication, many consider it to be an excellent method for user authentication.

CISA Question 1035

Question

Digital signatures require the sender to “sign” the data by encrypting the data with the sender’s public key, to then be decrypted by the recipient
using the recipient’s private key.
True or false?

A. False
B. True

Answer

B. True

Explanation

Digital signatures require the sender to “sign” the data by encrypting the data with the sender’s public key, to then be decrypted by the recipient using the sender’s public key.

CISA Question 1036

Question

What type of fire-suppression system suppresses fire via water that is released from a main valve to be delivered via a system of dry pipes installed throughout the facilities?

A. A dry-pipe sprinkler system
B. A deluge sprinkler system
C. A wet-pipe system
D. A halon sprinkler system

Answer

A. A dry-pipe sprinkler system

Explanation

A dry-pipe sprinkler system suppresses fire via water that is released from a main valve to be delivered via a system of dry pipes installed throughout the facilities.

CISA Question 1037

Question

What is a callback system?

A. It is a remote-access system whereby the remote-access server immediately calls the user back at a predetermined number if the dial-in connection fails.
B. It is a remote-access system whereby the user’s application automatically redials the remote access server if the initial connection attempt fails.
C. It is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently dials the user back at a predetermined number stored in the server’s configuration database.
D. It is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently allows the user to call back at an approved number for a limited period of time.

Answer

C. It is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently dials the user back at a predetermined number stored in the server’s configuration database.

Explanation

A callback system is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently dials the user back at a predetermined number stored in the server’s configuration database.

CISA Question 1038

Question

Which of the following fire-suppression methods is considered to be the most environmentally friendly?

A. Halon gas
B. Deluge sprinklers
C. Dry-pipe sprinklers
D. Wet-pipe sprinklers

Answer

C. Dry-pipe sprinklers

Explanation

Although many methods of fire suppression exist, dry-pipe sprinklers are considered to be the most environmentally friendly.

CISA Question 1039

Question

Which of the following is a passive attack method used by intruders to determine potential network vulnerabilities?

A. Traffic analysis
B. SYN flood
C. Denial of service (DoS)
D. Distributed denial of service (DoS)

Answer

A. Traffic analysis

Explanation

Traffic analysis is a passive attack method used by intruders to determine potential network vulnerabilities. All others are active attacks.

CISA Question 1040

Question

What can be used to gather evidence of network attacks?

A. Access control lists (ACL)
B. Intrusion-detection systems (IDS)
C. Syslog reporting
D. Antivirus programs

Answer

B. Intrusion-detection systems (IDS)

Explanation

Intrusion-detection systems (IDS) are used to gather evidence of network attacks.