The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1611
- Question
- Answer
- Explanation
- CISA Question 1612
- Question
- Answer
- Explanation
- CISA Question 1613
- Question
- Answer
- Explanation
- CISA Question 1614
- Question
- Answer
- Explanation
- CISA Question 1615
- Question
- Answer
- Explanation
- CISA Question 1616
- Question
- Answer
- Explanation
- CISA Question 1617
- Question
- Answer
- Explanation
- CISA Question 1618
- Question
- Answer
- Explanation
- CISA Question 1619
- Question
- Answer
- Explanation
- CISA Question 1620
- Question
- Answer
- Explanation
CISA Question 1611
Question
The Trojan.Linux.JBellz Trojan horse runs as a malformed file of what format?
A. e-mails.
B. MP3.
C. MS Office.
D. Word template.
E. None of the choices.
Answer
B. MP3.
Explanation
“Most trojan horse programs are spread through e-mails. Some earlier trojan horse programs were bundled in “Root Kits”. For example, the Linux Root Kit version 3 (lrk3) which was released in December 96 had tcp wrapper trojans included and enhanced in the kit. Portable devices that run Linux can also be affected by trojan horse. The Trojan.Linux.JBellz Trojan horse runs as a malformed .mp3 file.”
CISA Question 1612
Question
Most trojan horse programs are spread through:
A. e-mails.
B. MP3.
C. MS Office.
D. Word template.
E. None of the choices.
Answer
A. e-mails.
Explanation
“Most trojan horse programs are spread through e-mails. Some earlier trojan horse programs were bundled in “Root Kits”. For example, the Linux Root Kit version 3 (lrk3) which was released in December 96 had tcp wrapper trojans included and enhanced in the kit. Portable devices that run Linux can also be affected by trojan horse. The Trojan.Linux.JBellz Trojan horse runs as a malformed .mp3 file.”
CISA Question 1613
Question
What would be the major purpose of rootkit?
A. to hide evidence from system administrators.
B. to encrypt files for system administrators.
C. to corrupt files for system administrators.
D. to hijack system sessions.
E. None of the choices.
Answer
A. to hide evidence from system administrators.
Explanation
Rootkit originally describes those recompiled Unix tools that would hide any trace of the intruder.
You can say that the only purpose of rootkit is to hide evidence from system administrators so there is no way to detect malicious special privilege access attempts.
CISA Question 1614
Question
Which of the following are valid choices for the Apache/SSL combination (Choose three.):
A. the Apache-SSL project
B. third-party SSL patches
C. the mod_ssl module
D. the mod_css module
E. None of the choices.
Answer
A. the Apache-SSL project
B. third-party SSL patches
C. the mod_ssl module
Explanation
On Linux you have Apache which is supposed to be a safer choice of web service. In fact you have several choices for the Apache/SSL combination, such as the Apache-SSL project (www.apache-ssl.org) using third-party SSL patches, or have Apache compiled with the mod_ssl module.
CISA Question 1615
Question
Which of the following is a tool you can use to simulate a big network structure on a single computer?
A. honeymoon
B. honeytrap
C. honeytube
D. honeyd
E. None of the choices.
Answer
D. honeyd
Explanation
honeyd is a GPL licensed software you can use to simulate a big network structure on a single computer.
CISA Question 1616
Question
Which of the following typically consists of a computer, some real looking data and/or a network site that appears to be part of a production network but which is in fact isolated and well prepared?
A. honeypot
B. superpot
C. IDS
D. IPS
E. firewall
F. None of the choices.
Answer
A. honeypot
Explanation
You may use a honeypot to detect and deflect unauthorized use of your information systems. A typical honeypot consists of a computer, some real looking data and/or a network site that appears to be part of a production network but which is in fact isolated and well prepared for trapping hackers.
CISA Question 1617
Question
Which of the following refers to a symmetric key cipher which operates on fixedlength groups of bits with an unvarying transformation?
A. stream cipher
B. block cipher
C. check cipher
D. string cipher
E. None of the choices.
Answer
B. block cipher
Explanation
In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation.
A stream cipher, on the other hand, operates on individual digits one at a time.
CISA Question 1618
Question
One major improvement in WPA over WEP is the use of a protocol which dynamically changes keys as the system is used. What protocol is this?
A. SKIP
B. RKIP
C. OKIP
D. EKIP
E. TKIP
F. None of the choices.
Answer
E. TKIP
Explanation
Wi-Fi Protected Access (WPA / WPA2) is a class of systems to secure wireless computer networks. It implements the majority of the IEEE 802.11i standard, and is designed to work with all wireless network interface cards (but not necessarily with first generation wireless access points). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.
CISA Question 1619
Question
Wi-Fi Protected Access implements the majority of which IEEE standard?
A. 802.11i
B. 802.11g
C. 802.11x
D. 802.11v
E. None of the choices.
Answer
A. 802.11i
Explanation
Wi-Fi Protected Access (WPA / WPA2) is a class of systems to secure wireless computer networks. It implements the majority of the IEEE 802.11i standard, and is designed to work with all wireless network interface cards (but not necessarily with first generation wireless access points). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.
CISA Question 1620
Question
One major improvement in WPA over WEP is the use of a protocol which dynamically changes keys as the system is used. What protocol is this?
A. SKIP
B. RKIP
C. OKIP
D. EKIP
E. TKIP
F. None of the choices.
Answer
E. TKIP
Explanation
Wi-Fi Protected Access (WPA / WPA2) is a class of systems to secure wireless computer networks. It implements the majority of the IEEE 802.11i standard, and is designed to work with all wireless network interface cards (but not necessarily with first generation wireless access points). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.