The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1621
- Question
- Answer
- Explanation
- CISA Question 1622
- Question
- Answer
- Explanation
- CISA Question 1623
- Question
- Answer
- Explanation
- CISA Question 1624
- Question
- Answer
- Explanation
- CISA Question 1625
- Question
- Answer
- Explanation
- CISA Question 1626
- Question
- Answer
- Explanation
- CISA Question 1627
- Question
- Answer
- Explanation
- CISA Question 1628
- Question
- Answer
- Explanation
- CISA Question 1629
- Question
- Answer
- Explanation
- CISA Question 1630
- Question
- Answer
- Explanation
CISA Question 1621
Question
Wi-Fi Protected Access implements the majority of which IEEE standard?
A. 802.11i
B. 802.11g
C. 802.11x
D. 802.11v
E. None of the choices.
Answer
A. 802.11i
Explanation
Wi-Fi Protected Access (WPA / WPA2) is a class of systems to secure wireless computer networks. It implements the majority of the IEEE 802.11i standard, and is designed to work with all wireless network interface cards (but not necessarily with first generation wireless access points). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.
CISA Question 1622
Question
Many WEP systems require a key in a relatively insecure format. What format is this?
A. binary format.
B. hexadecimal format.
C. 128 bit format.
D. 256 bit format.
E. None of the choices.
Answer
B. hexadecimal format.
Explanation
As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity.
Many WEP systems require a key in hexadecimal format. If one chooses keys that spell words in the limited 0-9, A-F hex character set, these keys can be easily guessed.
CISA Question 1623
Question
As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the CRC- 32 checksum for:
A. integrity.
B. validity.
C. accuracy.
D. confidentiality.
E. None of the choices
Answer
A. integrity.
Explanation
As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity.
Many WEP systems require a key in hexadecimal format. If one chooses keys that spell words in the limited 0-9, A-F hex character set, these keys can be easily guessed.
CISA Question 1624
Question
As part of the IEEE 802.11 standard ratified in September 1999, WEP uses which stream cipher for confidentiality?
A. CRC-32
B. CRC-64
C. DES
D. 3DES
E. RC4
F. RC5
G. None of the choices.
Answer
E. RC4
Explanation
As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity.
CISA Question 1625
Question
An accurate biometric system usually exhibits (Choose two.):
A. low EER
B. low CER
C. high EER
D. high CER
E. None of the choices.
Answer
A. low EER
B. low CER
Explanation
One most commonly used measure of real-world biometric systems is the rate at which both accept and reject errors are equal: the equal error rate (EER), also known as the cross-over error rate (CER). The lower the EER or CER, the more accurate the system is considered to be.
CISA Question 1626
Question
Talking about biometric measurement, which of the following measures the percent of invalid users who are incorrectly accepted in?
A. failure to reject rate
B. false accept rate
C. false reject rate
D. failure to enroll rate
E. None of the choices.
Answer
B. false accept rate
Explanation
Performance of a biometric measure is usually referred to in terms of the false accept rate (FAR), the false non match or reject rate (FRR), and the failure to enroll rate (FTE or FER). The FAR measures the percent of invalid users who are incorrectly accepted in, while the FRR measures the percent of valid users who are wrongly rejected.
CISA Question 1627
Question
Talking about biometric authentication, which of the following is often considered as a mix of both physical and behavioral characteristics?
A. Voice
B. Finger measurement
C. Body measurement
D. Signature
E. None of the choices.
Answer
A. Voice
Explanation
Biometric authentication refers to technologies that measure and analyze human physical and behavioral characteristics for authentication purposes. Physical characteristics include fingerprints, eye retinas and irises, facial patterns and hand measurements, while behavioral characteristics include signature, gait and typing patterns. Voice is often considered as a mix of both physical and behavioral characteristics.
CISA Question 1628
Question
Talking about biometric authentication, physical characteristics typically include (Choose five.):
A. fingerprints
B. eye retinas
C. irises
D. facial patterns
E. hand measurements
F. None of the choices.
Answer
A. fingerprints
B. eye retinas
C. irises
D. facial patterns
E. hand measurements
Explanation
Biometric authentication refers to technologies that measure and analyze human physical and behavioral characteristics for authentication purposes. Physical characteristics include fingerprints, eye retinas and irises, facial patterns and hand measurements, while behavioral characteristics include signature, gait and typing patterns. Voice is often considered as a mix of both physical and behavioral characteristics.
CISA Question 1629
Question
Gimmes often work through:
A. SMS
B. IRC chat
C. email attachment
D. news
E. file download
F. None of the choices.
Answer
C. email attachment
Explanation
Gimmes take advantage of curiosity or greed to deliver malware. Also known as a Trojan Horse, gimmes can arrive as an email attachment promising anything.
The recipient is expected to give in to the need to the program and open the attachment. In addition, many users will blindly click on any attachments they receive that seem even mildly legitimate.
CISA Question 1630
Question
Which of the following types of attack often take advantage of curiosity or greed to deliver malware?
A. Gimmes
B. Tripwire
C. Icing
D. Soft coding
E. Pretexting
F. None of the choices.
Answer
A. Gimmes
Explanation
Gimmes take advantage of curiosity or greed to deliver malware. Also known as a Trojan Horse, gimmes can arrive as an email attachment promising anything.
The recipient is expected to give in to the need to the program and open the attachment. In addition, many users will blindly click on any attachments they receive that seem even mildly legitimate.