The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1641
- Question
- Answer
- Explanation
- CISA Question 1642
- Question
- Answer
- Explanation
- CISA Question 1643
- Question
- Answer
- Explanation
- CISA Question 1644
- Question
- Answer
- Explanation
- CISA Question 1645
- Question
- Answer
- Explanation
- CISA Question 1646
- Question
- Answer
- Explanation
- CISA Question 1647
- Question
- Answer
- Explanation
- CISA Question 1648
- Question
- Answer
- Explanation
- CISA Question 1649
- Question
- Answer
- Explanation
- CISA Question 1650
- Question
- Answer
- Explanation
CISA Question 1641
Question
Which of the following is a good tool to use to help enforcing the deployment of good passwords?
A. password cracker
B. local DoS attacker
C. network hacker
D. remote windowing tool
E. None of the choices.
Answer
A. password cracker
Explanation
“Passwords are the first defensive line in protecting your data and information. Your users need to be made aware of what a password provides them and what can be done with their password. They also need to be made aware of the things that make up a good password versus a bad password. A good password has mixed-case alphabetic characters, numbers, and symbols. Do use a password that is at least eight or more characters. You may want to run a “password cracker” program periodically, and require users to immediately change any easily cracked passwords. In any case ask them to change their passwords every 90 to 120 days.”
CISA Question 1642
Question
What is the recommended minimum length of a good password?
A. 6 characters
B. 8 characters
C. 12 characters
D. 18 characters
E. 22 characters
F. None of the choices.
Answer
B. 8 characters
Explanation
Passwords are the first defensive line in protecting your data and information. Your users need to be made aware of what a password provides them and what can be done with their password. They also need to be made aware of the things that make up a good password versus a bad password. A good password has mixed- case alphabetic characters, numbers, and symbols. Do use a password that is at least eight or more characters.
CISA Question 1643
Question
Which of the following are the characteristics of a good password?
A. It has mixed-case alphabetic characters, numbers, and symbols.
B. It has mixed-case alphabetic characters and numbers.
C. It has mixed-case alphabetic characters and symbols.
D. It has mixed-case alphabetic characters, numbers, and binary codes.
E. None of the choices.
Answer
A. It has mixed-case alphabetic characters, numbers, and symbols.
Explanation
Passwords are the first defensive line in protecting your data and information. Your users need to be made aware of what a password provides them and what can be done with their password. They also need to be made aware of the things that make up a good password versus a bad password. A good password has mixed- case alphabetic characters, numbers, and symbols. Do use a password that is at least eight or more characters.
CISA Question 1644
Question
Which of the following are often considered as the first defensive line in protecting a typical data and information environment?
A. certificates
B. security token
C. password
D. biometrics
E. None of the choices.
Answer
C. password
Explanation
Passwords are the first defensive line in protecting your data and information. Your users need to be made aware of what a password provides them and what can be done with their password. They also need to be made aware of the things that make up a good password versus a bad password.
CISA Question 1645
Question
What is wrong with a Black Box type of intrusion detection system?
A. you cannot patch it
B. you cannot test it
C. you cannot examine its internal workings from outside.
D. you cannot tune it
E. None of the choices.
Answer
C. you cannot examine its internal workings from outside.
Explanation
“An intrusion detection system should be able to run continually without human supervision. The system must be reliable enough to allow it to run in the background of the system being observed. However, it should not be a “black box”, because you want to ensure its internal workings are examinable from outside.”
CISA Question 1646
Question
What is the best defense against Distributed DoS Attack?
A. patch your systems.
B. run a virus checker.
C. run an anti-spy software.
D. find the DoS program and kill it.
E. None of the choices.
Answer
A. patch your systems.
Explanation
Distributed DoS Attack is a network-based attack from many servers used remotely to send packets. Examples of tools for conducting such attack include TFN, TFN2K, Trin00, Stacheldracht, and variants. The best defense is to make sure all systems patches are up-to-date. Also make sure your firewalls are configured appropriately.
CISA Question 1647
Question
Which of the following are examples of tools for launching Distributed DoS Attack (Choose four.):
A. TFN
B. TFN2K
C. Trin00
D. Stacheldracht
E. Tripwire
Answer
A. TFN
B. TFN2K
C. Trin00
D. Stacheldracht
Explanation
Distributed DoS Attack is a network-based attack from many servers used remotely to send packets. Examples of tools for conducting such attack include TFN, TFN2K, Trin00, Stacheldracht, and variants. The best defense is to make sure all systems patches are up-to-date. Also make sure your firewalls are configured appropriately.
CISA Question 1648
Question
What is the best defense against Local DoS attacks?
A. patch your systems.
B. run a virus checker.
C. run an anti-spy software.
D. find this program and kill it.
E. None of the choices.
Answer
D. find this program and kill it.
Explanation
Local DoS attacks can be a program that creates an infinite loop, makes lots of copies of itself, and continues to open lots of files. The best defense is to find this program and kill it.
CISA Question 1649
Question
Which of the following types of attack involves a program that creates an infinite loop, makes lots of copies of itself, and continues to open lots of files?
A. Local DoS attacks
B. Remote DoS attacks
C. Distributed DoS attacks
D. Local Virus attacks
E. None of the choices.
Answer
A. Local DoS attacks
Explanation
Local DoS attacks can be a program that creates an infinite loop, makes lots of copies of itself, and continues to open lots of files. The best defense is to find this program and kill it.
CISA Question 1650
Question
Which of the following types of firewall treats each network frame or packet in isolation?
A. statefull firewall
B. hardware firewall
C. combination firewall
D. packet filtering firewall
E. stateless firewall
F. None of the choices.
Answer
E. stateless firewall
Explanation
A stateless firewall treats each network frame or packet in isolation.
Such a firewall has no way of knowing if any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet.