The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1651
- Question
- Answer
- Explanation
- CISA Question 1652
- Question
- Answer
- Explanation
- CISA Question 1653
- Question
- Answer
- Explanation
- CISA Question 1654
- Question
- Answer
- Explanation
- CISA Question 1655
- Question
- Answer
- Explanation
- CISA Question 1656
- Question
- Answer
- Explanation
- CISA Question 1657
- Question
- Answer
- Explanation
- CISA Question 1658
- Question
- Answer
- Explanation
- CISA Question 1659
- Question
- Answer
- Explanation
- CISA Question 1660
- Question
- Answer
- Explanation
CISA Question 1651
Question
Squid is an example of:
A. IDS
B. caching proxy
C. security proxy
D. connection proxy
E. dialer
F. None of the choices.
Answer
B. caching proxy
Explanation
Squid is an example of a caching proxy, not a security proxy. It has the main purpose of locally storing copies of web pages that are popular, with the benefit of saving bandwidth.
CISA Question 1652
Question
With Deep packet inspection, which of the following OSI layers are involved?
A. Layer 2 through Layer 7
B. Layer 3 through Layer 7
C. Layer 2 through Layer 6
D. Layer 3 through Layer 6
E. Layer 2 through Layer 5
F. None of the choices.
Answer
A. Layer 2 through Layer 7
Explanation
Deep packet inspection (DPI) is a form of computer network packet filtering that examines the data part of a through-passing packet, searching for non- protocol compliance or predefined criteria to decide if the packet can pass.
DPI devices have the ability to look at Layer 2 through Layer 7 of the OSI model.
CISA Question 1653
Question
Pretexting is an act of:
A. DoS
B. social engineering
C. eavedropping
D. soft coding
E. hard coding
F. None of the choices.
Answer
B. social engineering
Explanation
Pretexting is the act of creating and using an invented scenario to persuade a target to release information or perform an action and is usually done over the telephone. It is more than a simple lie as it most often involves some prior research or set up and the use of pieces of known information.
CISA Question 1654
Question
Which of the following refers to the act of creating and using an invented scenario to persuade a target to perform an action?
A. Pretexting
B. Backgrounding
C. Check making
D. Bounce checking
E. None of the choices.
Answer
A. Pretexting
Explanation
Pretexting is the act of creating and using an invented scenario to persuade a target to release information or perform an action and is usually done over the telephone. It is more than a simple lie as it most often involves some prior research or set up and the use of pieces of known information.
CISA Question 1655
Question
Relatively speaking, firewalls operated at the physical level of the seven-layer OSI model are:
A. almost always less efficient.
B. almost always less effective.
C. almost always less secure.
D. almost always less costly to setup.
E. None of the choices.
Answer
E. None of the choices.
Explanation
Early attempts at producing firewalls operated at the application level of the seven-layer OSI model but this required too much CPU processing power.
Packet filters operate at the network layer and function more efficiently because they only look at the header part of a packet. NO FIREWALL operates at the physical level.
CISA Question 1656
Question
Relatively speaking, firewalls operated at the application level of the seven layer OSI model are:
A. almost always less efficient.
B. almost always less effective.
C. almost always less secure.
D. almost always less costly to setup.
E. None of the choices.
Answer
A. almost always less efficient.
Explanation
Early attempts at producing firewalls operated at the application level of the seven-layer OSI model but this required too much CPU processing power.
Packet filters operate at the network layer and function more efficiently because they only look at the header part of a packet.
CISA Question 1657
Question
Which of the following may be deployed in a network as lower cost surveillance and early-warning tools?
A. Honeypots
B. Hardware IPSs
C. Hardware IDSs
D. Botnets
E. Stateful inspection firewalls
F. Stateful logging facilities
G. None of the choices.
Answer
A. Honeypots
Explanation
Honeypots, essentially decoy network-accessible resources, could be deployed in a network as surveillance and early-warning tools. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques.
CISA Question 1658
Question
Introducing inhomogeneity to your network for the sake of robustness would have which of the following drawbacks?
A. poorer performance.
B. poor scalability.
C. weak infrastructure.
D. high costs in terms of training and maintenance.
E. None of the choices.
Answer
D. high costs in terms of training and maintenance.
Explanation
An oft-cited cause of vulnerability of networks is homogeneity or software monoculture. In particular, Microsoft Windows has such a large share of the market that concentrating on it will enable a cracker to subvert a large number of systems. Introducing inhomogeneity purely for the sake of robustness would however bring high costs in terms of training and maintenance.
CISA Question 1659
Question
Which of the following is an oft-cited cause of vulnerability of networks?
A. software monoculture
B. software diversification
C. single line of defense
D. multiple DMZ
E. None of the choices.
Answer
A. software monoculture
Explanation
An oft-cited cause of vulnerability of networks is homogeneity or software monoculture. In particular, Microsoft Windows has such a large share of the market that concentrating on it will enable a cracker to subvert a large number of systems. Introducing inhomogeneity purely for the sake of robustness would however bring high costs in terms of training and maintenance.
CISA Question 1660
Question
Which of the following software tools is often used for stealing money from infected PC owner through taking control of the modem?
A. System patcher
B. Porn dialer
C. War dialer
D. T1 dialer
E. T3 dialer
F. None of the choices.
Answer
B. Porn dialer
Explanation
One way of stealing money from infected PC owner is to take control of the modem and dial an expensive toll call. Dialer such as porn dialer software dials up a premium-rate telephone number and leave the line open, charging the toll to the infected user.