Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 18

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1871

Question

An organization is planning to replace its wired networks with wireless networks. Which of the following would BEST secure the wireless network from unauthorized access?

A. Implement Wired Equivalent Privacy (WEP)
B. Permit access to only authorized Media Access Control (MAC) addresses
C. Disable open broadcast of service set identifiers (SSID)
D. Implement Wi-Fi Protected Access (WPA) 2

Answer

D. Implement Wi-Fi Protected Access (WPA) 2

Explanation

Wi-Fi Protected Access (WPA) 2 implements most of the requirements of the IEEE 802.11i standard. The Advanced Encryption Standard (AESJ used in WPA2 provides better security. Also, WPA2 supports both the Extensible Authentication Protocol and the preshared secret key authentication model. Implementing Wired Equivalent Privacy (WEP) is incorrect since it can be cracked within minutes. WEP uses a static key which has to be communicated to all authorized users, thus management is difficult. Also, there is a greater vulnerability if the static key is not changed at regular intervals. The practice of allowing access based on Media Access Control (MAC) is not a solution since MAC addresses can be spoofed by attackers to gain access to the network. Disabling open broadcast of service set identifiers (SSID) is not the correct answer as they cannot handle access control.

CISA Question 1872

Question

In wireless communication, which of the following controls allows the device receiving the communications to verify that the received communications have not been altered in transit?

A. Device authentication and data origin authentication
B. Wireless intrusion detection (IDS) and prevention systems (IPS)
C. The use of cryptographic hashes
D. Packet headers and trailers

Answer

C. The use of cryptographic hashes

Explanation

Calculating cryptographic hashes for wireless communications allows the device receiving the communications to verify that the received communications have not been altered in transit. This prevents masquerading and message modification attacks. Device authentication and data origin authentication is not the correct answer since authenticating wireless endpoints to each other prevents man-in-the-middle attacks and masquerading. Wireless iDS/lPSs is not the correct answer since wireless IDS/lPS shave the ability to detect misconfigured devices and rogue devices, and detect and possibly stop certain types of attacks. Packet headers and trailers alone do not ensure that the content has not been altered.

CISA Question 1873

Question

When protecting an organization’s IT systems, which of the following is normally the next line of defense after the network firewall has been compromised?

A. Personal firewall
B. Antivirus programs
C. Intrusion detection system (IDS)
D. Virtual local area network (VLAN) configuration

Answer

C. Intrusion detection system (IDS)

Explanation

An intrusion detection system (IDS) would be the next line of defense after the firewall. It would detect anomalies in the network/server activity and try to detect the perpetrator. Antivirus programs, personal firewalls and VIAN configurations would be later in the line of defense.

CISA Question 1874

Question

Which of the following penetration tests would MOST effectively evaluate incident handling and response capabilities of an organization?

A. Targeted testing
B. External testing
C. internal testing
D. Double-blind testing

Answer

D. Double-blind testing

Explanation

In a double-blind test, the administrator and security staff are not aware of the test, which will result in an assessment of the incident handling and response capability in an organization. In targeted, external, and internal testing, the system administrator and security staff are aware of the tests since they are informed before the start of the tests.

CISA Question 1875

Question

When conducting a penetration test of an IT system, an organization should be MOST concerned with:

A. the confidentiality of the report.
B. finding all possible weaknesses on the system.
C. restoring all systems to the original state.
D. logging all changes made to the production system.

Answer

C. restoring all systems to the original state.

Explanation

All suggested items should be considered by the system owner before agreeing to penetration tests, but the most important task is to be able to restore all systems to their original state.
Information that is created and/or stored on the tested systems should be removed from these systems. If for some reason, at the end of the penetration test, this is not possible, all files (with their location) should be identified in the technical report so that the client’s technical staff will be able to remove these after the report has been received.

CISA Question 1876

Question

What is the BEST action to prevent loss of data integrity or confidentiality in the case of an e- commerce application running on a LAN, processing electronic fund transfers (EFT) and orders?

A. Using virtual private network (VPN) tunnels for data transfer
B. Enabling data encryption within the application
C. Auditing the access control to the network
D. Logging all changes to access lists

Answer

A. Using virtual private network (VPN) tunnels for data transfer

Explanation

The best way to ensure confidentiality and integrity of data is to encrypt it using virtual private network (VPN) tunnels. This is the most common and convenient way to encrypt the data traveling over the network. Data encryption within the application is less efficient than VPN. The other options are good practices, but they do not directly prevent the loss of data Integrity and confidentiality during communication through a network.

CISA Question 1877

Question

An IS auditor finds that conference rooms have active network ports. Which of the following is MOST important to ensure?

A. The corporate network is using an intrusion prevention system (IPS)
B. This part of the network is isolated from the corporate network
C. A single sign-on has been implemented in the corporate network
D. Antivirus software is in place to protect the corporate network

Answer

B. This part of the network is isolated from the corporate network

Explanation

If the conference rooms have access to the corporate network, unauthorized users may be able to connect to the corporate network; therefore, both networks should be isolated either via a firewall or being physically separated. An I PS would detect possible attacks, but only after they have occurred. A single sign-on would ease authentication management. Antivirus software would reduce the impact of possible viruses; however, unauthorized users would still be able to access the corporate network, which is the biggest risk.

CISA Question 1878

Question

The sender of a public key would be authenticated by a:

A. certificate authority.
B. digital signature.
C. digital certificate.
D. registration authority.

Answer

C. digital certificate.

Explanation

A digital certificate is an electronic document that declares a public key holder is who the holder claims to be. The certificates do handle data authentication as they are used to determine who sent a particular message. A certificate authority issues the digital certificates, and distributes, generates and manages public keys. A digital signature is used to ensure integrity of the message being sent and solve the nonrepudiation issue of message origination. The registration authority would perform most of the administrative tasks of a certificate authority, i.e., registration of the users of a digital signature plus authenticating the information that is put in the digital certificate.

CISA Question 1879

Question

Which of the following would help to ensure the completeness of batch file transfers?

A. Input controls
B. Self-checking digits
C. Hash totals
D. Parity check

Answer

C. Hash totals

CISA Question 1880

Question

An organization has recently converted its infrastructure to a virtualized environment. The GREATEST benefit related to disaster recovery is that virtualized servers:

A. reduce the time it takes to successfully create backups.
B. decrease the recovery time objective (RTO).
C. eliminate the manpower necessary to restore the server.
D. can be recreated on similar hardware faster than restoring from backups.

Answer

D. can be recreated on similar hardware faster than restoring from backups.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.