The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 171
- Question
- Answer
- Explanation
- CISA Question 172
- Question
- Answer
- Explanation
- CISA Question 173
- Question
- Answer
- Explanation
- CISA Question 174
- Question
- Answer
- Explanation
- CISA Question 175
- Question
- Answer
- Explanation
- CISA Question 176
- Question
- Answer
- Explanation
- CISA Question 177
- Question
- Answer
- Explanation
- CISA Question 178
- Question
- Answer
- Explanation
- CISA Question 179
- Question
- Answer
- Explanation
- CISA Question 180
- Question
- Answer
- Explanation
CISA Question 171
Question
Which of the following encrypt/decrypt steps provides the GREATEST assurance of achieving confidentiality, message integrity and nonrepudiation by either sender or recipient?
A. The recipient uses their private key to decrypt the secret key.
B. The encrypted prehash code and the message are encrypted using a secret key.
C. The encrypted prehash code is derived mathematically from the message to be sent.
D. The recipient uses the sender’s public key, verified with a certificate authority, to decrypt the prehash code.
Answer
D. The recipient uses the sender’s public key, verified with a certificate authority, to decrypt the prehash code.
Explanation
Most encrypted transactions use a combination of private keys, public keys, secret keys, hash functions and digital certificates to achieve confidentiality, message integrity and nonrepudiation by either sender or recipient. The recipient uses the sender’s public key to decrypt the prehash code into a posthash code, which when equaling the prehash code, verifies the identity of the sender and that the message has not been changed in route; this would provide the greatest assurance. Each sender and recipient has a private key known only to themselves and a public key, which can be known by anyone. Each encryption/decryption process requires at least one public key and one private key, and both must be from the same party. A single, secret key is used to encrypt the message, because secret key encryption requires less processing power than using public and private keys. A digital certificate, signed by a certificate authority, validates senders’ and recipients’ public keys.
CISA Question 172
Question
When planning an audit of a network setup, an IS auditor should give highest priority to obtaining which of the following network documentation?
A. Wiring and schematic diagram
B. Users’ lists and responsibilities
C. Application lists and their details
D. Backup and recovery procedures
Answer
A. Wiring and schematic diagram
Explanation
The wiring and schematic diagram of the network is necessary to carry out a network audit. A network audit may not be feasible if a network wiring and schematic diagram is not available. All other documents are important but not necessary.
CISA Question 173
Question
During an audit of an enterprise that is dedicated to e-commerce, the IS manager states that digital signatures are used when receiving communications from customers. To substantiate this, an IS auditor must prove that which of the following is used?
A. A biometric, digitalized and encrypted parameter with the customer’s public key
B. A hash of the data that is transmitted and encrypted with the customer’s private key
C. A hash of the data that is transmitted and encrypted with the customer’s public key
D. The customer’s scanned signature encrypted with the customer’s public key
Answer
B. A hash of the data that is transmitted and encrypted with the customer’s private key
Explanation
The calculation of a hash, or digest, of the data that are transmitted and its encryption require the public key of the client (receiver) and is called a signature of the message, or digital signature.
The receiver performs the same process and then compares the received hash, once it has been decrypted with their private key, to the hash that is calculated with the received data. If they are the same, the conclusion would be that there is integrity in the data that have arrived and the origin is authenticated. The concept of encrypting the hash with the private key of the originator provides non repudiation, as it can only be decrypted with their public key and, as the CD suggests, the private key would not be known to the recipient. Simply put, in a key-pair situation, anything that can be decrypted by a sender’s public key must have been encrypted with their private key, so they must have been the sender, i.e., non-repudiation. Choice C is incorrect because, if this were the case, the hash could not be decrypted by the recipient, so the benefit of nonrepudiation would be lost and there could be no verification that the message had not been intercepted and amended. A digital signature is created by encrypting with a private key. A person creating the signature uses their own private key, otherwise everyone would be able to create a signature with any public key. Therefore, the signature of the client is created with the client’s private key, and this can be verified by the enterprise using the client’s public key. Choice B is the correct answer because, in this case, the customer uses their private key to sign the hash data.
CISA Question 174
Question
Which of the following controls would be the MOST comprehensive in a remote access network with multiple and diverse subsystems?
A. Proxy server
B. Firewall installation
C. Network administrator
D. Password implementation and administration
Answer
D. Password implementation and administration
Explanation
The most comprehensive control in this situation is password implementation and administration. While firewall installations are the primary line of defense, they cannot protect all access and, therefore, an element of risk remains. A proxy server is a type of firewall installation; thus, the same rules apply. The network administrator may serve as a control, but typically this would not be comprehensive enough to serve on multiple and diverse systems.
CISA Question 175
Question
An internet-based attack using password sniffing can:
A. enable one party to act as if they are another party.
B. cause modification to the contents of certain transactions.
C. be used to gain access to systems containing proprietary information.
D. result in major problems with billing systems and transaction processing agreements.
Answer
C. be used to gain access to systems containing proprietary information.
Explanation
Password sniffing attacks can be used to gain access to systems on which proprietary information is stored. Spoofing attacks can be used to enable one party to act as if they are another party. Data modification attacks can be used to modify the contents of certain transactions.
Repudiation of transactions can cause major problems with billing systems and transaction processing agreements.
CISA Question 176
Question
During an audit of a telecommunications system, an IS auditor finds that the risk of intercepting data transmitted to and from remote sites is very high. The MOST effective control for reducing this exposure is:
A. encryption.
B. callback modems.
C. message authentication.
D. dedicated leased lines.
Answer
A. encryption.
Explanation
Encryption of data is the most secure method. The other methods are less secure, with leased lines being possibly the least secure method.
CISA Question 177
Question
The technique used to ensure security in virtual private networks (VPNs) is:
A. encapsulation.
B. wrapping.
C. transform.
D. encryption
Answer
A. encapsulation.
Explanation
Encapsulation, or tunneling, is a technique used to carry the traffic of one protocol over a network that does not support that protocol directly.
The original packet is wrapped in another packet. The other choices are not security techniques specific to VPNs.
CISA Question 178
Question
When using public key encryption to secure data being transmitted across a network:
A. both the key used to encrypt and decrypt the data are public.
B. the key used to encrypt is private, but the key used to decrypt the data is public.
C. the key used to encrypt is public, but the key used to decrypt the data is private.
D. both the key used to encrypt and decrypt the data are private.
Answer
C. the key used to encrypt is public, but the key used to decrypt the data is private.
Explanation
Public key encryption, also known as asymmetric key cryptography, uses a public key to encrypt the message and a private key to decrypt it.
CISA Question 179
Question
Which of the following is the MOST effective type of antivirus software?
A. Scanners
B. Active monitors
C. integrity checkers
D. Vaccines
Answer
C. integrity checkers
Explanation
Integrity checkers compute a binary number on a known virus-free program that is then stored in a database file. This number is called a cyclical redundancy check (CRC). When that program is called to execute, the checker computes the CRC on the program about to be executed and compares it to the number in the database. A match means no infection; a mismatch means that a change in the program has occurred. A change in the program could mean a virus. Scanners look for sequences of bits called signatures that are typical of virus programs. They examine memory, disk boot sectors, executables and command files for bit patterns that match a known virus. Therefore, scanners need to be updated periodically to remain effective. Active monitors interpret DOS and ROM basic input- output system (BIOS) calls, looking for virus-like actions.
Active monitors can be misleading, because they cannot distinguish between a user request and a program or virus request. As a result, users are asked to confirm actions like formatting a disk or deleting a file or set of files. Vaccines are known to be good antivirus software. However, they also need to be updated periodically to remain effective.
CISA Question 180
Question
An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the:
A. maintenance of access logs of usage of various system resources.
B. authorization and authentication of the user prior to granting access to system resources.
C. adequate protection of stored data on servers by encryption or other means.
D. accountability system and the ability to identify any terminal accessing system resources.
Answer
B. authorization and authentication of the user prior to granting access to system resources.
Explanation
The authorization and authentication of users is the most significant aspect in a telecommunications access control review, as it is a preventive control. Weak controls at this level can affect all other aspects. The maintenance of access logs of usage of system resources is a detective control. The adequate protection of data being transmitted to and from servers by encryption or other means is a method of protecting information during transmission and is not an access issue. The accountability system and the ability to identify any terminal accessing system resources deal with controlling access through the identification of a terminal.