CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 103
1. Which of the following is the BEST defense against a brute force attack?
A) Discretionary access control
B) Intruder detection lockout
C) Mandatory access control
D) Time-of-day restrictions
2. Which of the following is the GREATEST security threat when an organization allows remote access to a virtual private network (VPN)?
A) Client logins are subject to replay attack.
B) VPN traffic could be sniffed and captured.
C) Compromised VPN clients could impact the network.
D) Attackers could compromise the VPN gateway.
3. The PRIMARY benefit of a centralized time server is that it:
A) reduces individual time-of-day requests by client applications
B) is required by password synchronization programs
C) allows decentralized logs to be kept in synchronization
D) decreases the likelihood of an unrecoverable systems failure
4. An information security manager has observed multiple exceptions for a number of different security controls. Which of the following should be the information security manager's FIRST course of action?
A) Design mitigating controls for the exceptions.
B) Prioritize the risk and implement treatment options.
C) Inform respective risk owners of the impact of exceptions.
D) Report the noncompliance to the board of directors.
5. An employee uses a personal mobile device to access corporate data and email, but also allows friends to use it as a mobile hotspot for Internet access when not at work. The information security manager is concerned this situation may expose confidential data. The manager's FIRST step should be to:
A) update the mobile device usage standards to address the issue and communicate to all employees
B) activate the incident response plan to mitigate the impact and stop the compromise
C) review the associated risks to determine if additional controls are needed
D) implement additional security controls that will mitigate the situation and then reassess risks
A) Discretionary access control
B) Intruder detection lockout
C) Mandatory access control
D) Time-of-day restrictions
2. Which of the following is the GREATEST security threat when an organization allows remote access to a virtual private network (VPN)?
A) Client logins are subject to replay attack.
B) VPN traffic could be sniffed and captured.
C) Compromised VPN clients could impact the network.
D) Attackers could compromise the VPN gateway.
3. The PRIMARY benefit of a centralized time server is that it:
A) reduces individual time-of-day requests by client applications
B) is required by password synchronization programs
C) allows decentralized logs to be kept in synchronization
D) decreases the likelihood of an unrecoverable systems failure
4. An information security manager has observed multiple exceptions for a number of different security controls. Which of the following should be the information security manager's FIRST course of action?
A) Design mitigating controls for the exceptions.
B) Prioritize the risk and implement treatment options.
C) Inform respective risk owners of the impact of exceptions.
D) Report the noncompliance to the board of directors.
5. An employee uses a personal mobile device to access corporate data and email, but also allows friends to use it as a mobile hotspot for Internet access when not at work. The information security manager is concerned this situation may expose confidential data. The manager's FIRST step should be to:
A) update the mobile device usage standards to address the issue and communicate to all employees
B) activate the incident response plan to mitigate the impact and stop the compromise
C) review the associated risks to determine if additional controls are needed
D) implement additional security controls that will mitigate the situation and then reassess risks
1. Right Answer: D
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment