CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 255
1. An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses Wireless Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their customer's payment information. The IS auditor should be MOST concerned if a hacker:
A) compromises the Wireless Application Protocol (WAP) gateway.
B) installs a sniffing program in front of the server.
C) steals a customer's PDA.
D) listens to the wireless transmission.
2. Which of the following BEST reduces the ability of one device to capture the packets that are meant for another device?
A) Filters
B) Switches
C) Routers
D) Firewalls
3. In a client-server system, which of the following control techniques is used to inspect activity from known or unknown users?
A) Diskless workstations
B) Data encryption techniques
C) Network monitoring devices
D) Authentication systems
4. When reviewing system parameters, an IS auditor's PRIMARY concern should be that:
A) they are set to meet security and performance requirements.
B) changes are recorded in an audit trail and periodically reviewed.
C) changes are authorized and supported by appropriate documents.
D) access to parameters in the system is restricted.
5. Which of the following is a control over component communication failure/errors?
A) Restricting operator access and maintaining audit trails
B) Monitoring and reviewing system engineering activity
C) Providing network redundancy
D) Establishing physical barriers to the data transmitted over the network
A) compromises the Wireless Application Protocol (WAP) gateway.
B) installs a sniffing program in front of the server.
C) steals a customer's PDA.
D) listens to the wireless transmission.
2. Which of the following BEST reduces the ability of one device to capture the packets that are meant for another device?
A) Filters
B) Switches
C) Routers
D) Firewalls
3. In a client-server system, which of the following control techniques is used to inspect activity from known or unknown users?
A) Diskless workstations
B) Data encryption techniques
C) Network monitoring devices
D) Authentication systems
4. When reviewing system parameters, an IS auditor's PRIMARY concern should be that:
A) they are set to meet security and performance requirements.
B) changes are recorded in an audit trail and periodically reviewed.
C) changes are authorized and supported by appropriate documents.
D) access to parameters in the system is restricted.
5. Which of the following is a control over component communication failure/errors?
A) Restricting operator access and maintaining audit trails
B) Monitoring and reviewing system engineering activity
C) Providing network redundancy
D) Establishing physical barriers to the data transmitted over the network
1. Right Answer: A
Explanation: In a WAP gateway, the encrypted messages from customers must be decrypted to transmit over the Internet and vice versa. Therefore, if the gateway is compromised, all of the messages would be exposed. SSL protects the messages from sniffing on the Internet, limiting disclosure of the customer's information.WTLS provides authentication, privacy and integrity and prevents messages from eavesdropping.
2. Right Answer: B
Explanation: Switches are at the lowest level of network security and transmit a packet to the device to which it is addressed. This reduces the ability of one device to capture the packets that are meant for another device. Filters allow for some basic isolation of network traffic based on the destination addresses. Routers allow packets to be given or denied access based on the addresses of the sender and receiver and the type of packet. Firewalls are a collection of computer and network equipment used to allow communications to flow out of the organization and restrict communications flowing into the organization.
3. Right Answer: C
Explanation: Network monitoring devices may be used to inspect activities from known or unknown users and can identify client addresses, which may assist in finding evidence of unauthorized access. This serves as a detective control. Diskless workstations prevent access control software from being bypassed. Data encryption techniques can help protect sensitive or propriety data from unauthorized access, thereby serving as a preventive control. Authentication systems may provide environment wide, logical facilities that can differentiate among users, before providing access to systems.
4. Right Answer: A
Explanation: The primary concern is to find the balance between security and performance. Recording changes in an audit trail and periodically reviewing them is a detective control; however, if parameters are not set according to business rules, monitoring of changes may not be an effective control. Reviewing changes to ensure they are supported by appropriate documents is also a detective control, if parameters are set incorrectly, the related documentation and the fact that these are authorized does not reduce the impact. Restriction of access to parameters ensures that only authorized staff can access the parameters; however, if the parameters are set incorrectly, restricting access will still have an adverse impact.
5. Right Answer: C
Explanation: Redundancy by building some form of duplication into the network components, such as a link, router or switch to prevent loss, delays or data duplication is a control over component communication failure or error. Other related controls are loop/echochecks to detect line errors, parity checks, error correction codes and sequence checks. Choices A, B and D are communication network controls.
Explanation: In a WAP gateway, the encrypted messages from customers must be decrypted to transmit over the Internet and vice versa. Therefore, if the gateway is compromised, all of the messages would be exposed. SSL protects the messages from sniffing on the Internet, limiting disclosure of the customer's information.WTLS provides authentication, privacy and integrity and prevents messages from eavesdropping.
2. Right Answer: B
Explanation: Switches are at the lowest level of network security and transmit a packet to the device to which it is addressed. This reduces the ability of one device to capture the packets that are meant for another device. Filters allow for some basic isolation of network traffic based on the destination addresses. Routers allow packets to be given or denied access based on the addresses of the sender and receiver and the type of packet. Firewalls are a collection of computer and network equipment used to allow communications to flow out of the organization and restrict communications flowing into the organization.
3. Right Answer: C
Explanation: Network monitoring devices may be used to inspect activities from known or unknown users and can identify client addresses, which may assist in finding evidence of unauthorized access. This serves as a detective control. Diskless workstations prevent access control software from being bypassed. Data encryption techniques can help protect sensitive or propriety data from unauthorized access, thereby serving as a preventive control. Authentication systems may provide environment wide, logical facilities that can differentiate among users, before providing access to systems.
4. Right Answer: A
Explanation: The primary concern is to find the balance between security and performance. Recording changes in an audit trail and periodically reviewing them is a detective control; however, if parameters are not set according to business rules, monitoring of changes may not be an effective control. Reviewing changes to ensure they are supported by appropriate documents is also a detective control, if parameters are set incorrectly, the related documentation and the fact that these are authorized does not reduce the impact. Restriction of access to parameters ensures that only authorized staff can access the parameters; however, if the parameters are set incorrectly, restricting access will still have an adverse impact.
5. Right Answer: C
Explanation: Redundancy by building some form of duplication into the network components, such as a link, router or switch to prevent loss, delays or data duplication is a control over component communication failure or error. Other related controls are loop/echochecks to detect line errors, parity checks, error correction codes and sequence checks. Choices A, B and D are communication network controls.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment