CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 296
1. Which of the following potentially blocks hacking attempts?
A) intrusion detection system
B) Honeypot system
C) Intrusion prevention system
D) Network security scanner
2. A web server is attacked and compromised. Which of the following should be performed FIRST to handle the incident?
A) Dump the volatile storage data to a disk.
B) Run the server in a fail-safe mode.
C) Disconnect the web server from the network.
D) Shut down the web server.
3. To address a maintenance problem, a vendor needs remote access to a critical network. The MOST secure and effective solution is to provide the vendor with a:
A) Secure Shell (SSH-2) tunnel for the duration of the problem.
B) two-factor authentication mechanism for network access.
C) dial-in access.
D) virtual private network (VPN) account for the duration of the vendor support contract.
4. What is the BEST approach to mitigate the risk of a phishing attack?
A) implement an intrusion detection system (IDS)
B) Assess web site security
C) Strong authentication
D) User education
5. A sender of an e-mail message applies a digital signature to the digest of the message. This action provides assurance of the:
A) date and time stamp of the message.
B) identity of the originating computer.
C) confidentiality of the message's content.
D) authenticity of the sender.
A) intrusion detection system
B) Honeypot system
C) Intrusion prevention system
D) Network security scanner
2. A web server is attacked and compromised. Which of the following should be performed FIRST to handle the incident?
A) Dump the volatile storage data to a disk.
B) Run the server in a fail-safe mode.
C) Disconnect the web server from the network.
D) Shut down the web server.
3. To address a maintenance problem, a vendor needs remote access to a critical network. The MOST secure and effective solution is to provide the vendor with a:
A) Secure Shell (SSH-2) tunnel for the duration of the problem.
B) two-factor authentication mechanism for network access.
C) dial-in access.
D) virtual private network (VPN) account for the duration of the vendor support contract.
4. What is the BEST approach to mitigate the risk of a phishing attack?
A) implement an intrusion detection system (IDS)
B) Assess web site security
C) Strong authentication
D) User education
5. A sender of an e-mail message applies a digital signature to the digest of the message. This action provides assurance of the:
A) date and time stamp of the message.
B) identity of the originating computer.
C) confidentiality of the message's content.
D) authenticity of the sender.
1. Right Answer: C
Explanation: An intrusion prevention system (IPS) is deployed as an in-line device that can detect and block hacking attempts. An intrusion detection system (IDS) normally is deployed in sniffing mode and can detect intrusion attempts, but cannot effectively stop them. A honeypot solution traps the intruders to explore a simulated target.A network security scanner scans for the vulnerabilities, but it will not stop the intrusion.
2. Right Answer: C
Explanation: The first action is to disconnect the web server from the network to contain the damage and prevent more actions by the attacker. Dumping the volatile storage data to a disk may be used at the investigation stage but does not contain an attack in progress. To run the server in a fail-safe mode, the server needs to be shut down. Shutting down the server could potentially erase information that might be needed for a forensic investigation or to develop a strategy to prevent future similar attacks.
3. Right Answer: A
Explanation: For granting temporary access to the network, a Secure Shell (SSH-2) tunnel is the best approach. It has auditing features and allows restriction to specific access points. Choices B, C and D all give full access to the internal network. Two-factor authentication and virtual private network (VPN) provide access to the entire network and are suitable for dedicated users. Dial-in access would need to be closely monitored or reinforced with another mechanism to ensure authentication to achieve the same level of security as SSH-2.
4. Right Answer: D
Explanation: Phishing attacks can be mounted in various ways; intrusion detection systems (IDSs) and strong authentication cannot mitigate most types of phishing attacks.Assessing web site security does not mitigate the risk. Phishing uses a server masquerading as a legitimate server. The best way to mitigate the risk of phishing is to educate users to take caution with suspicious internet communications and not to trust them until verified. Users require adequate training to recognize suspicious web pages and e-mail.
5. Right Answer: D
Explanation: The signature on the digest can be used to authenticate the sender. It does not provide assurance of the date and time stamp or the identity of the originating computer. Digitally signing an e-mail message does not prevent access to its content and, therefore, does not assure confidentiality.
Explanation: An intrusion prevention system (IPS) is deployed as an in-line device that can detect and block hacking attempts. An intrusion detection system (IDS) normally is deployed in sniffing mode and can detect intrusion attempts, but cannot effectively stop them. A honeypot solution traps the intruders to explore a simulated target.A network security scanner scans for the vulnerabilities, but it will not stop the intrusion.
2. Right Answer: C
Explanation: The first action is to disconnect the web server from the network to contain the damage and prevent more actions by the attacker. Dumping the volatile storage data to a disk may be used at the investigation stage but does not contain an attack in progress. To run the server in a fail-safe mode, the server needs to be shut down. Shutting down the server could potentially erase information that might be needed for a forensic investigation or to develop a strategy to prevent future similar attacks.
3. Right Answer: A
Explanation: For granting temporary access to the network, a Secure Shell (SSH-2) tunnel is the best approach. It has auditing features and allows restriction to specific access points. Choices B, C and D all give full access to the internal network. Two-factor authentication and virtual private network (VPN) provide access to the entire network and are suitable for dedicated users. Dial-in access would need to be closely monitored or reinforced with another mechanism to ensure authentication to achieve the same level of security as SSH-2.
4. Right Answer: D
Explanation: Phishing attacks can be mounted in various ways; intrusion detection systems (IDSs) and strong authentication cannot mitigate most types of phishing attacks.Assessing web site security does not mitigate the risk. Phishing uses a server masquerading as a legitimate server. The best way to mitigate the risk of phishing is to educate users to take caution with suspicious internet communications and not to trust them until verified. Users require adequate training to recognize suspicious web pages and e-mail.
5. Right Answer: D
Explanation: The signature on the digest can be used to authenticate the sender. It does not provide assurance of the date and time stamp or the identity of the originating computer. Digitally signing an e-mail message does not prevent access to its content and, therefore, does not assure confidentiality.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment