Created by - Mary Smith
Comptia A+ 1002 2023 Questions and answer - Part 47
Questions 1. A technician is working on a PC that utilizes a RAID array for operation. The user of the system has reported that random files are becoming corrupted on creation with no pattern to the activity. One drive in the array is likely failing and causing the read/write failures. Which of the following types of RAID is MOST likely in use?A) A. RAID 0B) B. RAID 1C) C. RAID 5D) D. RAID 102. A technician has just upgraded RAM on a user-s workstation from 4GB to 8GB. The technician now wants to adjust the page file size on the system to the recommended Microsoft settings. Which of the following should be entered for the -Min portion of the page file setting if using these best practices?A) A. 4096MBB) B. 8192MBC) C. 12288MBD) D. 16328MB3. A technician has been tasked with disposing of hard drives that contain sensitive employee data. Which of the following would be the BEST method to use for disposing of these drives?A) A. RecyclingB) B. ShreddingC) C. OverwritingD) D. Reformatting4. A technician is working on a user-s PC. After testing the theory of the cause, which of the following could the technician perform NEXT? (Select TWO).(Select 2answers)A) A. Resolve issueB) B. Inform userC) C. New theory or escalateD) D. Document issueE) E. Verify system functionality5. A user is unable to find the preferred default network printer in the printers list in the user profile. Which of the following is the FIRST step that should be taken?A) A. Map printerB) B. Reboot computerC) C. Check to see if printer is turned onD) D. Log in as a different user and see if printer is mapped Right Answer and Explanation: 1. Right Answer: AExplanation: 2. Right Answer: CExplanation: 3. Right Answer: BExplanation: 4. Right Answer: A,CExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
Comptia IT Fundamentals 2023 Questions and answer - Part 47
Questions 1. A technician has just finished setting up a SOHO wireless router but the client does not want the PC on the wireless network for security reasons. The technician connects an RJ-45 cable to the computer and the router, but does not receive network connectivity. Which of the following is the NEXT step to diagnose the problem?A) A. Change the IP address on the computer to match the router.B) B. Reseat the power cable on the computer and reboot.C) C. Check for link light activity on the computer and the router.D) D. Change the hostname of the router to match the computer's network.2. Which of the following is an advantage of using cloud-based collaborative applications and storage, rather than local applications and storage?A) A. Decreased software licensing costsB) B. Higher security encryptionC) C. Limited storage space for filesD) D. Increased accessibility to files3. Which of the following data connections would provide a user the BEST Internet availability while traveling?A) A. Workstation with only RJ-45 connectorsB) B. Smartphone with cellular serviceC) C. Laptop with Bluetooth wireless connectivityD) D. Tablet connected to a SOHO wireless network4. A technician is configuring a wireless router for a small office and the business owner would like the wireless network to be secured using the strongest encryption possible. Which of the following should the technician choose?A) A. WPA2B) B. WAPC) C. WPAD) D. WEP5. A user's laptop hard drive contains sensitive information. The user often plugs the laptop into the corporate network. A sensitive file from the laptop has been found on another user's laptop. How could the user have prevented this breach?A) A. Disable file and print sharing on the laptop.B) B. Delete unused drives from network.C) C. Remove shared keys from the key ring.D) D. Set the read-only attribute on the files. Right Answer and Explanation: 1. Right Answer: CExplanation: 2. Right Answer: DExplanation: 3. Right Answer: BExplanation: 4. Right Answer: AExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
ComptiA Security+ Certification Exam Questions and answer - Part 23
Questions 1. An audit has revealed that database administrators are also responsible for auditing database changes and backup logs. Which of the following access control methodologies would BEST mitigate this concern?A) Time of day restrictionsB) Principle of least privilegeC) Role-based access controlD) Separation of duties2. An audit reported has identifies a weakness that could allow unauthorized personnel access to the facility at its main entrance and from there gain access to the network. Which of the following would BEST resolve the vulnerability?A) Faraday cageB) Air gapC) MantrapD) Bollards3. An employee in the finance department receives an email,which appears to come from the Chief Financial Officer (CFO),instructing the employee to immediately wire a large sum of money to a vendor. Which of the following BEST describes the principles of social engineering used? (Choose two.)(Select 2answers)A) FamiliarityB) ScarcityC) UrgencyD) AuthorityE) Consensus4. An employee receives an email,which appears to be from the Chief Executive Officer (CEO),asking for a report of security credentials for all users. Which of the following types of attack is MOST likely occurring?A) Policy violationB) Social engineeringC) WhalingD) Spear phishing5. An employer requires that employees use a key-generating app on their smartphones to log into corporate applications. In terms of authentication of an individual,this type of access policy is BEST defined as:A) Something you have.B) Something you know.C) Something you do.D) Something you are. Right Answer and Explanation: 1. Right Answer: DExplanation: 2. Right Answer: CExplanation: 3. Right Answer: C,DExplanation: 4. Right Answer: DExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
APICS Certified Supply Chain Professional CSCPPractice Questions 2023 - Part 34
Questions 1. Implementation of supply chain applications based on which of the following technologies is most likely to have the lowest fixed costs?A) Best of breed packagesB) One integrated packageC) Service-oriented architectureD) Software-as-a-service2. In the Supply Chain Operations Reference-model (SCORֲ®), the cash-to-cash cycle time for a manufacturing company is the number of days between which two of the following situations?A) Paying for raw materials and getting paid for the productB) Shipping the product from the warehouse and receiving it at the customer's locationC) Paying for raw materials and sending an invoice to the customerD) Billing the customer and getting paid for the product3. A product design that can be produced to requirements even when conditions in the production process are unfavorable typically is known as what type of design?A) UniversalB) Computer-aidedC) ModularD) Robust4. A company currently produces custom goods for a limited market. To increase market share, the company will implement a strategy to reduce the number of products it produces and reduce delivery lead time. The company can increase its chances of achieving the strategy by:A) using benchmark data for products in the same product groups.B) incorporating results from market surveys.C) involving customers in the product design process.D) using electronic communications to receive customer complaints.5. Component commonality in manufacturing primarily allows a company to:A) optimize production runs for the components.B) use less-specialized machinery.C) decrease single-minute exchange of die processes.D) increase planning and control. Right Answer and Explanation: 1. Right Answer: DExplanation: 2. Right Answer: AExplanation: 3. Right Answer: DExplanation: 4. Right Answer: CExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
Automating Data Center Solutions PracticeTest Questions 2023 - Part 4
Questions 1. Which two benefits of using network configuration tools such as Ansible and Puppet to automate data center platforms are valid? (Choose two.)(Select 2answers)A) automation of repetitive tasksB) ability to add VLANs and routes per deviceC) consistency of systems configurationD) ability to create device and interface groups2. When should the API Inspector be used?A) to learn or identify the sequence of API calls for a specific operation in the APIC GUIB) to verify the XML structure of an object based on a specific operation in the APIC GUC) to launch an Ansible playbookD) to send an API request to the APIC3. Which Python code creates a VRF in an ACI tenant using the Cobra SDK?A) Ctx(fvTenant(uniMo, 'CustA'), 'CustA_VRF')B) Ctx(Tenant(uniMo, 'CustA'), 'CustA_VRF')C) Vrf(fvTenant(uniMo, 'CustA'), 'CustA_VRF')D) Vrf(Tenant(uniMo, 'CustA'), 'CustA_VRF')4. A set of automation scripts work with no issue from a local machine, but an experiment needs to take place with a new package found online. How is this new package isolated from the main code base?A) Perform a pip install of the new package when logged into your local machine as rootB) Add the new package to your requirements.txt file.C) Create a new virtual environment and perform a pip install of the new packageD) Create a new virtual machine and perform a pip install of the new package.5. Which two statements about gRPC are true? (Choose two.)(Select 2answers)A) It is an IETF standardB) It runs over HTTPSC) It runs over SSHD) It is an IETF draft Right Answer and Explanation: 1. Right Answer: A,CExplanation: 2. Right Answer: BExplanation: 3. Right Answer: BExplanation: 4. Right Answer: CExplanation: 5. Right Answer: B,DExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS ANS-C00 Certified Advanced Networking Practice Questions 2023 - Part 14
Questions 1. You have a set of instances setup in an AWS(Amazon Web Service) VPC. You need to ensure that instances in the VPC receive host names from the AWS(Amazon Web Service) DNS. You have set the enable DNs Hostname attribute set to true for your VPC. But the instances are still not receiving the host names when they are being launched. What could be the underlying issue?A) The enable DNs Support is not set to true for the VPCB) You need to configure a Route 53 public hosted zone firstC) You need to configure a Route 53 private hosted zone firstD) The Auto-Assign Public P is not set for the Subnet in which the Instance is launched2. You have setup a Cloud front distribution in AWS. You want to use the AWS(Amazon Web Service) Certification Manager along with Cloud front. You are setting up Cloud front, but you cannot see the ACM certificate that you created at an earlier stage to associate with the distribution. What could be the underlying issue?A) You have not uploaded or created the certificate in the right regionB) You need to ensure that a CNAME record is created in Route 53 firstC) You need to ensure that an alias record is created in Route 53 firstD) You need to upload the certificate directly to Cloud front after the distribution is created3. Your company is planning on using Route53 as the DNS provider. They want to ensure that their company domain name points to an existing Cloud front distribution. How this could be achieved. Please select:A) Create a non-alias record which points to the Cloud front distributionB) Create an Alias record which points to the Cloud front distributionC) Create a CNAME record which points to the Cloud front distributionD) Create a host record which points to the Cloud front distribution4. A company is planning to setup an AWS(Amazon Web Service) Direct Connect connection to access resources in AWS(Amazon Web Service) via their on- premise data center. They are estimating the costs that would be involved. Which of the following should be taken Into account from a costing aspect for AWS(Amazon Web Service) Direct Connect? Choose 3 answers from the options given below(Select 3answers)A) Data transfer into AWS(Amazon Web Service) Direct ConnectB) Number of port hours consumedC) Data transfer from a VPC via a private VIFD) Data transfer from a 53 bucket via a public V1F5. You are designing an online shopping application for your company. This application will be running in a VPC on EC2 instances behind an Application Load Balancer. The Instances run in an Auto Scaling group across multiple Availability Zones. The application tier must read and write data to a customer managed database cluster. There should be no access to the database from the Internet, but the cluster must be able to obtain software patches from the Internet. Which VPC design meets these requirements completely?A) Public subnets for the application tier and NAT Gateway. and private subnets for the database clusterB) Public subnets for both the application tier and the database clusterC) Public subnets for the application tier, and private subnets for the database cluster and NAT gatewayD) Public subnets for the application tier, and private subnets for the database cluster and NAT Gateway Right Answer and Explanation: 1. Right Answer: AExplanation: 2. Right Answer: AExplanation: 3. Right Answer: BExplanation: 4. Right Answer: B,C,DExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS Certified Cloud Practitioner Certification - Part 31
Questions 1. What will help a company perform a cost benefit analysis of migrating to the AWS Cloud?A) A. Cost ExplorerB) B. AWS Total Cost of Ownership (TCO) CalculatorC) C. AWS Simple Monthly CalculatorD) D. AWS Trusted Advisor2. Which of the following provides the ability to share the cost benefits of Reserved Instances across AWS accounts?A) A. AWS Cost Explorer between AWS accounts B) B. Linked accounts and consolidated billingC) C. Amazon Elastic Compute Cloud (Amazon EC2) Reserved Instance Utilization ReportD) D. Amazon EC2 Instance Usage Report between AWS accounts3. A company has multiple AWS accounts and wants to simplify and consolidate its billing process. Which AWS service will achieve this?A) A. AWS Cost and Usage Reports B) B. AWS OrganizationsC) C. AWS Cost ExplorerD) D. AWS Budgets4. A company is designing an application hosted in a single AWS Region serving end-users spread across the world. The company wants to provide the end-users low latency access to the application data. Which of the following services will help fulfill this requirement?A) A. Amazon CloudFront B) B. AWS Direct ConnectC) C. Amazon Route 53 global DNSD) D. Amazon Simple Storage Service (Amazon S3) transfer acceleration5. Which of the following deployment models enables customers to fully trade their capital IT expenses for operational expenses?A) A. On-premises B) B. HybridC) C. CloudD) D. Platform as a service Right Answer and Explanation: 1. Right Answer: BExplanation: AWS TCO calculators allow you to estimate the cost savings when using AWS and provide a detailed set of reports that can be used in executive presentations. The calculators also give you the option to modify assumptions that best meet your business needs.https://aws.amazon.com/tco-calculator/2. Right Answer: BExplanation: The way that Reserved Instance discounts apply to accounts in an organization's consolidated billing family depends on whether Reserved Instance sharing is turned on or off for the account. By default, Reserved Instance sharing for all accounts in an organization is turned on. You can change this setting by Turning Off Reserved Instance Sharing for an account. The capacity reservation for a Reserved Instance applies only to the account the Reserved Instance was purchased on, regardless of whether Reserved Instance sharing is turned on or off.https://aws.amazon.com/premiumsupport/knowledge-center/ec2-ri-consolidated-billing/3. Right Answer: BExplanation: You can use the consolidated billing feature in AWS Organizations to consolidate billing and payment for multiple AWS accounts or multiple Amazon Internet Services Pvt. Ltd (AISPL) accounts. Every organization in AWS Organizations has a master (payer) account that pays the charges of all the member (linked) accounts.https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/consolidated-billing.html4. Right Answer: AExplanation: Use AWS Local Zones to deploy workloads closer to your end-users for low-latency requirements. AWS Local Zones have their own connection to the internet and support AWS Direct Connect, so resources created in the Local Zone can serve local end-users with very low-latency communications.nationhttps://aws.amazon.com/about-aws/global-infrastructure/localzones/faqs/5. Right Answer: CExplanation: The cloud allows you to trade capital expenses (such as data centers and physical servers) for variable expenses, and only pay for IT as you consume it. Plus, the variable expenses are much lower than what you would pay to do it yourself because of the economies of scale.https://aws.amazon.com/what-is-cloud-computing/ .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS Certified Security - Specialty - Part 34
Questions 1. Your company has an EC2 Instance that is hosted in an AWS(Amazon Web Service) VPC. There is a requirement to ensure that logs files from the EC2 Instance are stored accordingly. The access should also be limited for the destination of the log files. How can this be accomplished? Choose 2 answers from the options given below. Each answer forms part of the solution(Select 2answers)A) Create an IAM policy that gives the desired level of access to the Cloudtrail trailB) Stream the log files to a separate Cloudtrail trailC) Stream the log files to a separate Cloudwatch Log groupD) Create an IAM policy that gives the desired level of access to the Cloudwatch Log group2. A company hosts data in S3. There is a requirement to control access to the S3 buckets. Which are the 2 ways in which this can be achieved?(Select 2answers)A) Use AWS(Amazon Web Service) Access Keys (Incorrect)B) Use the Secure Token serviceC) Use Bucket policiesD) Use IAM user policies3. Your company has just started using AWS(Amazon Web Service) and created an AWS(Amazon Web Service) account. They are aware of the potential issues when root access is enabled. How can they best safeguard the account when it comes to root access? Choose 2 answers from the options given below Please select:(Select 2answers)A) Delete the root access keysB) Delete the root access accountC) Change the password for the root account.D) Create an Admin lAM user with the necessary permissions4. When managing permissions for the API gateway, what can be used to ensure that the right level of permissions are given to developers, IT admins and users? These permissions should be easily managed.A) Use the secure token service to manage the permissions for the different usersB) Use IAM Policies to create different policies for the different types of users.C) Use the AWS(Amazon Web Service) Config tool to manage the permissions for the different usersD) Use IAM Access Keys to create sets of keys for the different types of users. (Incorrect)5. Your company use AWS(Amazon Web Service) KMS for management of its customer keys. From time to time , there is a requirement to delete existing keys as part of housekeeping activities. What can be done during the deletion process to verify that the key is no longer being used?A) Change the lAM policy for the keys to see if other services are using the keysB) Use Cloud Trail to see if any KMS API request has been issued against existing keysC) Rotate the keys once before deletion to see if other services are using the keysD) Use Key policies to see the access level for the keys Right Answer and Explanation: 1. Right Answer: C,DExplanation: You can create a Log group and send all logs from the EC2 Instance to that group. You can then limit the access to the Log groups via an IAM policy. Option A is invalid because Cloudtrail is used to record API activity and not for storing log files Option C is invalid because Cloudtrail is the wrong service to be used for this requirement For more information on Access to Cloudwatch logs, please visit the following url https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/auth-and-access-control-cwl.html2. Right Answer: C,DExplanation: The AWS(Amazon Web Service) Documentation mentions the following Amazon S3 offers access policy options broadly categorized as resource-based policies and user policies. Access policies you attach to your resources (buckets and objects) are referred to as resource-based policies. For example, bucket policies and access control lists (ACLs) are resource-based policies. You can also attach access policies to users in your account. These are called user policies. You may choose to use resource-based policies, user policies, or some combination of these to manage permissions to your Amazon S3 resources. Option B and D are invalid because these cannot be used to control access to S3 buckets For more information on S3 access control, please refer to the below link https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html3. Right Answer: A,DExplanation: 4. Right Answer: BExplanation: The AWS(Amazon Web Service) Documentation mentions the following You control access to Amazon API Gateway with IAM permissions by controlling access to the following two API Gateway component processes: To create, deploy, and manage an API in API Gateway, you must grant the API developer permissions to perform the required actions supported by the API management component of API Gateway. To call a deployed API or to refresh the API caching, you must grant the API caller permissions to perform required IAM actions supported by the API execution component of API Gateway. Option A , B and C are invalid because these cannot be used to control access to AWS(Amazon Web Service) services. This needs to be done via policies For more information on permissions with the API gateway, please visit the following url https://docs.aws.amazon.com/apigateway/latest/developerguide/permissions.html5. Right Answer: BExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISA—Certified Information Systems Auditor - Part 114
Questions 1. Which of the following is NOT a disadvantage of Single Sign On (SSO)?A) Support for all major operating system environment is difficultB) The cost associated with SSO development can be significantC) SSO could be single point of failure and total compromise of an organization assetD) SSO improves an administrator's ability to manage user's account and authorization to all associated system2. An IS auditor is reviewing the remote access methods of a company used to access system remotely. Which of the following is LEAST preferred remote access method from a security and control point of view?A) RADIUSB) TACACSC) DIAL-UPD) DIAMETER3. There are many types of audit logs analysis tools available in the market. Which of the following audit logs analysis tools will look for anomalies in user or system behavior?A) Attack Signature detection toolB) Variance detection toolC) Audit Reduction toolD) Heuristic detection tool4. As an IS auditor, it is very important to make sure all storage media are well protected. Which of the following is the LEAST important factor for protecting CDs andDVDs?A) Handle by edges or by the hole in the middleB) Store in anti-static bagC) Avoid long term exposure to bright lightD) Store in a hard jewel case, not in soft sleeves5. As an auditor it is very important to ensure confidentiality, integrity, authenticity and availability are implemented appropriately in an information system. Which of the following definitions incorrectly describes these parameters?1. Authenticity '' A third party must be able to verify that the content of a message has been sent by a specific entity and nobody else.2. Non-repudiation '' The origin or the receipt of a specific message must be verifiable by a third party. A person cannot deny having sent a message if the message is signed by the originator.3. Accountability '' The action of an entity must be uniquely traceable to different entities4. Availability '' The IT resource must be available on a timely basis to meet mission requirements or to avoid substantial losses.A) All of the options presentedB) None of the options presentedC) Options number 1 and 2D) Option number 3 Right Answer and Explanation: 1. Right Answer: DExplanation: Single sign-on (SSO)is a Session/user authentication process that permits a user to enter one name and password in order to access multiple applications. The process authenticates the user for all the applications they have been given rights to and eliminates further prompts when they switch applications during a particular session.SSO Advantages include -Multiple passwords are no longer requiredIt improves an administrator's ability to manage user's accounts and authorization to all associated systemsIt reduces administrative overhead in resetting forgotten password over multiple platforms and applicationsIt reduces time taken by users to logon into multiple application and platformSSO Disadvantages include -Support for all major operating system is difficultThe cost associated with SSO development can be significant when considering the nature and extent of interface development and maintenance that may be necessaryThe centralize nature of SSO presents the possibility of a single point of failure and total compromise of an organization's information asset.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 3322. Right Answer: CExplanation: Dial-up connectivity not based on centralize control and least preferred from security and control standpoint.Remote access user can connect remotely to their organization's networks with the same level of functionality as if they would access from within their office.In connecting to an organization's network, a common method is to use dial-up lines. Access is granted through the organization's network access server (NAS) working in concert with an organization network firewall and router. The NAS handle user authentication, access control and accounting while maintaining connectivity. The most common protocol for doing this is the Remote Access Dial-In User Service (RADIUS) and Terminal Access Controller Access ControllerSystem (TACACS).Remote access Controls include:Policy and standard -Proper authorization -Identification and authentication mechanismEncryption tool and technique such as use of VPNSystem and network management -The following reference(s) were/was used to create this question:CISA Review Manual 2014 Page number 3343. Right Answer: BExplanation: Trend/Variance Detection tool are used to look for anomalies in user or system behavior. For example, if a user typically logs in at 9:00 am, but one day suddenly access the system at 4:30 am, this may indicate a security problem that may need to be investigated.Other types of audit trail analysis tools should also be known for your CISA examThe following were incorrect answers:Audit Reduction tool - They are preprocessor designed to reduce the volume of audit records to facilitate manual review. Before a security review, these tool can remove many audit records known to have little security significance.Attack-signature detection tool - They look for an attack signature, which is a specific sequence of events indicative of an unauthorized access attempt. A simple example would be repeated failed logon attempts.Heuristic detection tool - Heuristic analysis is an expert based analysis that determines the susceptibility of a system towards particular threat/risk using various decision rules or weighing methods. MultiCriteria analysis (MCA) is one of the means of weighing. This method differs with statistical analysis, which bases itself on the available data/statistics.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 336andhttp://en.wikipedia.org/wiki/Heuristic_analysis4. Right Answer: BExplanation: CDs and DVDs are least affected by static current so it is not as important to store them into anti-static bags.CDs and DVDs Storage protection recommendations:Handle by edges or by hole in the middleBe careful not to bend the CD or DVDAvoid long term exposure to bright lightStore in a hard jewel case, not is soft sleevesAlso, you should know the media storage precautions listed below in preparation for the CISA exam:USB and portable hard drive -Avoid high temperature, humidity extremes and strong magnetic fieldTape Cartridges -Store Cartridges vertically -Store cartridges in a protective container for transportWrite-protect cartridges immediatelyHard Drive -Store hard drives in anti-static bags, and be sure that person removing them from bag is static freeIf the original box and padding for the hard drive is available, use it for shippingIf the hard drive has been in a cold environment, bring it to room temperature prior to installing and using itThe following reference(s) were/was used to create this question:Reference used - CISA review manual 2014. Page number 3385. Right Answer: DExplanation: It is important to read carefully the question. The word 'incorrectly' was the key word. You had to find which one of the definitions presented is incorrect. The definition of Accountability was NOT properly described. Below you have the proper definition.The correct definitions are as followsAuthenticity '' A third party must be able to verify that the content of a message is from a specific entity and nobody else.Non-repudiation '' The origin or the receipt of a specific message must be verifiable by a third party. A person cannot deny having sent a message if the message is signed by the originator.Accountability '' The action of an entity must be uniquely traceable to that entityNetwork availability '' The IT resource must be available on a timely basis to meet mission requirements or to avoid substantial losses.The following reference(s) were/was used to create this question:CISA review manual 2014 Page number 34 .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Search
Popular categories
Latest blogs
CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Write a public review