Created by - Mary Smith
Excel Certification Success Practice Questions 2023 - Part 3
Questions 1. Which of the following is NOT a type of cell reference in Excel?A) Mixed referenceB) Dynamic referenceC) Absolute referenceD) Relative reference2. Which of the following Excel features allows you to view two worksheets side by side?A) Freeze PanesB) View Side by SideC) Split WindowD) Consolidate3. What is the shortcut key to move to the next worksheet in Excel?A) Alt + Shift + TabB) Alt + TabC) Ctrl + Page DownD) Ctrl + Shift + Tab4. What is the result of the formula =SUM(A1:A5, B1:B5) in Excel?A) The sum of the values in both ranges A1:A5 and B1:B5B) The sum of the values in range A1:A5 onlyC) The sum of the values in range B1:B5 onlyD) An error message5. Which of the following is NOT a valid format for a number in Excel?A) BinaryB) FractionC) Scientific notationD) Accounting Right Answer and Explanation: 1. Right Answer: BExplanation: 2. Right Answer: BExplanation: The View Side by Side feature in Excel allows you to view two worksheets side by side.3. Right Answer: CExplanation: The shortcut key to move to the next worksheet in Excel is Ctrl + Page Down.4. Right Answer: AExplanation: The SUM function adds up a range of cells.5. Right Answer: AExplanation: Binary is not a valid format for a number in Excel. .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
APICS Certified Supply Chain Professional CSCPPractice Questions 2023 - Part 46
Questions 1. A company's market is characterized be frequently changing product demand and pressure for short lead times. The company also faces intense competition. To enhance its competitiveness, the company should stress which of the following strategies?A) Increase the labor forceB) Increase work-in-process (WIP) inventoryC) Reduce cycle timesD) Match competitors×?â?¬â?¢ prices2. An effective company strategy results when combining innovative products with:A) an efficient supply chain.B) a responsive supply chain.C) accurate forecasts.D) high inventory levels.3. Which type of purchase is best suited for single sourcing with a preferred supplier to reduce supply chain risk?A) StrategicB) RoutineC) BottleneckD) Leverage4. A company that has selected the hybrid production method has multiple alternatives for the timing of activating and deactivating capacity. The inventory carrying costs and which of the following categories of costs would typically be relevant in the analysis of the alternatives?A) Strategic sourcingB) Capital toolingC) New employee trainingD) Fixed plant5. A new supplier in a different country will offer substantial savings on existing components. Which part of the organization should be consulted to ensure this is a good strategy for the firm?A) LogisticsB) Human resourcesC) MarketingD) Information technology Right Answer and Explanation: 1. Right Answer: CExplanation: 2. Right Answer: AExplanation: 3. Right Answer: AExplanation: 4. Right Answer: AExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
Implementing Cisco Collaboration Practice Test Questions 2023 - Part 6
Questions 1. Which two SSO features are true? (Choose two.)(Select 2answers)A) allows LDAP user import on Cisco Unified Communications ManagerB) improves productivity by reducing time spent re-entering credentials for the same identityC) allows Jabber to use LDAP directory services for contact importsD) transfers the authentication from the system that hosts the applications to a third-party systemE. reduces costs by decreasing the number of help calls that are made for voicemail PIN resets2. In Cisco Unified Communications Manager globalized call routing is implemented and must confirm that it is correctly implemented without making a call. Which tool do you use for verification?A) Dialed Number AnalyzerB) Real-Time Monitoring ToolC) SDL traceD) SDI trace3. Which configuration must an administrator perform to display Translation Pattern operations in Cisco Unified Communications Manager SDL traces?A) Set up the Digit Analysis Complexity in Service Parameters for Cisco Unified CM to TranslationAndAlternatePatternAnalysisB) Enable the Detailed Call Analysis option under Enterprise Parameters for Unified CMC) Check the Translation Patterns Analysis check box in Micro Traces on the Cisco Unified CM Serviceability pageD) 4. In Cisco Unified Communications Manager, which tool do you use to check SIP traces?A) CCSIPB) RTMTC) MTPD) 5. Which two types of authentication are supported for the configuration of Intercluster Lookup Service? (Choose two.)(Select 2answers)A) passwordsB) TLS certificatesC) TokenIDD) username and secret key Right Answer and Explanation: 1. Right Answer: B,DExplanation: 2. Right Answer: AExplanation: 3. Right Answer: BExplanation: 4. Right Answer: BExplanation: 5. Right Answer: A,BExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS ANS-C00 Certified Advanced Networking Practice Questions 2023 - Part 26
Questions 1. The company plans hosts the Active Directory Domain server VPC. Resources in other VPC must be used to verify the domain server, and DNS routing. What is the core of the introduction of the steps you would consider such a model? Select 2 response options below?(Select 2answers)A) Make use of the VPNB) Consider the hub and spoke model VPC DesignC) Take advantage of VPC peeringD) Consider VPC Transit Planning2. You have taken charge by establishing a network architecture for the company. The architecture consists of an application that will exchange a lot of information and therefore they need a high-bandwidth into account. There will be other B2B customers, who this app as separate tenants. What do you give a consideration in the design?A) Consider AWS(Amazon Web Service) VPN for each client. But this also depends on the availability of AWS(Amazon Web Service) partner that the location of the customer.B) Consider a virtual private gateway to every customer, this gives the least delay!C) Consider AWS(Amazon Web Service) Direct Connect each client. But this also depends on the availability of AWS(Amazon Web Service) partner that the location of the customer.D) NoneE) Let each customer's connection over the Internet. Setup the right security groups and NaCl application of the EU.3. You want to not only fully automated Peering connections VPC which takes place in AWS(Amazon Web Service) account. Which of the below methods can be automated VPC peering connectionsA) Use the Ops job stack peer VPCsB) NoneC) Use the Cloud to watch gauges along with Lambda functionD) Use cloud formation model of peer VPC5E) Use the cloud path together Lambda function4. The company plans to use the EC2 instances in several regions. In these cases should call the Simple Storage Service. You are trying to understand the cost of data transmission, which arise in such implementation. Which of the following is not imposed by the AWS?A) A flexible Compute Cloud (Amazon EC2) EU-i-west of the Amazon Simple Storage Service (Amazon S3), US-East-iB) NoneC) Amazon US 53 East-i Amazon EC2 EU-directionD) For its part, the local data center Amazon S3 us East-iE) Amazon EC2 EU-West-I on-premises data center5. You?ve setup VPC Flow logs for your EC2 Instance ENI in a subnet. You can see the below REJECT record in the VPC Flow logs. What does this indicate, 2123456789911 enl-abcl23de 172.31.9.69172.31.9.1249761 3389620424914185300101418530070 REJECT OKA) Someone was trying to log into the Instance via RDPB) A request was made on port 443 to the InstanceC) Someone was trying to log Into the Instance via SSHD) A request was made on port 80 to the Instance Right Answer and Explanation: 1. Right Answer: B,CExplanation: 2. Right Answer: CExplanation: 3. Right Answer: DExplanation: 4. Right Answer: DExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS Certified Cloud Practitioner Certification - Part 43
Questions 1. Which services manage and automate application deployments on AWS? (Choose two.)(Select 2answers)A) A. AWS Elastic Beanstalk B) B. AWS CodeCommitC) C. AWS Data PipelineD) D. AWS CloudFormationE) E. AWS Config2. A user wants guidance on possible savings when migrating from on-premises to AWS. Which tool is suitable for this scenario?A) A. AWS Budgets B) B. Cost ExplorerC) C. AWS Total Cost of Ownership (TCO) CalculatorD) D. AWS Well-Architected Tool3. Which principles are used to architect applications for reliability on the AWS Cloud? (Choose two.)(Select 2answers)A) A. Design for automated failure recovery B) B. Use multiple Availability ZonesC) C. Manage changes via documented processesD) D. Test for moderate demand to ensure reliabilityE) E. Backup recovery to an on-premises environment4. What tasks should a customer perform when that customer suspects an AWS account has been compromised? (Choose two.)(Select 2answers)A) A. Rotate passwords and access keys. B) B. Remove MFA tokens.C) C. Move resources to a different AWS Region.D) D. Delete AWS CloudTrail Resources.E) E. Contact AWS Support.5. What is an example of high availability in the AWS Cloud?A) A. Consulting AWS technical support at any time day or nightB) B. Ensuring an application remains accessible, even if a resource failsC) C. Making any AWS service available for use by paying on demandD) D. Deploying in any part of the world using AWS Regions Right Answer and Explanation: 1. Right Answer: A,DExplanation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/deploying.applications.html2. Right Answer: CExplanation: The TCO Calculator provides directional guidance on possible realized savings when deploying AWS. This tool is built on an underlying calculation model, that generates a fair assessment of value that a customer may achieve given the data provided by the user.https://aws.amazon.com/tco-calculator/3. Right Answer: A,BExplanation: https://aws.amazon.com/blogs/apn/the-5-pillars-of-the-aws-well-architected-framework/4. Right Answer: A,EExplanation: https://aws.amazon.com/premiumsupport/knowledge-center/potential-account-compromise/5. Right Answer: BExplanation: https://aws.amazon.com/blogs/startups/high-availability-for-mere-mortals/ .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
AWS Certified Security - Specialty - Part 46
Questions 1. You have enabled Cloud trail logs for your company?s AWS(Amazon Web Service) account. In addition, the IT Security department has mentioned that the logs need to be encrypted. How can this be achieved? Please selectA) Enable Server side encryption for the trailB) There is no need to do anything since the logs will already be encryptedC) Enable Server side encryption for the destination S3 bucketD) Enable SSL certificates for the Cloud trail logs2. You have a web site that is sitting behind AWS(Amazon Web Service) Cloudfront. You need to protect the web site against threats such as SQL injection and Cross site scripting attacks. Which of the following service can help in such a scenarioA) AWS Config (Incorrect)B) AWS WAFC) AWS InspectorD) AWS Trusted Advisor3. Your company has an EC2 Instance that is hosted in an AWS(Amazon Web Service) VPC. There is a requirement to ensure that logs files from the EC2 Instance are stored accordingly. The access should also be limited for the destination of the log files. How can this be accomplished? Choose 2 answers from the options given below. Each answer forms part of the solution(Select 2answers)A) Stream the log files to a separate Cloudtrail trailB) Create an IAM policy that gives the desired level of access to the Cloudtrail trailC) Create an IAM policy that gives the desired level of access to the Cloudwatch Log groupD) Stream the log files to a separate Cloudwatch Log group4. A security team is creating a response plan in the event an employee executes unauthorized actions on AWS(Amazon Web Service) infrastructure. They want to include steps to determine if the employee's IAM permissions changed as part of the incident. What steps should the team document in the plan?A) Use Trusted Advisor to examine the employee's IAM permissions prior to the incident and compare them to the employee's current IAM permissions.B) Use AWS(Amazon Web Service) Config to examine the employee's IAM permissions prior to the incident and compare them to the employee's current IAM permissions.C) Use CloudTrail to examine the employee's IAM permissions prior to the incident and compare them to the employee's current IAM permissions. (Incorrect)D) Use Macie to examine the employee's IAM permissions prior to the incident and compare them to the employee's current IAM permissions.5. A company hosts a popular web application that connects to an Amazon RDS MySQL DB instance running in a private VPC subnet that was created with default ACL settings. The IT Security department has a suspicion that a DDos attack is coming from a suspecting IP. How can you protect the subnets from this attack?A) Change the Inbound Security Groups to deny access from the suspecting IPB) Change the Inbound NACL to deny access from the suspecting IPC) Change the Outbound Security Groups to deny access from the suspecting IPD) Change the Outbound NACL to deny access from the suspecting IP (Incorrect) Right Answer and Explanation: 1. Right Answer: BExplanation: 2. Right Answer: BExplanation: The AWS(Amazon Web Service) Documentation mentions the following AWS(Amazon Web Service) WAF is a web application firewall that helps detect and block malicious web requests targeted at your web applications. AWS(Amazon Web Service) WAF allows you to create rules that can help protect against common web exploits like SQL injection and cross-site scripting. With AWS(Amazon Web Service) WAF you first identify the resource (either an Amazon CloudFront distribution or an Application Load Balancer) that you need to protect. Option A is invalid because this will only give advise on how you can better the security in your AWS(Amazon Web Service) account, but not protect against threats mentioned in the question. Option C is invalid because this can be used to scan EC2 Instances for vulnerabilities but not protect against threats mentioned in the question. Option D is invalid because this can be used to check config changes but not protect against threats mentioned in the question. For more information on AWS(Amazon Web Service) WAF, please visit the following url https://aws.amazon.com/waf/details/3. Right Answer: C,DExplanation: You can create a Log group and send all logs from the EC2 Instance to that group. You can then limit the access to the Log groups via an IAM policy. Option A is invalid because Cloudtrail is used to record API activity and not for storing log files Option C is invalid because Cloudtrail is the wrong service to be used for this requirement For more information on Access to Cloudwatch logs, please visit the following url https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/auth-and-access-control-cwl.html4. Right Answer: BExplanation: You can use the AWS(Amazon Web Service) Config history to see the history of a particular item. The below snapshot shows an example configuration for a user in AWS(Amazon Web Service) Config Option B,C and D are all invalid because these services cannot be used to see the history of a particular configuration item. This can only be accomplished by AWS(Amazon Web Service) Config. For more information on tracking changes in AWS(Amazon Web Service) Config, please visit the below URL https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/TrackingChanges.html5. Right Answer: BExplanation: Option A and B are invalid because by default the Security Groups already block traffic. You can use NACL's as an additional security layer for the subnet to deny traffic. Option D is invalid since just changing the Inbound Rules is sufficient. The AWS(Amazon Web Service) Documentation mentions the following A network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC. For more information on Network Access Control Lists, please visit the following url https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISA—Certified Information Systems Auditor - Part 126
Questions 1. Which of the following statement correctly describes the difference between total flooding and local application extinguishing agent?A) The local application design contain physical barrier enclosing the fire space where as physical barrier is not present in total flooding extinguisherB) The total flooding design contain physical barrier enclosing the fire space where as physical barrier is not present in local application design extinguisherC) The physical barrier enclosing fire space is not present in total flooding and local application extinguisher agentD) The physical barrier enclosing fire space is present in total flooding and local application extinguisher agent2. Which of the following type of lock uses a numeric keypad or dial to gain entry?A) Bolting door locksB) Cipher lockC) Electronic door lockD) Biometric door lock3. Which of the following type of lock uses a magnetic or embedded chip based plastic card key or token entered into a sensor/reader to gain access?A) Bolting door locksB) Combination door lockC) Electronic door lockD) Biometric door lock4. COBIT 5 separates information goals into three sub-dimensions of quality. Which of the following sub-dimension of COBIT 5 describes the extent to which data values are in conformance with the actual true value?A) Intrinsic qualityB) Contextual and representational qualityC) Security qualityD) Accessibility quality5. Which of the following attack redirects outgoing message from the client back onto the client, preventing outside access as well as flooding the client with the sent packets?A) Banana attackB) Brute force attackC) Buffer overflowD) Pulsing Zombie Right Answer and Explanation: 1. Right Answer: BExplanation: For CISA exam you should know below information about Fire Suppression SystemsFire Suppression System -This system is designed to automatically activate immediately after detection of heat, typically generated by fire. Like smoke detectors, the system will produce an audible alarm when activated and be linked to a central guard station that is regularly monitored. The system should also be inspected and tested annually.Testing interval should comply with industry and insurance standard and guideline.Broadly speaking there are two methods for applying an extinguisher agent: total flooding and local application.Total Flooding - System working under total flooding application apply an extinguishing agent to a three dimensional enclosed space in order to achieve a concentration of the agent (volume percentage of agent in air) adequate to extinguish the fire. These type of system may be operated automatically by detection and related controls or manually by the operation of a system actuator.Local Application - System working under a local application principle apply an extinguishing agent directly onto a fire (usually a two dimensional area) or into a three dimensional region immediately surrounding the substance or object on a fire. The main difference between local application and total flooding design is the absence of physical barrier enclosing the fire space in the local application design.The medium of fire suppression varies but usually one of the following:Water based systems are typically referred to as sprinkler system. These systems are effective but are also unpopular because they damage equipment and property. The system can be dry-pipe or charged (water is always in system piping). A charged system is more reliable but has the disadvantage of exposing the facility to expensive water damage if the pipe leak or break.Dry-pipe sprinkling system do not have water in the pipe until an electronic fire alarm activates the water to send water into system. This is opposed to fully charged water pipe system. Dry-pipe system has the advantage that any failure in the pipe will not result in water leaking into sensitive equipment from above.Since water and electricity do not mix these systems must be combined with an automatic switch to shut down the electric supply to the area protected.Holon system releases pressurize halos gases that removes oxygen from air, thus starving the fire. Holon was popular because it is an inert gas and does not damage and does not damage equipment like water does. Because halos adversely affect the ozone layer, it was banned in Montreal (Canada) protocol 1987, which stopped Holon production as of 1 January 1994. As a banned gas, all Holon installation are now required by international agreement to be removed. TheHolon substitute is FM-200, which is the most effective alternative.FM-220TM: Also called heptafluoropropane, HFC-227 or HFC-227ea(ISO Name)is a colorless odorless gaseous fire suppression agent. It is commonly used as a gaseous fire suppression agent.Aragonite is the brand name for a mixture of 50% argon and 50% nitrogen. It is an inert gas used in gaseous fire suppression systems for extinguishing fires where damage to equipment is to be avoided. Although argon is a nontoxic, it does not satisfy the body's need for oxygen and is simple asphyxiate.CO2 system releases pressurized carbon dioxide gas into the area protected to replace the oxygen required for combustion. Unlike halos and its later replacement, however, CO2 is unable to sustain human life. Therefore, in most of countries it is illegal to for such a system to be set to automatic release if any human may be in the area. Because of this, these systems are usually discharged manually, introducing an additional delay in combating fire.The following were incorrect answers:The other presented options do not describe valid difference between total flooding and local application extinguishing agent.Following reference(s) were/was used to create this question:CISA review manual 2014 Page number 373 and 3742. Right Answer: BExplanation: The combination door lock or cipher lock uses a numeric key pad, push button, or dial to gain entry, it is often seen at airport gate entry doors and smaller server rooms. The combination should be changed at regular interval or whenever an employee with access is transferred, fired or subject to disciplinary action. This reduces risk of the combination being known by unauthorized people.A cipher lock, is controlled by a mechanical key pad, typically 5 to 10 digits that when pushed in the right combination the lock will releases and allows entry. The drawback is someone looking over a shoulder can see the combination. However, an electric version of the cipher lock is in production in which a display screen will automatically move the numbers around, so if someone is trying to watch the movement on the screen they will not be able to identify the number indicated unless they are standing directly behind the victim.Remember locking devices are only as good as the wall or door that they are mounted in and if the frame of the door or the door itself can be easily destroyed then the lock will not be effective. A lock will eventually be defeated and its primary purpose is to delay the attacker.For your exam you should know below types of lockBolting door lock '' These locks required the traditional metal key to gain entry. The key should be stamped 'do not duplicate' and should be stored and issued under strict management control.Biometric door lock '' An individual's unique physical attribute such as voice, retina, fingerprint, hand geometry or signature, activate these locks. This system is used in instances when sensitive facilities must be protected such as in the military.Electronic door lock '' This system uses a magnetic or embedded chip based plastic card key or token entered into a sensor reader to gain access. A special code internally stored in the card or token is read by sensor device that then activates the door locking mechanism.The following were incorrect answers:Bolting door lock '' These locks required the traditional metal key to gain entry. The key should be stamped 'do not duplicate' and should be stored and issued under strict management control.Biometric door lock '' An individual's unique body features such as voice, retina, fingerprint, hand geometry or signature, activate these locks. This system is used in instances when extremely sensitive facilities must be protected such as in the military.Electronic door lock '' This system uses a magnetic or embedded chip based plastic card key or token entered into a sensor reader to gain access. A special code internally stored in the card or token is read by sensor device that then activates the door locking mechanism.Following reference(s) were/was used to create this question:CISA review manual 2014 Page number 376andHernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press) (Kindle Locations 25144-25150). AcerbicPublications. Kindle Edition.3. Right Answer: CExplanation: Electronic door lock uses a magnetic or embedded chip based plastic card key or token entered into a sensor reader to gain access. A special code internally stored in the card or token is read by sensor device that then activates the door locking mechanism.For CISA exam you should know below types of lockBolting door lock '' These locks required the traditional metal key to gain entry. The key should be stamped 'do not duplicate' and should be stored and issued under strict management control.Biometric door lock '' An individual's unique body features such as voice, retina, fingerprint, hand geometry or signature, activate these locks. This system is used in instances when extremely sensitive facilities must be protected such as in the military.Electronic door lock '' This system uses a magnetic or embedded chip based plastic card key or token entered into a sensor reader to gain access. A special code internally stored in the card or token is read by sensor device that then activates the door locking mechanism.The Combination door lock or cipher lock uses a numeric key pad or dial to gain entry, and is often seen at airport gate entry doors and smaller server rooms. The combination should be changed at regular interval or whenever an employee with access is transferred, fired or subject to disciplinary action. This reduces risk of the combination being known by unauthorized people.The following were incorrect answers:Bolting door lock '' These locks required the traditional metal key to gain entry. The key should be stamped 'do not duplicate' and should be stored and issued under strict management control.Biometric door lock '' An individual's unique body features such as voice, retina, fingerprint, hand geometry or signature, activate these locks. This system is used in instances when extremely sensitive facilities must be protected such as in the military.The Combination door lock or cipher lock uses a numeric key pad or dial to gain entry, and is often seen at airport gate entry doors and smaller server rooms. The combination should be changed at regular interval or whenever an employee with access is transferred, fired or subject to disciplinary action. This reduces risk of the combination being known by unauthorized people.Following reference(s) were/was used to create this question:CISA review manual 2014 Page number 3764. Right Answer: AExplanation: Three sub-dimensions of quality in COBIT 5 are as follows:1. Intrinsic quality '' The extent to which data values are in conformance with the actual or true values. It includesAccuracy '' The extent to which information is correct or accurate and reliableObjectivity '' The extent to which information is unbiased, unprejudiced and impartial.Believability '' The extent to which information is regarded as true and credible.Reputation '' The extent to which information is highly regarded in terms of its source or content.2. Contextual and Representational Quality '' The extent to which information is applicable to the task of the information user and is presented in an intelligible and clear manner, reorganizing that information quality depends on the context of use. It includesRelevancy '' The extent to which information is applicable and helpful for the task at hand.Completeness '' The extent to which information is not missing and is of sufficient depth and breadth for the task at handCurrency '' The extent to which information is sufficiently up to date for task at hand.Appropriate amount of information '' The extent to which the volume of information is appropriate for the task at handConsistent Representation '' The extent to which information is presented in the same format.Interpretability '' The extent to which information is in appropriate languages, symbols and units, with clear definitions.Understandability - The extent to which information is easily comprehended.Ease of manipulation '' The extent to which information is easy to manipulate and apply to different tasks.3. Security/accessibility quality '' The extent to which information is available or obtainable. It includes:Availability/timeliness '' The extent to which information is available when required, or easily available when required, or easily and quickly retrievable.Restricted Access '' The extent to which access to information is restricted appropriately to authorize parties.The following were incorrect answers:Contextual and representational quality - The extent to which information is applicable to the task of the information user and is presented in an intelligible and clear manner, reorganizing that information quality depends on the context of use.Security Quality or Accessibility quality -The extent to which information is available or obtainable.Following reference(s) were/was used to create this question:CISA review manual 2014 Page number 3105. Right Answer: AExplanation: A 'banana attack' is another particular type of DoS. It involves redirecting outgoing messages from the client back onto the client, preventing outside access, as well as flooding the client with the sent packets.The Banana attack uses a router to change the destination address of a frame. In the Banana attack:A compromised router copies the source address on an inbound frame into the destination address.The outbound frame bounces back to the sender.This sender is flooded with frames and consumes so many resources that valid service requests can no longer be processed.The following answers are incorrect:Brute force attack - Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or 'crack' a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.Buffer overflow - A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity.Pulsing Zombie - A Dos attack in which a network is subjected to hostile pinging by different attacker computer over an extended time period.Following reference(s) were/was used to create this question:CISA review manual 2014 Page number 321 .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISA—Certified Information Systems Auditor - Part 382
Questions 1. An organization transmits large amounts of data from one internal system to another. The IS auditor is reviewing the quality of the data at the originating point.Which of the following should the auditor verify FIRST?A) The data has been encrypted.B) The data transformation is accurate.C) The data extraction process is completed.D) The source data is accurate.2. An IS auditor intends to accept a management position in the data processing department within the same organization. However, the auditor is currently working on an audit of a major application and has not yet finished the report. Which of the following would be the BEST step for the IS auditor to take?A) Start in the position and inform the application owner of the job change.B) Start in the position immediately.C) Disclose this issue to the appropriate parties.D) Complete the audit without disclosure and then start in the position.3. Which of the following would BEST describe an audit risk?A) The company is being sued for false accusations.B) The financial report may contain undetected material errors.C) Key employees have not taken vacation for 2 years.D) Employees have been misappropriating funds.4. During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:A) allocation of resources during an emergency.B) maintenance of hardware and software compatibility.C) differences in IS policies and procedures.D) frequency of system testing.5. While planning a review of IT governance, the IS auditor is MOST likely to:A) examine audit committee minutes for IS-related matters and their control.B) obtain information about the framework of control adopted by management.C) assess whether business process owner responsibilities are consistent across the organization.D) review compliance with policies and procedures issued by the board of directors. Right Answer and Explanation: 1. Right Answer: AExplanation: 2. Right Answer: CExplanation: 3. Right Answer: BExplanation: 4. Right Answer: BExplanation: 5. Right Answer: AExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Created by - Mary Smith
CISM—Certified Information Security Manager - Part 242
Questions 1. What would be an information security manager's BEST course of action when notified that the implementation of some security controls is being delayed due to budget constraints?A) Prioritize security controls based on risk.B) Request a budget exception for the security controls.C) Begin the risk acceptance process.D) Suggest less expensive alternative security controls.2. In an organization with effective IT risk management, the PRIMARY reason to establish key risk indicators (KRIs) is to:A) provide information to remediate risk events.B) demonstrate the alignment of risk management efforts.C) map potential risk to key organizational strategic initiatives.D) identity triggers that exceed risk thresholds.3. Which of the following provides the MOST relevant evidence of incident response maturity?A) Red team testing resultsB) Average incident closure timeC) Independent audit assessmentD) Tabletop exercise results4. Following a highly sensitive data breach at a large company, all servers and workstations were patched. The information security manager's NEXT step should be to:A) inform senior management of changes in risk metrics.B) perform an assessment to measure the current state.C) deliver security awareness training.D) ensure baseline back-ups are performed.5. An information security manager learns of a new international standard related to information security.Which of the following would be the BEST course of action?A) Review industry peers' responses to the new standard.B) Consult with legal counsel on the standard's applicability to regulations.C) Determine whether the organization can benefit from adopting the new standard.D) Perform a gap analysis between the new standard and existing practices. Right Answer and Explanation: 1. Right Answer: AExplanation: 2. Right Answer: CExplanation: 3. Right Answer: CExplanation: 4. Right Answer: BExplanation: 5. Right Answer: CExplanation: .col-md-12 { -webkit-user-select: none; -ms-user-select: none; user-select: none; } .flash-sale-container{background:#134981;text-align:center;padding:2%;} p.flash-sale-text{ font-size:24px;font-family:"Poppins";letter-spacing:2px;line-height:1.4em; } span.flash-break{ display:block; } .flash-sale-text { -webkit-animation-name:flash; animation: blink 1.5s infinite; } @keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } } @-webkit-keyframes blink{ 0% { color: #D3585F; } 20% { color: #D3585F; } 40% { color: #FFF; } 60% { color: #FFF; } 80% { color: #D3585F; } 100% { color: #D3585F; } }
More detailsPublished - Fri, 03 Mar 2023
Search
Popular categories
Latest blogs
CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Write a public review