CISA QAE Domain 5 Exam 89 Questions with Verified Answers
When reviewing an organization's logical access security to its remote systems, which of the following would be of GREATEST concern to an IS auditor? - CORRECT ANSWER Unencrypted passwords are used.
When evaluating the technical aspect...
CISA QAE Domain 5 Exam 89 Questions with Verified Answers
When reviewing an organization's logical access security to its remote systems, which of the following would be of GREATEST concern to an IS auditor? - CORRECT ANSWER Unencrypted passwords are used.
When evaluating the technical aspects of logical security, unencrypted passwords represent the greatest risk because it would be assumed that remote access would be over an untrusted network where passwords could be discovered.
Which of the following would be the BEST access control procedure? - CORRECT ANSWER The data owner formally authorizes access and an administrator implements the user authorization tables.
The data owner holds the privilege and responsibility for formally establishing the access rights. An IS administrator should then implement or update user authorization tables at the direction of the owner.
Which of the following types of transmission media provide the BEST security against unauthorized access? - CORRECT ANSWER Fiber-optic cables
Fiber-optic cables have proven to be more secure and more difficult to tap than the other media.
Which of the following controls will MOST effectively detect the presence of bursts of errors in network transmissions? - CORRECT ANSWER Cyclic Redundancy
Check
CRC can check for a block of transmitted data. The workstations generate the CRC and transmit it with the data. The receiving workstation computes a CRC and compares it to the transmitted CRC. If both of them are equal, then the block is assumed error free. In this case (such as in parity error or echo check), multiple errors can be detected. In general, CRC can detect all single-bit and double-bit errors. The MOST important difference between hashing and encryption is that hashing: -
CORRECT ANSWER is irreversible
Hashing works one way—by applying a hashing algorithm to a message, a message hash/digest is created. If the same hashing algorithm is applied to the message digest, it will not result in the original message. As such, hashing is irreversible, while encryption is reversible. This is the basic difference between hashing and encryption.
When reviewing the implementation of a local area network, an IS auditor should FIRST review the: - CORRECT ANSWER Network diagram
To properly review a local area network implementation, an IS auditor should first
verify the network diagram to identify risk or single points of failure.
The implementation of access controls FIRST requires: - CORRECT ANSWER an inventory of IS resources.
The first step in implementing access controls is an inventory of IS resources, which is the basis for establishing ownership and classification.
Which of the following line media would provide the BEST security for a telecommunication network? - CORRECT ANSWER Dedicated lines
These are set apart for a particular user or organization. Because there is no sharing of lines or intermediate entry points, the risk of interception or disruption of telecommunications messages is lower.
Which of the following network components is PRIMARILY set up to serve as a security measure by preventing unauthorized traffic between different segments of the network? - CORRECT ANSWER Firewalls
Firewall systems are the primary tool that enables an organization to prevent unauthorized access between networks. An organization may choose to deploy one or more systems that function as firewalls. Security administration procedures require read-only access to: - CORRECT ANSWER security log files.
Security administration procedures require read-only access to security log files to
ensure that, once generated, the logs are not modified. Logs provide evidence and track suspicious transactions and activities.
Which of the following types of firewalls would BEST protect a network from an Internet attack? - CORRECT ANSWER Screened subnet firewall
This would provide the best protection. The screening router can be a commercial
router or a node with routing capabilities and the ability to allow or avoid traffic between nets or nodes based on addresses, ports, protocols, interfaces, etc. The subnet would isolate Internet-based traffic from the rest of the corporate network.
Java applets and Active X controls are distributed programs that execute in the background of a client web browser. This practice is considered reasonable when:
- CORRECT ANSWER The source of the executable file is certain Acceptance of these mechanisms should be based on established trust. The control is provided by only knowing the source and then allowing the acceptance of the applets. Hostile applets can be received from anywhere.
During a logical access controls review, an IS auditor observes that user accounts are shared. The GREATEST risk resulting from this situation is that: - CORRECT ANSWER user accountability may not be established.
The use of a user ID by more than one individual precludes knowing who, in fact, used that ID to access a system; therefore, it is impossible to hold anyone accountable.
Which of the following types of firewalls provide the GREATEST degree and granularity of control? - CORRECT ANSWER Application gateway
This is similar to a circuit gateway, but it has specific proxies for each service. To handle web services, it has a Hypertext Transmission Protocol (HTTP) proxy that acts as an intermediary between externals and internals but is specifically for
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller paulhans. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £8.91. You're not tied to anything after your purchase.
