100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CISA Questions (801 - 900) Questions & 100% Correct Answers $14.49   Add to cart
Quickly navigate to
Preview
  2.  
  3. CISA
  4.  
  5. CISA

Exam (elaborations)

CISA Questions (801 - 900) Questions & 100% Correct Answers
 6 views  0 purchase
  • Course
  • CISA
  • Institution
  • CISA

An organization is proposing to establish a wireless local area network (WLAN). Management asks the IS auditor to recommend security controls for the WLAN. Which of the following would be the MOST appropriate recommendation? Select an answer: A. Physically secure wireless access points to p...

[Show more]

Preview 4 out of 152  pages

Document information

  • September 9, 2024
  • 152
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • cisa questions questions 100 corre
  • an organization is proposing to establish a wirele

Written for

  • CISA
  • CISA

Seller

avatar-seller
ExamArsenal

Reviews received

Content preview

1 | P a g e | © copyright 2024/2025 | Grade A+




CISA Questions (801 - 900) Questions
& 100% Correct Answers
An organization is proposing to establish a wireless local area network (WLAN).

Management asks the IS auditor to recommend security controls for the WLAN.

Which of the following would be the MOST appropriate recommendation?




Select an answer:

A.

Physically secure wireless access points to prevent tampering.




B.

Use service set identifiers (SSIDs) that clearly identify the organization.




C.

Encrypt traffic using the Wired Equivalent Privacy (WEP) mechanism.




D.

Implement the Simple Network Management Protocol (SNMP) to allow active

monitoring.

✓ :~~ You are correct, the answer is A.




Master01 | September, 2024/2025 | Latest update

, 2 | P a g e | © copyright 2024/2025 | Grade A+


A. Physically securing access points such as wireless routers, as well as preventing

theft, addresses the risk of malicious parties tampering with device settings. If

access points can be physically reached, it is often a simple matter to restore weak

default passwords and encryption keys, or to totally remove authentication and

encryption from the network.




B. Service set identifiers (SSIDs) should not be used to identify the organization

because hackers can associate the wireless local area network (WLAN) with a

known organization and this increases both their motivation to attack and,

potentially, the information available to do so.




C. The original Wired Equivalent Privacy (WEP) security mechanism has been

demonstrated to have a number of exploitable weaknesses. The more recently

developed Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2)

standards represent considerably more secure means of authentication and

encryption.




D. Installing Simple Network Management Protocol (SNMP) on wireless access

points can actually open up security vulnerabilities. If SNMP is required at all, then

SNMP v3, which has stronger authentication mechanisms than earlier versions,

should be deployed.




Master01 | September, 2024/2025 | Latest update

, 3 | P a g e | © copyright 2024/2025 | Grade A+


A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of

receiving financial data and has communicated the site's address, user ID and

password to the financial services company in separate email messages. The

company is to transmit its data to the FTP site after manually encrypting the data.

The IS auditor's GREATEST concern with this process is that:




Select an answer:

A.

the users may not remember to manually encrypt the data before transmission.




B.

the site credentials were sent to the financial services company via email.




C.

personnel at the consulting firm may obtain access to sensitive data.




D.

the use of a shared user ID to the FTP site does not allow for user accountability.

✓ :~~ You are correct, the answer is A.




Master01 | September, 2024/2025 | Latest update

, 4 | P a g e | © copyright 2024/2025 | Grade A+


A. If the data is not encrypted, an unauthorized external party may download

sensitive company data.




B. Even though the possibility exists that the logon information was captured from

the emails, data should be encrypted, so the theft of the data would not allow the

attacker to read it.




C. Some of the employees at the consulting firm will have access to the sensitive

data and the consulting firm must have procedures in place to protect the data.




D. Tracing accountability is of minimal concern compared to the compromise of

sensitive data.




During an IS risk assessment of a healthcare organization regarding protected

healthcare information (PHI), an IS auditor interviews IS management. Which of

the following findings from the interviews would be of MOST concern to the IS

auditor?




Select an answer:

A.

The organization does not encrypt all of its outgoing email messages.




Master01 | September, 2024/2025 | Latest update

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller ExamArsenal. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $14.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

71184 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$14.49
  • (0)
  Add to cart