100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
CISA Practice Questions & 100% Correct Answers €13,23
In winkelwagen

Tentamen (uitwerkingen)

CISA Practice Questions & 100% Correct Answers

 0 keer verkocht
  • Vak
  • CISA
  • Instelling
  • CISA

In a public key infrastructure (PKI), which of the following may be relied upon to prove that an online transaction was authorized by a specific customer? Correct A. Nonrepudiation B. Encryption C. Authentication D. Integrity . :~~ You are correct, the answer is A. A. Nonrepudiation, ach...

[Meer zien]

Voorbeeld 4 van de 286  pagina's

  • 9 september 2024
  • 286
  • 2024/2025
  • Tentamen (uitwerkingen)
  • Vragen en antwoorden
  • CISA
  • CISA
avatar-seller
1 | P a g e | © copyright 2024/2025 | Grade A+




CISA Practice Questions & 100%
Correct Answers
In a public key infrastructure (PKI), which of the following may be relied upon to

prove that an online transaction was authorized by a specific customer?




Correct A. Nonrepudiation




B. Encryption




C. Authentication




D. Integrity




.


✓ :~~ You are correct, the answer is A.




A. Nonrepudiation, achieved through the use of digital signatures, prevents the

senders from later denying that they generated and sent the message.




Master01 | September, 2024/2025 | Latest update

, 2 | P a g e | © copyright 2024/2025 | Grade A+


B. Encryption may protect the data transmitted over the Internet, but may not

prove that the transactions were made.




C. Authentication is necessary to establish the identification of all parties to a

communication.




D. Integrity ensures that transactions are accurate but does not provide the

identification of the customer




Which of the following BEST ensures the integrity of a server's operating system

(OS)?




A. Protecting the server in a secure location




B. Setting a boot password




Correct C. Hardening the server configuration




D. Implementing activity logging

✓ :~~ You are correct, the answer is C.




Master01 | September, 2024/2025 | Latest update

, 3 | P a g e | © copyright 2024/2025 | Grade A+




A. Protecting the server in a secure location is a good practice, but does not

ensure that a user will not try to exploit logical vulnerabilities and compromise the

operating system (OS).




B. Setting a boot password is a good practice, but does not ensure that a user will

not try to exploit logical vulnerabilities and compromise the OS.




C. Hardening a system means to configure it in the most secure manner (install

latest security patches, properly define access authorization for users and

administrators, disable insecure options and uninstall unused services) to prevent

nonprivileged users from gaining the right to execute privileged instructions and,

thus, take control of the entire machine, jeopardizing the integrity of the OS.




D. Activity logging has two weaknesses in this scenario—it is a detective control

(not a preventive one), and the attacker who already gained privileged access can

modify logs or disable them.




The IS auditor is reviewing an organization's human resources (HR) database

implementation. The IS auditor discovers that the database servers are clustered

for high availability, all default database accounts have been removed and

database audit logs are kept and reviewed on a weekly basis. What other area




Master01 | September, 2024/2025 | Latest update

, 4 | P a g e | © copyright 2024/2025 | Grade A+


should the IS auditor check to ensure that the databases are appropriately

secured?




A. Database digital signatures




Incorrect B. Database encryption nonces and other variables




C. Database media access control (MAC) address authentication




D. Database initialization parameters

✓ :~~ You answered B. The correct answer is D.




A. Digital signatures are used for authentication and nonrepudiation, and are not

commonly used in databases. As a result, this is not an area in which the IS auditor

should investigate.




B. A nonce is defined as a "parameter that changes over time" and is similar to a

number generated to authenticate one specific user session. Nonces are not

related to database security (they are commonly used in encryption schemes).




Master01 | September, 2024/2025 | Latest update

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

Verzekerd van kwaliteit door reviews

Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper ExamArsenal. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €13,23. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 69605 samenvattingen verkocht

Opgericht in 2010, al 15 jaar dé plek om samenvattingen te kopen

Start met verkopen
€13,23
  • (0)
In winkelwagen
Toegevoegd