100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
Eerder door jou gezocht
Eerder door jou gezocht
logo
CISA Questions (801 - 900) Questions & 100% Correct Answers €14,15   In winkelwagen
Snel navigeren naar
Voorbeeld
  2.  
  3. CISA
  4.  
  5. CISA

Tentamen (uitwerkingen)

CISA Questions (801 - 900) Questions & 100% Correct Answers
 6 keer bekeken  0 keer verkocht
  • Vak
  • CISA
  • Instelling
  • CISA

An organization is proposing to establish a wireless local area network (WLAN). Management asks the IS auditor to recommend security controls for the WLAN. Which of the following would be the MOST appropriate recommendation? Select an answer: A. Physically secure wireless access points to p...

[Meer zien]

Voorbeeld 4 van de 152  pagina's

Document informatie

  • 9 september 2024
  • 152
  • 2024/2025
  • Tentamen (uitwerkingen)
  • Vragen en antwoorden

Onderwerpen

  • cisa questions questions 100 corre
  • an organization is proposing to establish a wirele

Geschreven voor

  • CISA
  • CISA

Verkoper

avatar-seller
ExamArsenal

Ontvangen beoordelingen

Voorbeeld van de inhoud

1 | P a g e | © copyright 2024/2025 | Grade A+




CISA Questions (801 - 900) Questions
& 100% Correct Answers
An organization is proposing to establish a wireless local area network (WLAN).

Management asks the IS auditor to recommend security controls for the WLAN.

Which of the following would be the MOST appropriate recommendation?




Select an answer:

A.

Physically secure wireless access points to prevent tampering.




B.

Use service set identifiers (SSIDs) that clearly identify the organization.




C.

Encrypt traffic using the Wired Equivalent Privacy (WEP) mechanism.




D.

Implement the Simple Network Management Protocol (SNMP) to allow active

monitoring.

✓ :~~ You are correct, the answer is A.




Master01 | September, 2024/2025 | Latest update

, 2 | P a g e | © copyright 2024/2025 | Grade A+


A. Physically securing access points such as wireless routers, as well as preventing

theft, addresses the risk of malicious parties tampering with device settings. If

access points can be physically reached, it is often a simple matter to restore weak

default passwords and encryption keys, or to totally remove authentication and

encryption from the network.




B. Service set identifiers (SSIDs) should not be used to identify the organization

because hackers can associate the wireless local area network (WLAN) with a

known organization and this increases both their motivation to attack and,

potentially, the information available to do so.




C. The original Wired Equivalent Privacy (WEP) security mechanism has been

demonstrated to have a number of exploitable weaknesses. The more recently

developed Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2)

standards represent considerably more secure means of authentication and

encryption.




D. Installing Simple Network Management Protocol (SNMP) on wireless access

points can actually open up security vulnerabilities. If SNMP is required at all, then

SNMP v3, which has stronger authentication mechanisms than earlier versions,

should be deployed.




Master01 | September, 2024/2025 | Latest update

, 3 | P a g e | © copyright 2024/2025 | Grade A+


A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of

receiving financial data and has communicated the site's address, user ID and

password to the financial services company in separate email messages. The

company is to transmit its data to the FTP site after manually encrypting the data.

The IS auditor's GREATEST concern with this process is that:




Select an answer:

A.

the users may not remember to manually encrypt the data before transmission.




B.

the site credentials were sent to the financial services company via email.




C.

personnel at the consulting firm may obtain access to sensitive data.




D.

the use of a shared user ID to the FTP site does not allow for user accountability.

✓ :~~ You are correct, the answer is A.




Master01 | September, 2024/2025 | Latest update

, 4 | P a g e | © copyright 2024/2025 | Grade A+


A. If the data is not encrypted, an unauthorized external party may download

sensitive company data.




B. Even though the possibility exists that the logon information was captured from

the emails, data should be encrypted, so the theft of the data would not allow the

attacker to read it.




C. Some of the employees at the consulting firm will have access to the sensitive

data and the consulting firm must have procedures in place to protect the data.




D. Tracing accountability is of minimal concern compared to the compromise of

sensitive data.




During an IS risk assessment of a healthcare organization regarding protected

healthcare information (PHI), an IS auditor interviews IS management. Which of

the following findings from the interviews would be of MOST concern to the IS

auditor?




Select an answer:

A.

The organization does not encrypt all of its outgoing email messages.




Master01 | September, 2024/2025 | Latest update

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

Verzekerd van kwaliteit door reviews

Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper ExamArsenal. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €14,15. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 79223 samenvattingen verkocht

Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen

Start met verkopen
€14,15
  • (0)
  Kopen