CISAβCertified Information Systems Auditor - Part 279
1. An IS auditor doing penetration testing during an audit of internet connections would:
A) evaluate configurations.
B) examine security settings.
C) ensure virus-scanning software is in use.
D) use tools and techniques available to a hacker.
2. Which of the following should concern an IS auditor when reviewing security in a client- server environment?
A) Protecting data using an encryption technique
B) Preventing unauthorized access using a diskless workstation
C) The ability of users to access and modify the database directly
D) Disabling floppy drives on the users' machines
3. Which of the following is a technique that could be used to capture network user passwords?
A) Encryption
B) Sniffing
C) Spoofing
D) Data destruction
4. Which of the following controls would BEST detect intrusion?
A) User IDs and user privileges are granted through authorized procedures.
B) Automatic logoff is used when a workstation is inactive for a particular period of time.
C) Automatic logoff of the system occurs after a specified number of unsuccessful attempts.
D) Unsuccessful logon attempts are monitored by the security administrator.
5. Which of the following is a feature of an intrusion detection system (IDS)?
A) Gathering evidence on attack attempts
B) Identifying weaknesses in the policy definition
C) Blocking access to particular sites on the Internet
D) Preventing certain users from accessing specific servers
A) evaluate configurations.
B) examine security settings.
C) ensure virus-scanning software is in use.
D) use tools and techniques available to a hacker.
2. Which of the following should concern an IS auditor when reviewing security in a client- server environment?
A) Protecting data using an encryption technique
B) Preventing unauthorized access using a diskless workstation
C) The ability of users to access and modify the database directly
D) Disabling floppy drives on the users' machines
3. Which of the following is a technique that could be used to capture network user passwords?
A) Encryption
B) Sniffing
C) Spoofing
D) Data destruction
4. Which of the following controls would BEST detect intrusion?
A) User IDs and user privileges are granted through authorized procedures.
B) Automatic logoff is used when a workstation is inactive for a particular period of time.
C) Automatic logoff of the system occurs after a specified number of unsuccessful attempts.
D) Unsuccessful logon attempts are monitored by the security administrator.
5. Which of the following is a feature of an intrusion detection system (IDS)?
A) Gathering evidence on attack attempts
B) Identifying weaknesses in the policy definition
C) Blocking access to particular sites on the Internet
D) Preventing certain users from accessing specific servers
1. Right Answer: D
Explanation: Penetration testing is a technique used to mimic an experienced hacker attacking a live site by using tools and techniques available to a hacker. The other choices are procedures that an IS auditor would consider undertaking during an audit of Internet connections, but are not aspects of penetration testing techniques.
2. Right Answer: C
Explanation: For the purpose of data security in a client-server environment, an IS auditor should be concerned with the user's ability to access and modify a database directly.This could affect the integrity of the data in the database. Data protected by encryption aid in securing the data. Diskless workstations prevent copying of data into local disks and thus help to maintain the integrity and confidentiality of data. Disabling floppy drives is a physical access control, which helps to maintain the confidentiality of data by preventing it from being copied onto a disk.
3. Right Answer: B
Explanation: Sniffing is an attack that can be used to capture sensitive pieces of information (e.g., a password) passing through the network. Encryption is a method of scrambling information to prevent unauthorized individuals from understanding the transmission. Spoofing is forging an address and inserting it into a packet to disguise the origin of the communication. Data destruction is erasing information or removing it from its original location.
4. Right Answer: D
Explanation: Intrusion is detected by the active monitoring and review of unsuccessful logons. User IDs and the granting of user privileges define a policy, not a control.Automatic logoff is a method of preventing access on inactive terminals and is not a detective control. Unsuccessful attempts to log on are a method for preventing intrusion, not detecting.
5. Right Answer: A
Explanation: An IDS can gather evidence on intrusive activity such as an attack or penetration attempt. Identifying weaknesses in the policy definition is a limitation of an IDS.Choices C and D are features of firewalls, while choice B requires a manual review, and therefore is outside the functionality of an IDS.
Explanation: Penetration testing is a technique used to mimic an experienced hacker attacking a live site by using tools and techniques available to a hacker. The other choices are procedures that an IS auditor would consider undertaking during an audit of Internet connections, but are not aspects of penetration testing techniques.
2. Right Answer: C
Explanation: For the purpose of data security in a client-server environment, an IS auditor should be concerned with the user's ability to access and modify a database directly.This could affect the integrity of the data in the database. Data protected by encryption aid in securing the data. Diskless workstations prevent copying of data into local disks and thus help to maintain the integrity and confidentiality of data. Disabling floppy drives is a physical access control, which helps to maintain the confidentiality of data by preventing it from being copied onto a disk.
3. Right Answer: B
Explanation: Sniffing is an attack that can be used to capture sensitive pieces of information (e.g., a password) passing through the network. Encryption is a method of scrambling information to prevent unauthorized individuals from understanding the transmission. Spoofing is forging an address and inserting it into a packet to disguise the origin of the communication. Data destruction is erasing information or removing it from its original location.
4. Right Answer: D
Explanation: Intrusion is detected by the active monitoring and review of unsuccessful logons. User IDs and the granting of user privileges define a policy, not a control.Automatic logoff is a method of preventing access on inactive terminals and is not a detective control. Unsuccessful attempts to log on are a method for preventing intrusion, not detecting.
5. Right Answer: A
Explanation: An IDS can gather evidence on intrusive activity such as an attack or penetration attempt. Identifying weaknesses in the policy definition is a limitation of an IDS.Choices C and D are features of firewalls, while choice B requires a manual review, and therefore is outside the functionality of an IDS.
Comments
0
CA Foundation Business Economics Questions 2023 - Part 32
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 29
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 28
03 Mar 2023
