CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
1. Security policies should be aligned MOST closely with:
A) industry' best practices.
B) organizational needs.
C) generally accepted standards.
D) local laws and regulations.
2. The BEST way to determine if an anomaly-based intrusion detection system (IDS) is properly installed is to:
A) simulate an attack and review IDS performance.
B) use a honeypot to check for unusual activity.
C) audit the configuration of the IDS.
D) benchmark the IDS against a peer site.
3. The BEST time to perform a penetration test is after:
A) an attempted penetration has occurred.
B) an audit has reported weaknesses in security controls.
C) various infrastructure changes are made.
D) a high turnover in systems staff.
4. Successful social engineering attacks can BEST be prevented through:
A) preemployment screening.
B) close monitoring of users' access patterns.
C) periodic awareness training.
D) efficient termination procedures.
5. What is the BEST way to ensure that an intruder who successfully penetrates a network will be detected before significant damage is inflicted?
A) Perform periodic penetration testing
B) Establish minimum security baselines
C) Implement vendor default settings
D) Install a honeypot on the network
A) industry' best practices.
B) organizational needs.
C) generally accepted standards.
D) local laws and regulations.
2. The BEST way to determine if an anomaly-based intrusion detection system (IDS) is properly installed is to:
A) simulate an attack and review IDS performance.
B) use a honeypot to check for unusual activity.
C) audit the configuration of the IDS.
D) benchmark the IDS against a peer site.
3. The BEST time to perform a penetration test is after:
A) an attempted penetration has occurred.
B) an audit has reported weaknesses in security controls.
C) various infrastructure changes are made.
D) a high turnover in systems staff.
4. Successful social engineering attacks can BEST be prevented through:
A) preemployment screening.
B) close monitoring of users' access patterns.
C) periodic awareness training.
D) efficient termination procedures.
5. What is the BEST way to ensure that an intruder who successfully penetrates a network will be detected before significant damage is inflicted?
A) Perform periodic penetration testing
B) Establish minimum security baselines
C) Implement vendor default settings
D) Install a honeypot on the network
1. Right Answer: B
Explanation: The needs of the organization should always take precedence. Best practices and local regulations are important, but they do not take into account the total needs of an organization.
2. Right Answer: A
Explanation: Simulating an attack on the network demonstrates whether the intrusion detection system (IDS) is properly tuned. Reviewing the configuration may or may not reveal weaknesses since an anomaly-based system uses trends to identify potential attacks. A honeypot is not a good first step since it would need to have already been penetrated. Benchmarking against a peer site would generally not be practical or useful.
3. Right Answer: C
Explanation: Changes in the systems infrastructure are most likely to inadvertently introduce new exposures. Conducting a test after an attempted penetration is not as productive since an organization should not wait until it is attacked to test its defenses. Any exposure identified by an audit should be corrected before it would be appropriate to test. A turnover in administrative staff does not warrant a penetration test, although it may- warrant a review of password change practices and configuration management.
4. Right Answer: C
Explanation: Security awareness training is most effective in preventing the success of social engineering attacks by providing users with the awareness they need to resist such attacks. Screening of new employees, monitoring and rapid termination will not be effective against external attacks.
5. Right Answer: D
Explanation: Honeypots attract hackers away from sensitive systems and files. Since honeypots are closely monitored, the intrusion is more likely to be detected before significant damage is inflicted. Security baselines will only provide assurance that each platform meets minimum criteria. Penetration testing is not as effective and can only be performed sporadically. Vendor default settings are not effective.
Explanation: The needs of the organization should always take precedence. Best practices and local regulations are important, but they do not take into account the total needs of an organization.
2. Right Answer: A
Explanation: Simulating an attack on the network demonstrates whether the intrusion detection system (IDS) is properly tuned. Reviewing the configuration may or may not reveal weaknesses since an anomaly-based system uses trends to identify potential attacks. A honeypot is not a good first step since it would need to have already been penetrated. Benchmarking against a peer site would generally not be practical or useful.
3. Right Answer: C
Explanation: Changes in the systems infrastructure are most likely to inadvertently introduce new exposures. Conducting a test after an attempted penetration is not as productive since an organization should not wait until it is attacked to test its defenses. Any exposure identified by an audit should be corrected before it would be appropriate to test. A turnover in administrative staff does not warrant a penetration test, although it may- warrant a review of password change practices and configuration management.
4. Right Answer: C
Explanation: Security awareness training is most effective in preventing the success of social engineering attacks by providing users with the awareness they need to resist such attacks. Screening of new employees, monitoring and rapid termination will not be effective against external attacks.
5. Right Answer: D
Explanation: Honeypots attract hackers away from sensitive systems and files. Since honeypots are closely monitored, the intrusion is more likely to be detected before significant damage is inflicted. Security baselines will only provide assurance that each platform meets minimum criteria. Penetration testing is not as effective and can only be performed sporadically. Vendor default settings are not effective.
0 Comments
Leave a comment
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
