CISA QUESTIONS AND ANSWERS 2024

CISA QUESTIONS AND ANSWERS 2024 Email authenticity and confidentiality is best achieves by signing the message using the: Sender's private key and encrypting the message using the receiver's public key- authenticity - public key; confidentiality receivers public keg Nonrepudiation is a process that: the assurance that someone cannot deny something. Encryption of Data The most secure method of protecting confidential data from exposure. To enhance the security and reliability of its VOIP system and data traffic, what would meet this objective? VOIP Infrastructure needs to be segregated using VLANs would protect from network-based attacks, potential eavesdropping and network issues which would help to ensure uptime Digital Signatures Verifies the identity of the sender Over the long term, what has the greatest potential to improve the security incident response process? Postevent reviews to find gaps and shortcomings in the incident response process will help improve the process over time In reviewing the network operations center, a great concern is? A carbon dixoide-based fire suppression system Best directory server in a public key infrastructure Makes other users' certificates available to apps Performing a telecommunication access control review should be primarily concerned with: Authorization and authentication os users prior to granting access to system resources - preventative controm What best helps to decrease research time needed to investigate exceptions? Transaction logs generate an audit trail - a review can be performed on the logs rather than on the entire transaction file DDoS attacks on the internet sites are typically evoked by hackers using? Trojan horses are malicious or damaging code hidden within an authorized computer program. Hackers use trojans to coordinate distributed DDoS attacks that overload a site so that it may no longer be able to process legitimate requests What method of suppressing a fire in a Data Center is the most effective snd environmentally friendly? Dry-pipe sprinklers, they prevent the risk of leakage. What provides the MOST relevant information for proactively strengthening security settings? Honeypot - the design of a honeypot is such that it lures the hacker and provides clues as to the attacker's methods and strategies and the resources required to address such attacks. A honeypot allows the attack to continue, so as to obtain information about the hacker's strategy and methods What is the MOST important factor in ensuring a successful firewall deployment! Testing and validating the ruleset. A mistake can render a firewall ineffective or insecure. Which control is the BEST way to ensure that the data in a file have not been changed during transmission? Hash values - they are calculated on the file and are very sensitive to any changes in the data values in the file Which phase in system development would user acceptance test plans normally be prepared? Requirements definition- at this time, users should be working with the team to consider and document how the system functionality can be tested to ensure that it meets their stated needs To protect a VoIP infrastructures against a DDoS attack, it is most important to secure the: Session border controllers - they enhance the security in the access network and in the core. They hide a user's real address and provide a managed public address. This public address can be monitored, minimizing the opportunities for scannjng and DDoS attacks. They permit access to clients behind firewalls while maintaining the firewall's effectiveness. They protect the users and the network. They hide network topology and users' real addresses and monitor bandwidth and quality of service. If you discover unauthorized transactions during a review of electronic data interchange (EDI) transactions is likely to recommend improving the: Authentication techniques for sending and receiving messages, which play a key role in minimizing exposure to unauthorized transactions During the system testing phase of an app dev project, what should the auditor review? Error Reports - for their precision in recognizing erroneous data and review the procedures for resolving errors What technique will provide the greatest assistance in developing an estimate of project duration? A program evaluation review technique (PERT) chart will help determine the project duration once all of the activities and the work involved with those activities are known The best approach when implementing a large and complex IT infrastructure is: A deployment plan based on sequenced phases - this will provide greater assurance of quality results Security Administration procedures require read-only access to: Security log files - to ensure that once generated, logs are not modified as they provide evidence and track suspicious transactions and activities The use of residual biometric information to gain unauthorized access is an example of? Replay - such as fingerprints left on a biometric capture device, may be reused by an attacker to gain unauthorized access To prevent IP spoofing attacks, a firewall should be configured to drop a packet if: The source routing field is enabled Which cryptography option would increase overhead/cost? A long asymmetric encryption key is used as the computer processing time is increased for longer asymmetric encryption keys What is the greatest concern to an auditor during a review of logical access to an application ? The file storing the app ID password is in cleartext in the production code To ensure compliance with a security policy requiring passwords be a combo of letters and numbers, recommend: An auto password mgmt tool be used - prevent repetition and enforce syntatic rules What is the most prevalent security risk when an org implements remote VPN access to its network Malicious code could spread across the network as the VPN terminated inside the network and the encrypted vpn traffic goes through firewall, the FE cannot adequately examine the traffic The best control to protect corp servers from unauthorized access is to ensure that: It is on a separate VLAN as it ensures both authorized and unauthorized users are prevented from gaining network access to DB servers while allowing internet access to authorized users In a PKI, what me be relied upon to prove than online transaction was authorized by a specific customer? Nonrepudiation; achieved through the use of digital signatures, prevents the sends from later denying that they generated and sent the message URL shortening services would most likely increase of what kind of attack? Phishing - adopted by hackers to fools users and spread malware When using the a digital signature, the message digest is computed: By both the sender and the receiver - created using asymmetric encryption. To verify integrity of data, the sender uses a cryptographic hashing algorithm to create a message digest to be sent along with the message. Upon receipt of the message, the receiver will recompute the hash using the same algorithm What is a digital signature? an electronic document that contains the digital signature of the certificate-issuing authority, binds together a public key with an identity and can be used to verify a public key belongs to a particular person or entity. What is the most important difference between hashing and em encryption? Hashing is irreversible. It is used to verify the integrity of the message, but does not address security. Encryption may use different keys or reverse a process at the sending and receiving ends to encrypt and decrypt What approach is most appropriate for implementing access control that will facilitate security mgmt of the VOIP web application? RBAC, controls access according to job roles or functions Primary objective for classifying information assets is to: Establish guidelines for the level of access controls that should be assigned What can be used to ensure confidentiality of transmitted date? Encrypting the: Session key with the receiver's public key. Access to the session key can only be obtained using the receiver's private key Voltage regulator ensures that: Hardware is protected against power surges as it protects against short-term power fluctuations What kind of software application testing is considered the final stage of testing and includes users outside the dev team? Beta testing - finale stage of testing typically includes users outside of the dev team. It is a form of UAT and generally involves a limited number of users who are external to the development effort When upgrading its existing VPN to support Voice-over Internet Protocol (VOIP) comm via tunneling, what should primarily addressed? Reliability and quality of service (QoS) are the primary considerations to be addressed. Voice comms require consistent levels of service of service, which may be provided through QoS and class of service (CoS) controls What function is performed by a VPN? Hides information from sniffers on the internet using tunneling. It works based on encapsulation and encryption of sensitive traffic What helps following choices BEST helps information owners to properly classify data? While implementing data classification, it is most essential that organizational policies and standards, including the data classification schema, are understood by the owner or custodian of the data so they can be properly classified The reason for establishing a stop or freezing point of the design of a new system is to: Require that changes after that point be evaluated for cost-effectiveness The most effective control over visitor access to a data center Visitors are escorted