ISACA Cybersecurity UPDATED Exam
Questions and CORRECT Answers
Write blocker - CORRECT ANSWER A device that allows the acquisition of information on
a drive without creating the possibility of accidentally damaging the drive
WPA3 - CORRECT ANSWER Wireless security protocol released mid-2018 that improves
on WPA2 by eliminating preshared key (PSK), which is susceptible to dictionary attacks
WPA2 - CORRECT ANSWER Wireless security protocol that supports 802.11i encryption
standards to provide greater security. This protocol uses advanced encryption standards (AES)
and temporal key integrity protocol (TKIP) for stronger encryption.
Worm - CORRECT ANSWER A programmed network attack in which a self- replicating
program does not attach itself to programs, but rather spreads independently of users' action.
Wireless local area network (WLAN) - CORRECT ANSWER Wireless communication
network that serves several users within a specified limited geographic area
Wide area network (WAN) - CORRECT ANSWER A computer network connecting multiple
offices or buildings over a larger area.
Wi-Fi Protected Access (WPA) - CORRECT ANSWER A class of security protocols used to
secure wireless (Wi-Fi) computer networks
Web server - CORRECT ANSWER End-point hardware or software that serves web pages to
users
Vulnerability scanning - CORRECT ANSWER An automated process to proactively identify
security weaknesses in a network or individual system
,Vulnerability analysis - CORRECT ANSWER A process of identifying and classifying
vulnerabilities
Volatile data - CORRECT ANSWER Data that changes frequently and can be lost when the
system's power is shut down
Voice-over Internet Protocol (VoIP) - CORRECT ANSWER Also called IP Telephony,
Internet Telephony and Broadband Phone, a technology that makes it possible to have a voice
conversation over the Internet or over any dedicated Internet Protocol (IP) network instead of
over dedicated voice transmission lines.
Virus signature - CORRECT ANSWER The file of virus patterns that are compared with
existing files to determine whether they are infected with a virus or worm.
Virus - CORRECT ANSWER Piece of code that can replicate itself and spread from one
computer to another. It requires intervention or execution to replicate and/or cause damage. See
Bomb, Trojan horse and worm.
Virtualization - CORRECT ANSWER The process of adding a "guest application" and data
onto a "virtual server," recognizing that the guest application will ultimately part company from
this physical server.
Virtual local area network (VLAN) - CORRECT ANSWER Logical segmentation of a LAN
into different broadcast domains. Scope Notes: A VLAN is set up by configuring ports on a
switch, so devices attached to these ports may communicate as if they were attached to the same
physical network segment, although the devices are located on different LAN segments. A
VLAN is based on logical rather than physical connections.
Vertical defense-in depth - CORRECT ANSWER Controls are placed at different system
layers—hardware, operating system, application, database or user levels
User provisioning - CORRECT ANSWER A process to create, modify, disable and delete
user accounts and their profiles across IT infrastructure and business applications
, User mode - CORRECT ANSWER Used for the execution of normal system activities
User Datagram Protocol (UDP) - CORRECT ANSWER A connectionless Internet protocol
that is designed for network efficiency and speed at the expense of reliability
Uniform resource locator (URL) - CORRECT ANSWER The string of characters that form a
web address
Tunnel mode - CORRECT ANSWER Used to protect traffic between different networks
when traffic must travel through intermediate or untrusted networks. Tunnel mode encapsulates
the entire IP packet with and AH or ESP header and an additional IP header.
Tunnel - CORRECT ANSWER The paths that the encapsulated packets follow in an Internet
virtual private network (VPN).
Triple DES (3DES) - CORRECT ANSWER A block cipher created from the Data Encryption
Standard (DES) cipher by using it three times. 3DES was broken in 2016.
Transport Layer Security (TLS) - CORRECT ANSWER A cryptographic protocol that
provides secure communications, endpoint security and privacy on the Internet
Transmission Control Protocol Internet Protocol (TCP/IP) - CORRECT ANSWER Provides
the basis for the Internet; a set of communication protocols that encompass media access, packet
transport, session communication, file transfer, electronic mail (email), terminal emulation,
remote file access and network management.
Transmission Control Protocol (TCP) - CORRECT ANSWER A connection- based Internet
protocol that supports reliable data transfer connections. Scope Notes: Packet data are verified
using checksums and retransmitted if they are missing or corrupted. The application plays no
part in validating the transfer.
Questions and CORRECT Answers
Write blocker - CORRECT ANSWER A device that allows the acquisition of information on
a drive without creating the possibility of accidentally damaging the drive
WPA3 - CORRECT ANSWER Wireless security protocol released mid-2018 that improves
on WPA2 by eliminating preshared key (PSK), which is susceptible to dictionary attacks
WPA2 - CORRECT ANSWER Wireless security protocol that supports 802.11i encryption
standards to provide greater security. This protocol uses advanced encryption standards (AES)
and temporal key integrity protocol (TKIP) for stronger encryption.
Worm - CORRECT ANSWER A programmed network attack in which a self- replicating
program does not attach itself to programs, but rather spreads independently of users' action.
Wireless local area network (WLAN) - CORRECT ANSWER Wireless communication
network that serves several users within a specified limited geographic area
Wide area network (WAN) - CORRECT ANSWER A computer network connecting multiple
offices or buildings over a larger area.
Wi-Fi Protected Access (WPA) - CORRECT ANSWER A class of security protocols used to
secure wireless (Wi-Fi) computer networks
Web server - CORRECT ANSWER End-point hardware or software that serves web pages to
users
Vulnerability scanning - CORRECT ANSWER An automated process to proactively identify
security weaknesses in a network or individual system
,Vulnerability analysis - CORRECT ANSWER A process of identifying and classifying
vulnerabilities
Volatile data - CORRECT ANSWER Data that changes frequently and can be lost when the
system's power is shut down
Voice-over Internet Protocol (VoIP) - CORRECT ANSWER Also called IP Telephony,
Internet Telephony and Broadband Phone, a technology that makes it possible to have a voice
conversation over the Internet or over any dedicated Internet Protocol (IP) network instead of
over dedicated voice transmission lines.
Virus signature - CORRECT ANSWER The file of virus patterns that are compared with
existing files to determine whether they are infected with a virus or worm.
Virus - CORRECT ANSWER Piece of code that can replicate itself and spread from one
computer to another. It requires intervention or execution to replicate and/or cause damage. See
Bomb, Trojan horse and worm.
Virtualization - CORRECT ANSWER The process of adding a "guest application" and data
onto a "virtual server," recognizing that the guest application will ultimately part company from
this physical server.
Virtual local area network (VLAN) - CORRECT ANSWER Logical segmentation of a LAN
into different broadcast domains. Scope Notes: A VLAN is set up by configuring ports on a
switch, so devices attached to these ports may communicate as if they were attached to the same
physical network segment, although the devices are located on different LAN segments. A
VLAN is based on logical rather than physical connections.
Vertical defense-in depth - CORRECT ANSWER Controls are placed at different system
layers—hardware, operating system, application, database or user levels
User provisioning - CORRECT ANSWER A process to create, modify, disable and delete
user accounts and their profiles across IT infrastructure and business applications
, User mode - CORRECT ANSWER Used for the execution of normal system activities
User Datagram Protocol (UDP) - CORRECT ANSWER A connectionless Internet protocol
that is designed for network efficiency and speed at the expense of reliability
Uniform resource locator (URL) - CORRECT ANSWER The string of characters that form a
web address
Tunnel mode - CORRECT ANSWER Used to protect traffic between different networks
when traffic must travel through intermediate or untrusted networks. Tunnel mode encapsulates
the entire IP packet with and AH or ESP header and an additional IP header.
Tunnel - CORRECT ANSWER The paths that the encapsulated packets follow in an Internet
virtual private network (VPN).
Triple DES (3DES) - CORRECT ANSWER A block cipher created from the Data Encryption
Standard (DES) cipher by using it three times. 3DES was broken in 2016.
Transport Layer Security (TLS) - CORRECT ANSWER A cryptographic protocol that
provides secure communications, endpoint security and privacy on the Internet
Transmission Control Protocol Internet Protocol (TCP/IP) - CORRECT ANSWER Provides
the basis for the Internet; a set of communication protocols that encompass media access, packet
transport, session communication, file transfer, electronic mail (email), terminal emulation,
remote file access and network management.
Transmission Control Protocol (TCP) - CORRECT ANSWER A connection- based Internet
protocol that supports reliable data transfer connections. Scope Notes: Packet data are verified
using checksums and retransmitted if they are missing or corrupted. The application plays no
part in validating the transfer.
