Download New Updated (July) Isaca CISA Actual Test 581-590

Ensurepass

 

QUESTION 581

An installed Ethernet cable run in an unshielded twisted pair (UTP) network is more than 100 meters long. Which of the following could be caused by the length of the cable?

 

A.

Electromagnetic interference (EMI)

B.

Cross-talk

C.

Dispersion

D.

Attenuation

 

Correct Answer: D

Explanation:

Attenuation is the weakening of signals during transmission. When the signal becomes weak, it begins to read a 1 for a 0, and the user may experience communication problems. UTP faces attenuation around 100 meters. Electromagnetic interference (EMl)is caused by outside electromagnetic waves affecting the desired signals, which is not the case here. Cross-talk
has nothing to do with the length of the UTP cable.

 

 

QUESTION 582

Reverse proxy technology for web servers should be deployed if:

 

A.

http servers’ addresses must be hidden.

B.

accelerated access to all published pages is required.

C.

caching is needed for fault tolerance.

D.

bandwidth to the user is limited.

 

Correct Answer: A

Explanation:

Reverse proxies are primarily designed to hide physical and logical internal structures from outside access. Complete URLs or URIs can be partially or completely redirected without disclosing which internal or DMZ server is providing the requested datA. This technology might be used if a trade-off between security, performance and costs has to be achieved. Proxy servers cache some data but normally cannot cache all pages to be published because this depends on the kind of information the web servers provide. The ability to accelerate access depends on the speed of the back-end servers, i.e., those that are cached. Thus, without making further assumptions, a gain in speed cannot be assured, but visualization and hiding of internal structures can. If speed is an issue, a scale-out approach (avoiding adding additional delays by passing firewalls, involving more servers, etc.) would be a better solution. Due to the limited caching option, reverse proxies are not suitable for enhancing fault tolerance. User requests that are handled by reverse proxy servers are using exactly the same bandwidth as direct requests to the hosts providing the data.

 

 

QUESTION 583

Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized?

 

A.

Release-to-release source and object comparison reports

B.

Library control software restricting changes to source code

C.

Restricted access to source code and object code

D.

Date and time-stamp reviews of source and object code

 

Correct Answer: D

Explanation:

Date and time-stamp reviews of source and object code would ensure that source code, which has been compiled, matches the production object code. This is the most effective way to ensure that the approved production source code is compiled and is theone being used.

 

 

QUESTION 584

To verify that the correct version of a data file was used for a production run, an IS auditor should review:

 

A.

operator problem reports.

B.

operator work schedules.

C.

system logs.

D.

output distribution reports.

 

Correct Answer: C

Explanation:

System logs are automated reports which identify most of the activities performed on the computer. Programs that analyze the system log have been developed to report on specifically defined items. The auditor can then carry out tests to ensure that the correct file version was used for a production run. Operator problem reports are used by operators to log computer operation problems. Operator work schedules are maintained to assist in human resources planning. Output distribution reports identify all application reports generated and their distribution.

 

 

QUESTION 585

Which of the following reports should an IS auditor use to check compliance with a service level agreement’s (SLA) requirement for uptime?

 

A.

Utilization reports

B.

Hardware error reports

C.

System logs

D.

Availability reports

 

Correct Answer: D

Explanation:

IS inactivity, such as downtime, is addressed by availability reports. These reports provide the time periods during which the computer was available for utilization by users or other processes. Utilization reports document the use of computer equipment, and can be used by management to predict how/where/when resources are required. Hardware error reports provide information to aid in detecting hardware failures and initiating corrective action. System logs are a recording of the system’s activities.

 

 

QUESTION 586

A company is implementing a dynamic host configuration protocol (DHCP). Given that the following conditions exist, which represents the GREATEST concern?

 

A.

Most employees use laptops.

B.

A packet filtering firewall is used.

C.

The IP address space is smaller than the number of PCs.

D.

Access to a network port is not restricted.

 

Correct Answer: D

Explanation:

Given physical access to a port, anyone can connect to the internal network. The other choices do not present the exposure that access to a port does. DHCP provides convenience (an advantage) to the laptop users. Sharing IP addresses and the existence of a firewall can be security measures.

 

 

QUESTION 587

Which of the following protocols would be involved in the implementation of a router and an interconnectivity device monitoring system?

 

A.

Simple Network Management Protocol

B.

File Transfer Protocol

C.

Simple Mail Transfer Protocol

D.

Telnet

 

Correct Answer: A

Explanation:

The Simple Network Management Protocol provides a means to monitor and control network devices and to manage configurations and performance. The File Transfer Protocol (FTP) transfers files from a computer on the Internet to the user’s computer and does not have any functionality related to monitoring network devices. Simple Mail Transfer Protocol (SMTP) is a protocol for sending and receiving e-mail messages and does not provide any monitoring or management for network devices. Telnet is a standard terminal emulation protocol used for remote terminal connections, enabling users to log into remote systems and use resources as if they were connected to a local system; it does not provide any monitoring or management of network devices.

 

 

QUESTION 588

Applying a retention date on a file will ensure that:

 

A.

data cannot be read until the date is set.

B.

data will not be deleted before that date.

C.

backup copies are not retained after that date.

D.

datasets having the same name are differentiated.

 

Correct Answer: B

Explanation:

A retention date will ensure that a file cannot be overwritten before that date has passed. The retention date will not affect the ability to read the file. Backup copies would be expected to have a different retention date and therefore may be retained after the file has been overwritten. The creation date, not the retention date, will differentiate files with the same name.

 

 

QUESTION 589

Which of the following BEST limits the impact of server failures in a distributed environment?

 

A.

Redundant pathways

B.

Clustering

C.

Dial backup lines

D.

Standby power

 

Correct Answer: B

Explanation:

Clustering allows two or more servers to work as a unit, so that when one of them fails, the other takes over. Choices A and C are intended to minimize the impact of channel communications failures, but not a server failure. Choice D provides an alternative power source in the event of an energy failure.

 

 

QUESTION 590

In a small organization, developers may release emergency changes directly to production. Which of the following will BEST control the risk in this situation?

 

A.

Approve and document the change the next business day

B.

Limit developer access to production to a specific timeframe

C.

Obtain secondary approval before releasing to production

D.

Disable the compiler option in the production machine

 

Correct Answer: A

Explanation:

It may be appropriate to allow programmers to make emergency changes as long as they are documented and approved after the fact. Restricting release time frame may help somewhat; however, it would not apply to emergency changes and cannot prevent unauthorized release of the programs. Choices C and D are not relevant in an emergency situation.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …