Download New Updated (July) Isaca CISA Actual Test 731-740

Ensurepass

 

QUESTION 731

While copying files from a floppy disk, a user introduced a virus into the network. Which of the following would MOST effectively detect the existence of the virus?

 

A.

A scan of all floppy disks before use

B.

A virus monitor on the network file server

C.

Scheduled daily scans of all network drives

D.

A virus monitor on the user’s personal computer

 

Correct Answer: C

Explanation:

Scheduled daily scans of all network drives will detect the presence of a virus after the infection has occurred. All of the other choices are controls designed to prevent a computer virus from infecting the system.

 

 

QUESTION 732

The information security policy that states ‘each individual must have their badge read at every controlled door’ addresses which of the following attack methods?

 

A.

Piggybacking

B.

Shoulder surfing

C.

Dumpster diving

D.

Impersonation

 

Correct Answer: A

Explanation:

Piggybacking refers to unauthorized persons following authorized persons, either physically or virtually, into
restricted areas. This policy addresses the polite behavior problem of holding doors open for a stranger, if every employee must have theirbadge read at every controlled door no unauthorized person could enter the sensitive areA. Looking over the shoulder of a user to obtain sensitive information could be done by an unauthorized person who has gained access to areas using piggybacking,but this policy specifically refers to physical access control. Shoulder surfing would not be prevented by the implementation of this policy. Dumpster diving, looking through an organization’s trash for valuable information, could be done outside the company’s physical perimeter; therefore, this policy would not address this attack method. Impersonation refers to a social engineer acting as an employee, trying to retrieve the desired information. Some forms of social engineering attacks could join an impersonation attack and piggybacking, but this information security policy does not address the impersonation attack.

 

 

QUESTION 733

When planning an audit of a network setup, an IS auditor should give highest priority to obtaining which of the following network documentation?

 

A.

Wiring and schematic diagram

B.

Users’ lists and responsibilities

C.

Application lists and their details

D.

Backup and recovery procedures

 

Correct Answer: A

Explanation:

The wiring and schematic diagram of the network is necessary to carry out a network audit. A network audit may not be feasible if a network wiring and schematic diagram is not available. All other documents are important but not necessary.

 

 

QUESTION 734

A hacker could obtain passwords without the use of computer tools or programs through the technique of:

 

A.

social engineering.

B.

sniffers.

C.

back doors.

D.

Trojan horses.

 

Correct Answer: A

Explanation:

Social engineering is based on the divulgence of private information through dialogues, interviews, inquiries, etc., in which a user may be indiscreet regarding their or someone else’s personal datA. A sniffer is a computer tool to monitor the traffic in networks. Back doors are computer programs left by hackers to exploit vulnerabilities. Trojan horses are computer programs that pretend to supplant a real program; thus, the functionality of the program is not authorized and is usually maliciousin nature.

 

 

QUESTION 735

Digital signatures require the:

 

A.

signer to have a public key and the receiver to have a private key.

B.

signer to have a private key and the receiver to have a public key.

C.

signer and receiver to have a public key.

D.

signer and receiver to have a private key.

 

Correct Answer: B

Explanation:

Digital signatures are intended to verify to a recipient the integrity of the data and the identity of the sender. The digital signature standard is a public key algorithm. This requires the signer to have a private key and the receiver to have a public key.

 

 

QUESTION 736

Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users?

 

A.

System analysis

B.

Authorization of access to data

C.

Application programming

D.

Data administration

 

Correct Answer: B

Explanation:

The application owner is responsible for authorizing access to datA. Application development and programming are functions of the IS department. Similarly, system analysis should be performed by qualified persons in IS who have knowledge of IS and user requirements. Data administration is a specialized function related to database management systems and should be performed by qualified database administrators.

 

 

QUESTION 737

Which of the following append themselves to files as a protection against viruses?

 

A.

Behavior blockers

B.

Cyclical redundancy checkers (CRCs)

C.

Immunizers

D.

Active monitors

 

Correct Answer: C

Explanation:

I mmunizers defend against viruses by appending sections of themselves to files. They continuously check the file for changes and report changes as possible viral behavior. Behavior blockers focus on detecting potentially abnormal behavior, such as writing to the boot sector or the master boot record, or making changes to executable files. Cyclical redundancy checkers compute a binary number on a known virus-free program that is then stored in a database file. When that program is subsequently called to be executed, the checkers look for changes to the files, compare it to the database and report possible infection if changes have occurred. Active monitors interpret DOS and ROM basic input- output system (BIOS) calls, looking for virus-like actions.

 

 

QUESTION 738

Which of the following is the MOST effective control when granting temporary access to vendors?

 

A.

Vendor access corresponds to the service level agreement (SLA).

B.

User accounts are created with expiration dates and are based on services provided.

C.

Administrator access is provided for a limited period.

D.

User IDs are deleted when the work is completed.

 

Correct Answer: B

Explanation:

The most effective control is to ensure that the granting of temporary access is based on services to be provided and that there is an expiration date (hopefully automated) associated with each ID. The SLA may have a provision for providing access, but this is not a control; it would merely define the need for access. Vendors require access for a limited period during the time of service. However, it is important to ensure that the access during this period is monitored. Deleting these user I Dsafter the work is completed is necessary, but if not automated, the deletion could be overlooked.

 

 

QUESTION 739

Over the long term, which of the following has the greatest potential to improve the security incident response process?

 

A.

A walkthrough review of incident response procedures

B.

Postevent reviews by the incident response team

C.

Ongoing security training for users

D.

Documenting responses to an incident

 

Correct Answer: B

Explanation:

Postevent reviews to find the gaps and shortcomings in the actual incident response processes will help to improve the process over time. Choices A, C and D are desirable actions, but postevent reviews are the most reliable mechanism for improving security incident response processes.

 

 

QUESTION 740

Which of the following provides nonrepudiation services for e-commerce transactions?

 

A.

Public key infrastructure (PKI)

B.

Data Encryption Standard (DES)

C.

Message authentication code (MAC)

D.

Personal identification number (PIN)

 

Correct Answer: A

Explanation:

PKl is the administrative infrastructure for digital certificates and encryption key pairs. The qualities of an acceptable digital signature are: it is unique to the person using it; it is capable of verification; it is under the sole control of theperson using it; and it is linked to data in such a manner that if data are changed, the digital signature is invalidated. PKl meets these tests. The Data Encryption Standard (DES) is the most common private key cryptographic system. DES does not address nonrepudiation. A MAC is a cryptographic value calculated by passing an entire message through a cipher system. The sender attaches the MAC before transmission and the receiver recalculates the MAC and compares it to the sent MAC. If the two MACs are not equal, this indicates that the message has been altered during transmission; it has nothing to do with nonrepudiation. A PIN is a type of password, a secret number assigned to an individual that, in conjunction with some other means of identification, serves to verify the authenticity of the individual.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …