CISA : Certified Information Systems Auditor : Part 157
-
Which of the following is the BEST control to protect an organization’s sensitive data when using a publicly available cloud storage service?
- Cryptographic hash function performed by the cloud vendor
- Transparent volume encryption offered by the cloud vendor
- Data encryption performed by the organization prior to uploading
- Transport layer security (TLS) between the cloud vendor and the organization
-
An IS audit concludes that entry to the computer room is appropriately controlled. The audit result provides assurance that:
- the theft of hardware is prevented.
- the confidentiality of data is protected.
- data leakage is prevented.
- unauthorized access is prevented.
-
Which of the following BEST helps to ensure data integrity across system interfaces?
- Environment segregation
- System backups
- Reconciliations
- Access controls
-
When implementing a software product (middleware) to pass data between local area network (LAN) servers and the mainframe, the MOST critical control consideration is:
- cross-platform security authentication.
- time synchronization of databases.
- network traffic levels between platforms.
- time-stamping of transactions to facilitate recovery.
-
Which of the following test approaches would utilize data analytics to test a dual approval payment control?
- Review payments completed in the past month that do not have a unique approver.
- Attempt to complete a payment without a secondary approval.
- Review users within the payment application who are assigned an approver role.
- Evaluate configuration settings for the secondary approval requirements.
-
To mitigate the risk of exposing data through application programming interface (API) queries, which of the following design considerations is MOST important?
- Data minimalization
- Data quality
- Data retention
- Data integrity
-
Which of the following is the BEST way to transmit documents classified as confidential over the Internet?
- Hashing the document contents and destroying the hash value
- Sending documents as multiple packets over different network routes
- Converting documents to proprietary format before transmission
- Using a virtual private network (VPN)
-
An organization is designing an application programming interface (API) for business-to-business data sharing with a vendor. Which of the following is the BEST way to reduce the potential risk of data leakage?
- Implement a policy to require data transfer over hypertext transfer protocol (HTTP)
- Implement the API on a secure server and encrypt traffic between both organizations
- Restrict the allowable number of API calls within a specified period
- Conduct an independent review of the application architecture and service level agreements (SLAs)
-
Which of the following threats is MOST effectively controlled by a firewall?
- Network congestion
- Denial of service (DoS) attack
- Network sniffing
- Password cracking
-
Which of the following is the BEST way to mitigate the impact of ransomware attacks?
- Backing up data frequently
- Invoking the disaster recovery plan (DRP)
- Requiring password changes for administrative accounts
- Paying the ransom
-
During a post-incident review of a security breach, what type of analysis should an IS auditor expect to be performed by the organization’s information security team?
- Gap analysis
- Business impact analysis (BIA)
- Qualitative risk analysis
- Root cause analysis
-
When reviewing a contract for a disaster recovery hot site, which of the following would be the MOST significant omission?
- Audit rights
- Testing procedures
- Exposure coverage
- Equipment provided
-
Which of the following is the BEST reason to utilize blockchain technology to record accounting transactions?
- Integrity of records
- Confidentiality of records
- Availability of records
- Distribution of records
-
Which of the following is the GREATEST risk associated with instant messaging?
- Data governance may become ineffective.
- Data classification procedures may not be followed.
- Data logging is more difficult.
- Data exfiltration is more likely to occur.
-
When using a wireless device, which of the following BEST ensures confidential access to email via web mail?
- Simple object access protocol (SOAP)
- Hypertext transfer protocol secure (HTTPS)
- Extensible markup language (XML)
- Wired equivalent privacy (WEP)
-
Which of the following is an indication of possible hacker activity involving voice communications?
- A significant percentage of lines are busy during early morning and late afternoon hours.
- Outbound calls are found to significantly increase in frequency during non-business hours.
- Inbound calls experience significant fluctuations based on time-of-day and day-of-week.
- Direct inward system access (DISA) is found to be disabled on the company’s exchange.
-
Which of the following would provide the BEST evidence for use in a forensic investigation of an employee’s hard drive?
- A file level copy of the hard drive
- Bit-stream copy of the hard drive
- Memory dump to an external hard drive
- Prior backups
-
Which of the following is the BEST way to minimize leakage of data in transit?
- Virtual local area network (VLAN)
- Storage encryption
- Virtual private network (VPN)
- Digital signature
-
The recovery time objective (RTO) is normally determined on the basis of the:
- criticality of the systems affected
- risk of occurrence
- acceptable downtime of the alternate site
- cost of recovery of all systems
-
Which of the following attacks is BEST detected by an intrusion detection system (IDS)?
- Spamming
- Spoofing
- Logic bomb
- System scanning
Subscribe
0 Comments
Newest