CISA : Certified Information Systems Auditor : Part 158

  1. An organization has implemented application whitelisting in response to the discovery of a large amount of unapproved software. Which type of control has been deployed?

    • Directive
    • Preventive 
    • Detective
    • Corrective
  2. Which of the following controls MOST effectively reduces the risk associated with use of instant messaging (IM) in the workplace?

    • Traffic encryption
    • Session border controllers
    • Network address translation
    • Blocking peer-to-peer (P2P) clients
  3. Which type of review is MOST important to conduct when an IS auditor is informed that a recent internal exploitation of a bug has been discovered in a business application?

    • Forensic audit
    • Penetration testing
    • Server security audit
    • Application security testing
  4. Which of the following is the PRIMARY factor in determining a recovery time objective (RTO)?

    • Cost of testing the business continuity plan (BCP)
    • Downtime cost of disaster 
    • Cost of offsite backup premises
    • Response time of the emergency action plan
  5. Which of the following is an example of personally identifiable information (PII)?

    • Office address
    • Passport number 
    • Date of birth
    • Marital status
  6. Which of the following will MOST likely compromise the control provided by a digital signature created using RSA encryption?

    • Deciphering the receiver’s public key
    • Obtaining the sender’s private key 
    • Altering the plaintext message
    • Reversing the hash function using the digest
  7. Data anonymization helps to prevent which types of attacks in a big data environment?

    • Man-in-the-middle 
    • Denial-of-service
    • Correlation
    • Spoofing
  8. Which of the following is MOST important when creating a forensic image of a hard drive?

    • Generating a content hash of the hard drive 
    • Requiring an independent third-party be present while imaging
    • Securing a backup copy of the hard drive
    • Choosing an industry-leading forensics software tool
  9. Which of the following controls BEST mitigates the impact of a distributed denial of service (DDoS) attack against the controller in a software-defined network (SDN)?

    • Implementing multiple physical SDN controllers 
    • Relocating virtualized network functions to physical infrastructure
    • Hardening the operating system that hosts the SDN controller
    • Implementing configuration management for SDN controllers
  10. Which of the following would BEST enable an organization to provide indirect access to web applications?

    • Web application proxy 
    • Web application programming interface (API)
    • Web application server
    • Web authentication services
  11. An IS auditor finds an organization has a significant number of systems developed by end-users. Which of the following is the BEST recommendation to help mitigate the associated risks?

    • Storing systems on a shared drive managed by IT
    • Storing developed source code in a centralized repository
    • Centralizing information technology procurement
    • Using a formal development methodology
  12. Which of the following is the MAIN advantage of using one-time passwords?

    • They are suitable for e-commerce authentication.
    • Passwords are hardware/software generated.
    • An intercepted password would be of no use. 
    • The user does not need to remember passwords.
  13. An IS auditor suspects an organization’s computer may have been used to commit a crime. Which of the following is the auditor’s BEST course of action?

    • Examine the computer to search for evidence supporting the suspicions.
    • Notify local law enforcement of the potential crime before further investigation.
    • Contact the incident response team to conduct an investigation. 
    • Advise management of the crime after the investigation.
  14. Which of the following would be considered a corrective control when designing the security of a data center?

    • Perimeter fence
    • Closed-circuit television (CCTV)
    • Fire extinguisher 
    • Security guards
  15. Which of the following is the MOST effective control to restrict the use of instant messaging (IM) within an organization?

    • Intrusion detection system (IDS)
    • Antivirus software
    • Application-based firewall 
    • Packet filtering firewall
  16. Which of the following is MOST likely to be spoofed in an email transmission?

    • The identity of the sender 
    • The identity of the receiving host
    • The path the message traveled through the Internet
    • The identity of the sending host
  17. Which of the following is the safest means of transmitting confidential information over the Internet?

    • Send the data to a trusted third party to resend to the destination.
    • Use asymmetric encryption and encrypt the data with a private key.
    • Establish a virtual private network (VPN) between the source and the destination. 
    • Break the data into many packets and send it over different routes.
  18. Which of the following presents the GREATEST security risk to an organization using peer-to-peer (P2P) file-sharing networks?

    • There is no audit trail for files residing outside of the organization.
    • IP addresses are shared to create a connection.
    • Penetration testing cannot identify issues with P2P file-sharing networks.
    • Controls are difficult to apply to unstructured networks. 
  19. Buffer overflow in an Internet environment is of particular concern to the IS auditor because it can:

    • corrupt databases during the build.
    • be used to obtain importer access to a system.
    • cause the loss of critical data during processing.
    • cause printers to lose some of the document text when printing.
  20. When connecting to an organization’s intranet from the Internet, security against unauthorized access is BEST achieved by using:

    • encryption.
    • virtual private networks (VPNs). 
    • screening routers.
    • proxy servers.