CISA : Certified Information Systems Auditor : Part 82
-
A disk management system’s PRIMARY function is to:
- monitor disk accesses for analytical review
- deny access to disk resident data files
- provide data on efficient disk usage
- provide the method of control for disk usage
-
Which of the following is a detective control?
- Procedures for authorizing transactions
- Echo checks in telecommunications
- A router rule restricting a service
- Programmed edit checks
-
Which of the following is the GREATEST threat to Voice-over Internet Protocol (VoIP) related to privacy release?
- Incorrect routing
- Eavesdropping
- Call recording
- Denial of service
-
The MOST effective control to detect fraud inside an organization’s network, is to:
- implement an intrusion detection system (IDS)
- apply two-factor authentication
- review access logs
- segregate duties
-
Which of the following is the GREATEST risk of single sign-on?
- Password carelessness by one user may render the entire infrastructure vulnerable
- Integration of single sign-on with the rest of the infrastructure is complicated
- It is a single point of failure for an enterprise access control process
- One administrator maintains the single sign-on solutions without segregation of duty
-
An IT department has given a vendor remote access to the internal network for troubleshooting network performance problems. After discovering the remote activity during a firewall log review, which of the following is the BEST course of action for an information security manager?
- Revoke the access.
- Review the related service level agreement (SLA).
- Determine the level of access granted.
- Declare a security incident.
-
Which of the following is the BEST defense against a brute force attack?
- Discretionary access control
- Intruder detection lockout
- Mandatory access control
- Time-of-day restrictions
-
Which of the following is the GREATEST security threat when an organization allows remote access to a virtual private network (VPN)?
- Client logins are subject to replay attack.
- VPN traffic could be sniffed and captured.
- Compromised VPN clients could impact the network.
- Attackers could compromise the VPN gateway.
-
The PRIMARY benefit of a centralized time server is that it:
- reduces individual time-of-day requests by client applications
- is required by password synchronization programs
- allows decentralized logs to be kept in synchronization
- decreases the likelihood of an unrecoverable systems failure
-
An information security manager has observed multiple exceptions for a number of different security controls. Which of the following should be the information security manager’s FIRST course of action?
- Design mitigating controls for the exceptions.
- Prioritize the risk and implement treatment options.
- Inform respective risk owners of the impact of exceptions.
- Report the noncompliance to the board of directors.
-
An employee uses a personal mobile device to access corporate data and email, but also allows friends to use it as a mobile hotspot for Internet access when not at work. The information security manager is concerned this situation may expose confidential data. The manager’s FIRST step should be to:
- update the mobile device usage standards to address the issue and communicate to all employees
- activate the incident response plan to mitigate the impact and stop the compromise
- review the associated risks to determine if additional controls are needed
- implement additional security controls that will mitigate the situation and then reassess risks
-
Senior management has approved employees working off-site by using a virtual private network (VPN) connection. It is MOST important for the information security manager to periodically:
- review firewall configuration
- review the security policy
- perform a cost-benefit analysis
- perform a risk assessment
-
The BEST way to avoid session hijacking is to use:
- a reverse lookup
- a secure protocol
- a firewall
- strong password controls
-
Which of the following outsourced services has the GREATEST need for security monitoring?
- Web site hosting
- Application development
- Virtual private network (VPN) services
- Enterprise infrastructure
-
Identify the INCORRECT statement related to network performance below?
- Bandwidth – Bandwidth commonly measured in bits/second is the maximum rate that information can be transferred
- Latency – Latency the actual rate that information is transferred
- Jitter – Jitter variation in the time of arrival at the receiver of the information
- Error Rate – Error rate the number of corrupted bits expressed as a percentage or fraction of the total sent
Explanation:
The word INCORRECT is the keyword used within the question. You need to find out a statement which is incorrectly describe about network performance. Throughput the actual rate that information is transferred and Latency is the delay between the sender and the receiver decoding it, this is mainly a function of the signals travel time, and processing time at any nodes the information traverses
For your exam you should know below information about Network performance:
Network performance refers to measurement of service quality of a telecommunications product as seen by the customer.
The following list gives examples of network performance measures for a circuit-switched network and one type of packet-switched network (ATM):
Circuit-switched networks: In circuit switched networks, network performance is synonymous with the grade of service. The number of rejected calls is a measure of how well the network is performing under heavy traffic loads. Other types of performance measures can include noise, echo and so on.
ATM: In an Asynchronous Transfer Mode (ATM) network, performance can be measured by line rate, quality of service (QoS), data throughput, connect time, stability, technology, modulation technique and modem enhancements.
There are many different ways to measure the performance of a network, as each network is different in nature and design. Performance can also be modeled instead of measured; one example of this is using state transition diagrams to model queuing performance in a circuit-switched network. These diagrams allow the network planner to analyze how the network will perform in each state, ensuring that the network will be optimally designed.
The following measures are often considered important:
Bandwidth – Bandwidth is commonly measured in bits/second is the maximum rate that information can be transferred
Throughput – Throughput is the actual rate that information is transferred
Latency – Latency is the delay between the sender and the receiver decoding it, this is mainly a function of the signals travel time, and processing time at any nodes the information traverses
Jitter – Jitter is the variation in the time of arrival at the receiver of the information
Error Rate – Error rate is the number of corrupted bits expressed as a percentage or fraction of the total sentThe following answers are incorrect:
The other options correctly describe network performance parameters.
Reference:
CISA review manual 2014 page number 275 -
To ensure efficient and economic use of limited resources in supporting a local area network (LAN) infrastructure, it is advisable to:
- periodically rotate vendors to obtain the best price-to-performance ratio.
- standardize on a limited number of device models and software applications.
- quickly upgrade to the latest hardware and software versions to take advantage of new features.
- recommend a variety of products so that user effectiveness and flexibility can be maximized.
-
An organization uses two data centers. Which of the following would BEST address the organization’s need for high resiliency?
- The data centers act as mirrored sites.
- Each data center is recoverable via tape backups.
- A hot site is used for the second site.
- There is data replication across the data centers.
-
Performance monitoring tools report that servers are significantly below their planned utilization. Which of the following would be the BEST recommendation?
- Consolidate physical servers.
- Review the capacity plan.
- Deploy load balancing.
- Reconfigure server settings.
-
Which of the following occurs during the issues management process for a system development project?
- Contingency planning
- Impact assessment
- Configuration management
- Help desk management
-
A security administrator should have read-only access for which of the following?
- Router configuration
- Password policy
- Security logs
- Services/daemons configuration