Ensurepass

 

QUESTION 211

What is often the most difficult part of initial efforts in application development? Choose the BEST answer.

 

A.

Configuring software

B.

Planning security

C.

Determining time and resource requirements

D.

Configuring hardware

 

Correct Answer: C

Explanation:

Determining time and resource requirements for an application-development project is often the most difficult part of initial efforts in application development.

 

 

QUESTION 212

What topology provides the greatest redundancy of routes and the greatest network fault tolerance?

 

A.

A star network topology

B.

A mesh network topology with packet forwarding enabled at each host

C.

A bus network topology

D.

A ring network topology

 

Correct Answer: B

Explanation:

A mesh network topology provides a point-to-point link between every network host. If each host is configured to route and forward communication, this topology provides the greatest redundancy of routes and the greatest network fault tolerance.

 

 

QUESTION 213

What increases encryption overhead and cost the most?

 

A.

A long symmetric encryption key

B.

A long asymmetric encryption key

C.

A long Advance Encryption Standard (AES) key

D.

A long Data Encryption Standard (DES) key

 

Correct Answer: B

Explanation:

A long asymmetric encryption key (public key encryption) increases encryption overhead and cost. All other
answers are single shared symmetric keys.

 

 

QUESTION 214

Which of the following is of greatest concern to the IS auditor?

 

A.

Failure to report a successful attack on the network

B.

Failure to prevent a successful attack on the network

C.

Failure to recover from a successful attack on the network

D.

Failure to detect a successful attack on the network

 

Correct Answer: A

Explanation:

Lack of reporting of a successful attack on the network is a great concern to an IS auditor.

 

 

QUESTION 215

How does the process of systems auditing benefit from using a risk-based approach to audit planning?

 

A.

Controls testing starts earlier.

B.

Auditing resources are allocated to the areas of highest concern.

C.

Auditing risk is reduced.

D.

Controls testing is more thorough.

 

Correct Answer: B

Explanation:

Allocation of auditing resources to the areas of highest concern is a benefit of a risk-based approach to audit planning.

 

 

QUESTION 216

Which of the following is a passive attack method used by intruders to determine potential network vulnerabilities?

 

A.

Traffic analysis

B.

SYN flood

C.

Denial of service (DoS)

D.

Distributed denial of service (DoS)

 

Correct Answer: A

Explanation:

Traffic analysis is a passive attack method used by intruders to determine potential network vulnerabilities. All others are active attacks.

 

 

QUESTION 217

Proper segregation of duties prohibits a system analyst from performing quality- assurance functions. True or false?

 

A.

True

B.

False

 

Correct Answer: A

Explanation:

Proper segregation of duties prohibits a system analyst from performing quality-assurance functions.

QUESTION 218

A database administrator is responsible for:

 

A.

defining data ownership.

B.

establishing operational standards for the data dictionary.

C.

creating the logical and physical database.

D.

establishing ground rules for ensuring data integrity and security.

 

Correct Answer: C

Explanation:

A database administrator is responsible for creating and controlling the logical and physical database. Defining data ownership resides with the head of the user department or top management if the data is common to the organization. IS management and the data administrator are responsible for establishing operational standards for the data dictionary. Establishing ground rules for ensuring data integrity and security in line with the corporate security policy is a function of the security administrator.

 

 

QUESTION 219

A hardware control that helps to detect errors when data are communicated from one computer to another is known as a:

 

A.

duplicate check.

B.

table lookup.

C.

validity check.

D.

parity check.

 

Correct Answer: D

Explanation:

A parity check will help to detect data errors when data are read from memory or communicated from one computer to another. A one-bit digit (either 0 or 1) is added to a data item to indicate whether the sum of that data item’s bit is odd or even. When the parity bit disagrees with the sum of the other bits, an error report is generated.

 

 

QUESTION 220

Which of the following network configuration options contains a direct link between any two host machines?

 

A.

Bus

B.

Ring

C.

Star

D.

Completely connected (mesh)

 

Correct Answer: D

Explanation:

A completely connected mesh configuration creates a direct link between any two host machines.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.