Ensurepass

 

QUESTION 611

An IS auditor should review the configuration of which of the following protocols to detect unauthorized mappings between the IP address and the media access control (MAC) address?

 

A.

Simple Object Access Protocol (SOAP)

B.

Address Resolution Protocol (ARP)

C.

Routing Information Protocol (RIP)

D.

Transmission Control Protocol (TCP)

 

Correct Answer: B

Explanation:

Address Resolution Protocol (ARP) provides dynamic address mapping between an IP address and hardware address. Simple Object Access Protocol (SOAP) is a platform- independent XML-based protocol, enabling applications to communicate with each other over the Internet, and does not d
eal with media access control (MAC) addresses. Routing Information Protocol (RIP) specifies how routers exchange routing table information. Transmission Control Protocol (TCP) enables two hosts to establish a connectionand exchange streams of data.

 

 

QUESTION 612

Which of the following types of transmission media provide the BEST security against unauthorized access?

 

A.

Copper wire

B.

Twisted pair

C.

Fiberoptic cables

D.

Coaxial cables

 

Correct Answer: C

Explanation:

Fiberoptic cables have proven to be more secure than the other mediA. Satellite transmission and copper wire can be violated with inexpensive equipment. Coaxial cable can also be violated more easily than other transmission media.

 

 

QUESTION 613

Which of the following will help detect changes made by an intruder to the system log of a server?

 

A.

Mirroring the system log on another server

B.

Simultaneously duplicating the system log on a write-once disk

C.

Write-protecting the directory containing the system log

D.

Storing the backup of the system log offsite

 

Correct Answer: B

Explanation:

A write-once CD cannot be overwritten. Therefore, the system log duplicated on the disk could be compared to the original log to detect differences, which could be the result of changes made by an intruder. Write-protecting the system log does not prevent deletion or modification, since the superuser can override the write protection. Backup and mirroring may overwrite earlier files and may not be current.

 

 

QUESTION 614

In a client-server architecture, a domain name service (DNS) is MOST important because it provides the:

 

A.

address of the domain server.

B.

resolution service for the name/address.

C.

IP addresses for the internet.

D.

domain name system.

 

Correct Answer: B

Explanation:

DNS is utilized primarily on the Internet for resolution of the name/address of the web site. It is an Internet service that translates domain names into IP addresses. As names are alphabetic, they are easier to remember. However, the Internet is based on IP addresses. Every time a domain name is used, a DNS service must translate the name into the corresponding IP address. The DNS system has its own network, if one DNS server does not know how to translate a particular domain name, it asks another one, and so on, until the correct IP address is returned.

 

 

QUESTION 615

Which of the following database controls would ensure that the integrity of transactions is maintained in an online transaction processing system’s database?

 

A.

Authentication controls

B.

Data normalization controls

C.

Read/write access log controls

D.

Commitment and rollback controls

 

Correct Answer: D

Explanation:

Commitment and rollback controls are directly relevant to integrity. These controls ensure that database operations that form a logical transaction unit will complete in its entirety or not at all; i.e., if, for some reason, a transaction cannot be fully completed, then incomplete inserts/updates/deletes are rolled back so that the database returns to its pretransaction state. All other choices would not address transaction integrity.

 

 

QUESTION 616

Which of the following is a control over component communication failure/errors?

 

A.

Restricting operator access and maintaining audit trails

B.

Monitoring and reviewing system engineering activity

C.

Providing network redundancy

D.

Establishing physical barriers to the data transmitted over the network

 

Correct Answer: C

Explanation:

Redundancy by building some form of duplication into the network components, such as a link, router or switch to prevent loss, delays or data duplication is a control over component communication failure or error. Other related controls are loop/echochecks to detect line errors, parity checks, error correction codes and sequence checks. Choices A, B and D are communication network controls.

 

 

QUESTION 617

In a client-server system, which of the following control techniques is used to inspect activity from known or unknown users?

 

A.

Diskless workstations

B.

Data encryption techniques

C.

Network monitoring devices

D.

Authentication systems

 

Correct Answer: C

Explanation:

Network monitoring devices may be used to inspect activities from known or unknown users and can identify client addresses, which may assist in finding evidence of unauthorized access. This serves as a detective control. Diskless workstations preventaccess control software from being bypassed. Data encryption techniques can help protect sensitive or propriety data from unauthorized access, thereby serving as a preventive control. Authentication systems may provide environmentwide, logical facilities that can differentiate among users, before providing access to systems.

 

 

QUESTION 618

When performing a database review, an IS auditor notices that some tables in the database are not normalized. The IS auditor should next:

 

A.

recommend that the database be normalized.

B.

review the conceptual data model.

C.

review the stored procedures.

D.

review the justification.

 

Correct Answer: D

Explanation:

If the database is not normalized, the IS auditor should review the justification since, in some situations, denormalization is recommended for performance reasons. The IS auditor should not recommend normalizing the database until further investigation takes place. Reviewing the conceptual data model or the stored procedures will not provide information about normalization.

 

 

QUESTION 619

After installing a network, an organization installed a vulnerability assessment tool or security scanner to identify possible weaknesses. Which is the MOST serious risk associated with such tools?

 

A.

Differential reporting

B.

False-positive reporting

C.

False-negative reporting

D.

Less-detail reporting

 

Correct Answer: C

Explanation:

False-negative reporting on weaknesses means the control weaknesses in the network are not identified and therefore may not be addressed, leaving the network vulnerable to attack. False-positive reporting is one in which the controls are in place, but are evaluated as weak, which should prompt a rechecking of the controls. Less-detail reporting and differential reporting functions provided by these tools compare scan results over a period of time.

 

 

QUESTION 620

An IS auditor should recommend the use of library control software to provide reasonable assurance that:

 

A.

program changes have been authorized.

B.

only thoroughly tested programs are released.

C.

modified programs are automatically moved to production.

D.

source and executable code integrity is maintained.

 

Correct Answer: A

Explanation:

Library control software should be used to separate test from production libraries in mainframe and/or client server environments. The main objective of library control software is to provide assurance that program changes have been authorized. Library control software is concerned with authorized program changes and would not automatically move modified programs into production and cannot determine whether programs have been thoroughly tested. Library control software provides reasonable assurance that the source code and executable code are matched at the time a source code is moved to production. However, subsequent events such as a hardware failure can result in a lack of consistency between source and executable code.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.