Isaca CISA Quiz 149 Topic 3 Questions 741-745

Question: 1

Which of the following penetration tests would MOST effectively evaluate incident handling and response capabilities of an organization?

ATargeted testing

BExternal testing

Cinternal testing

DDouble-blind testing

Show Answer

Question: 2

When protecting an organization's IT systems, which of the following is normally the next line of defense after the network firewall has been compromised?

APersonal firewall

BAntivirus programs

CIntrusion detection system (IDS)

DVirtual local area network (VLAN) configuration

Show Answer

Question: 3

In wireless communication, which of the following controls allows the device receiving the communications to verify that the received communications have not been altered in transit?

ADevice authentication and data origin authentication

BWireless intrusion detection (IDS) and prevention systems (IPS)

CThe use of cryptographic hashes

DPacket headers and trailers

Show Answer

Question: 4

An organization is planning to replace its wired networks with wireless networks. Which of the following would BEST secure the wireless network from unauthorized access?

AImplement Wired Equivalent Privacy (WEP)

BPermit access to only authorized Media Access Control (MAC) addresses

CDisable open broadcast of service set identifiers (SSID)

DImplement Wi-Fi Protected Access (WPA) 2

Show Answer

Question: 5

An IS auditor is reviewing a software-based firewall configuration. Which of the following represents the GREATEST vulnerability? The firewall software:

Ais configured with an implicit deny rule as the last rule in the rule base.

Bis installed on an operating system with default settings.

Chas been configured with rules permitting or denying access to systems or networks.

Dis configured as a virtual private network (VPN) endpoint.

Show Answer

Isaca CISA Quiz:149 Topic:3 Questions:741-745