Isaca CISA Quiz 147 Topic 6 Questions 731-735

Question: 1

A perpetrator looking to gain access to and gather information about encrypted data

being transmitted over the network would use:

Aeavesdropping.

Bspoofing.

Ctraffic analysis.

Dmasquerading.

Show Answer

Question: 2

Upon receipt of the initial signed digital certificate the user will decrypt the certificate

with the public key of the:

Aregistration authority (RA).

Bcertificate authority (CA).

Ccertificate repository.

Dreceiver.

Show Answer

Question: 3

IS management is considering a Voice-over Internet Protocol (VoIP) network to reduce telecommunication costs and management asked the IS auditor to comment on appropriate security controls. Which of the following security measures is MOST appropriate?

AReview and, where necessary, upgrade firewall capabilities

BInstall modems to allow remote maintenance support access

CCreate a physically distinct network to handle VoIP traffic

DRedirect all VoIP traffic to allow clear text logging of authentication credentials

Show Answer

Question: 4

Which of the following intrusion detection systems (IDSs) will MOST likely generate false alarms resulting from normal network activity?

AStatistical-based

BSignature-based

CNeural network

DHost-based

Show Answer

Question: 5

When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the:

Ahardware is protected against power surges.

Bintegrity is maintained if the main power is interrupted.

Cimmediate power will be available if the main power is lost.

Dhardware is protected against long-term power fluctuations.

Show Answer

Isaca CISA Quiz:147 Topic:6 Questions:731-735