Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 2051:

  When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the firewall and: A. the Internet.

  B. the demilitarized zone (DMZ).

  C. the organization's web server.

  D. the organization's network.

  Correct Answer. A
  A

  ---

  Explanation

  When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor's best recommendation is to place an intrusion detection system (IDS) between the firewall and the Internet, as this would provide an additional layer of security and alert the organization of any malicious traffic that bypasses or penetrates the firewall. Placing an IDS between the firewall and the demilitarized zone (DMZ), the organization's web server, or the organization's network would not be as effective, as it would only monitor the traffic that has already passed through the firewall.

  References: CISA Review Manual (Digital Version), Chapter 5, Section 5.4.3

• Question 2052:

  Which of the following component of an expert system enables the expert system to collect data from nonhuman sources, such as measurement instruments in a power plant?

  A. Decision tree
  B. Rules
  C. Semantic nets
  D. Data interface
  D. Data interface

  ---

  Explanation

  Data Interface enables the expert system to collect data from nonhuman sources, such as measurement instruments in a power plant.

  For CISA Exam you should know below information about Artificial Intelligence and Expert System

  Artificial intelligence is the study and application of the principles by which:

  Knowledge is acquired and used

  Goals are generated and achieved

  Information is communicated

  Collaboration is achieved

  Concepts are formed

  Languages are developed

  Two main programming languages that have been developed for artificial intelligence are LISP and PROLOG.

  Expert system are compromised primary components, called shells, when they are not populated with particular data, and the shells are designed to host new expert system.

  Keys to the system is the knowledge base (KB), which contains specific information or fact patterns associated with a particular subject matter and the rule for interpreting these facts. The KB interface with a database in obtaining data to

  analyze a particular problem in deriving an expert conclusion. The information in the KB can be expressed in several ways:

  Decision Tree ?Using questionnaires to lead the user through a series of choices, until a conclusion is reached. Flexibility is compromised because the user must answer the questions in an exact sequence.

  Rule ?Expressing declarative knowledge through the use of if-then relationships. For example, if a patient's body temperature is over 39 degrees Celsius and their pulse is under 60, then they might be suffering from a certain disease.

  Semantic nets ?Consist of a graph in which the node represent physical or conceptual object and the arcs describe the relationship between the nodes. Semantic nets resemble a data flow diagram and make use of an inheritance mechanism

  to prevent duplication of a data.

  Additionally, the inference engine shown is a program that uses the KB and determines the most appropriate outcome based on the information supplied by the user. In addition, an expert system includes the following components

  Knowledge interface ?Allows the expert to enter knowledge into the system without the traditional mediation of a software engineer.

  Data Interface ?Enables the expert system to collect data from nonhuman sources, such as measurement instruments in a power plant.

  The following were incorrect answers:

  Decision Tree ?Using questionnaires to lead the user through a series of choices, until a conclusion is reached. Flexibility is compromised because the user must answer the questions in an exact sequence.

  Rule - Expressing declarative knowledge through the use of if-then relationships.

  Semantic nets - Semantic nets consist of a graph in which the node represent physical or conceptual object and the arcs describe the relationship between the nodes.

  CISA review manual 2014 Page number 187

• Question 2053:

  Which of the following features would BEST address risk associated with data at rest when evaluating a data loss prevention (DLP) solution?

  A. Printing of scan files
  B. File movement detection
  C. Enforcement of access policies
  D. Storage-scanning technology
  D. Storage-scanning technology

  ---

  Explanation

• Question 2054:

  An organization has purchased a replacement mainframe computer to cope with the demands of increased business. Which of the following should be the PRIMARY concern of an IS auditor?

  A. The disaster recovery plan has been reviewed and updated.
  B. Application access controls are adequate.
  C. Appropriate tender evaluation processes have been followed.
  D. The procurement is within the planned budget for the year.
  C. Appropriate tender evaluation processes have been followed.

  ---

  Explanation

• Question 2055:

  The MOST important measure of the effectiveness of an organization's security program is the: A. comparison with critical incidents experienced by competitors.

  B. number of vulnerability alerts escalated to senior management.

  C. number of new vulnerabilities reported.

  D. adverse impact of incidents on critical business activities.

  Correct Answer. D
  D

  ---

  Explanation

• Question 2056:

  A start-up company acquiring servers for its order-taking system is unable to predict the volume of transactions. Which of the following is MOST important for the company to consider?

  A. Scalability
  B. Configuration
  C. Optimization
  D. Compatibility
  A. Scalability

  ---

  Explanation

• Question 2057:

  Which of the following is an organization's BEST defense against malware?

  A. Documented security procedures
  B. Intrusion prevention system (IPS)
  C. Security awareness training
  D. Intrusion detection system (IDS)
  D. Intrusion detection system (IDS)

  ---

  Explanation

• Question 2058:

  Which of the following types of firewalls provides the GREATEST degree of control against hacker intrusion?

  A. Packet filtering router
  B. Circuit gateway
  C. Application-level gateway
  D. Screening router.
  C. Application-level gateway

  ---

  Explanation

• Question 2059:

  What would be of GREATEST concern to an IS auditor observing shared key cards being utilized to access an organization's data center?

  A. The lack of a multi-factor authentication system
  B. The inability to identify who has entered the data center
  C. The inability to track the number of misplaced cards
  D. The lack of enforcement of organizational policy and procedures
  B. The inability to identify who has entered the data center

  ---

  Explanation

• Question 2060:

  An IS auditor has been asked to provide support to the control self-assessment (CSA) program. Which of the following BEST represents the scope of the auditor's role in the program?

  A. The auditor should act as a program facilitator.
  B. The auditor should focus on improving process productivity
  C. The auditor should perform detailed audit procedures
  D. The auditor's presence replaces the audit responsibilities of other team members.
  A. The auditor should act as a program facilitator.

  ---

  Explanation