CISA EXAM QUESTIONS VCE & CISA VALID TEST TOPICS

CISA Exam Questions Vce & CISA Valid Test Topics

CISA Exam Questions Vce & CISA Valid Test Topics

Blog Article

Tags: CISA Exam Questions Vce, CISA Valid Test Topics, Top CISA Questions, Reliable CISA Exam Pattern, Dumps CISA PDF

Hence, memorizing them will help you get prepared for the ISACA CISA examination in a short time. The product of FreePdfDump comes in PDF, desktop practice exam software, and copyright Auditor (CISA) web-based practice test. To give you a complete understanding of these formats, we have discussed their features below.

The CISA Certification is highly valued by employers, as it demonstrates the candidate's expertise in IT audit and security, as well as their commitment to professional development and ongoing education. copyright Auditor certification is also recognized by government agencies and regulatory bodies around the world, making it a valuable asset for professionals working in the public sector or with regulated industries.

>> CISA Exam Questions Vce <<

CISA Valid Test Topics | Top CISA Questions

FreePdfDump ISACA CISA Exam Questions And Answers provide you test preparation information with everything you need. About ISACA CISA exam, you can find these questions from different web sites or books, but the key is logical and connected. Our questions and answers will not only allow you effortlessly through the exam first time, but also can save your valuable time.

ISACA copyright Auditor Sample Questions (Q42-Q47):

NEW QUESTION # 42
Which of the following statements pertaining to IPSec is incorrect?

  • A. Integrity and authentication for IP datagrams are provided by AH.
  • B. In transport mode, ESP only encrypts the data payload of each packet.
  • C. A security association has to be defined between two IPSec systems in order for bi-directional communication to be established.
  • D. ESP provides for integrity, authentication and encryption to IP datagram's.

Answer: C

Explanation:
Explanation/Reference:
This is incorrect, there would be a pair of Security Association (SA) needed for bi directional communication and NOT only one SA. The sender and the receiver would both negotiate an SA for inbound and outbound connections.
The two main concepts of IPSec are Security Associations (SA) and tunneling. A Security Association (SA) is a simplex logical connection between two IPSec systems. For bi-directional communication to be established between two IPSec systems, two separate Security Associations, one in each direction, must be defined.
The security protocols can either be AH or ESP.
NOTE FROM CLEMENT:
The explanations below are a bit more thorough than what you need to know for the exam. However, they always say a picture is worth one thousand words, I think it is very true when it comes to explaining IPSEC and it's inner working. I have found a great article from CISCO PRESS and DLINK covering this subject, see references below.
Tunnel and Transport Modes
IPSec can be run in either tunnel mode or transport mode. Each of these modes has its own particular uses and care should be taken to ensure that the correct one is selected for the solution:
Tunnel mode is most commonly used between gateways, or at an end-station to a gateway, the gateway acting as a proxy for the hosts behind it.
Transport mode is used between end-stations or between an end-station and a gateway, if the gateway is being treated as a host-for example, an encrypted Telnet session from a workstation to a router, in which the router is the actual destination.
As you can see in the Figure 1 graphic below, basically transport mode should be used for end-to-end sessions and tunnel mode should be used for everything else.
FIGURE: 1

IPSEC Transport Mode versus Tunnel Mode
Tunnel and transport modes in IPSec.
Figure 1 above displays some examples of when to use tunnel versus transport mode:
Tunnel mode is most commonly used to encrypt traffic between secure IPSec gateways, such as between the Cisco router and PIX Firewall (as shown in example A in Figure 1). The IPSec gateways proxy IPSec for the devices behind them, such as Alice's PC and the HR servers in Figure 1. In example A, Alice connects to the HR servers securely through the IPSec tunnel set up between the gateways.
Tunnel mode is also used to connect an end-station running IPSec software, such as the Cisco Secure VPN Client, to an IPSec gateway, as shown in example B.
In example C, tunnel mode is used to set up an IPSec tunnel between the Cisco router and a server running IPSec software. Note that Cisco IOS software and the PIX Firewall sets tunnel mode as the default IPSec mode.
Transport mode is used between end-stations supporting IPSec, or between an end-station and a gateway, if the gateway is being treated as a host. In example D, transport mode is used to set up an encrypted Telnet session from Alice's PC running Cisco Secure VPN Client software to terminate at the PIX Firewall, enabling Alice to remotely configure the PIX Firewall securely.
FIGURE: 2

IPSEC AH Tunnel and Transport mode
AH Tunnel Versus Transport Mode
Figure 2 above, shows the differences that the IPSec mode makes to AH. In transport mode, AH services protect the external IP header along with the data payload. AH services protect all the fields in the header that don't change in transport. The header goes after the IP header and before the ESP header, if present, and other higher-layer protocols.
As you can see in Figure 2 above, In tunnel mode, the entire original header is authenticated, a new IP header is built, and the new IP header is protected in the same way as the IP header in transport mode.
AH is incompatible with Network Address Translation (NAT) because NAT changes the source IP address, which breaks the AH header and causes the packets to be rejected by the IPSec peer.
FIGURE: 3
IPSEC ESP Tunnel versus Transport modes

ESP Tunnel Versus Transport Mode
Figure 3 above shows the differences that the IPSec mode makes to ESP. In transport mode, the IP payload is encrypted and the original headers are left intact. The ESP header is inserted after the IP header and before the upper-layer protocol header. The upper-layer protocols are encrypted and authenticated along with the ESP header. ESP doesn't authenticate the IP header itself.
NOTE: Higher-layer information is not available because it's part of the encrypted payload.
When ESP is used in tunnel mode, the original IP header is well protected because the entire original IP datagram is encrypted. With an ESP authentication mechanism, the original IP datagram and the ESP header are included; however, the new IP header is not included in the authentication.
When both authentication and encryption are selected, encryption is performed first, before authentication.
One reason for this order of processing is that it facilitates rapid detection and rejection of replayed or bogus packets by the receiving node. Prior to decrypting the packet, the receiver can detect the problem and potentially reduce the impact of denial-of-service attacks.
ESP can also provide packet authentication with an optional field for authentication. Cisco IOS software and the PIX Firewall refer to this service as ESP hashed message authentication code (HMAC).
Authentication is calculated after the encryption is done. The current IPSec standard specifies which hashing algorithms have to be supported as the mandatory HMAC algorithms.
The main difference between the authentication provided by ESP and AH is the extent of the coverage.
Specifically, ESP doesn't protect any IP header fields unless those fields are encapsulated by ESP (tunnel mode).
The following were incorrect answers for this question:
Integrity and authentication for IP datagrams are provided by AH This is correct, AH provides integrity and authentication and ESP provides integrity, authentication and encryption.
ESP provides for integrity, authentication and encryption to IP datagram's. ESP provides authentication, integrity, and confidentiality, which protect against data tampering and, most importantly, provide message content protection.
In transport mode, ESP only encrypts the data payload of each packet. ESP can be operated in either tunnel mode (where the original packet is encapsulated into a new one) or transport mode (where only the data payload of each packet is encrypted, leaving the header untouched).
Reference(s) used for this question:
Hernandez copyright, Steven (2012-12-21). Official (ISC)2 Guide to the copyright CBK, Third Edition ((ISC)2 Press) (Kindle Locations 6986-6989). Acerbic Publications. Kindle Edition.
and
http://www.ciscopress.com/articles/article.asp?p=25477
and
http://documentation.netgear.com/reference/sve/vpn/VPNBasics-3-05.html


NEW QUESTION # 43
Which of the following is of greatest concern when performing an IS audit?

  • A. Users' ability to indirectly modify the database
  • B. Users' ability to directly modify the database
  • C. Users' ability to submit queries to the database
  • D. Users' ability to directly view the database

Answer: B

Explanation:
Explanation/Reference:
A major IS audit concern is users' ability to directly modify the database.


NEW QUESTION # 44
Which of the following provides the MOST useful information regarding an organization's risk appetite and tolerance?

  • A. Risk profile
  • B. Audit reports
  • C. Risk register
  • D. Gap analysis

Answer: A

Explanation:
The most useful information regarding an organization's risk appetite and tolerance is provided by its risk profile, as this is a document that summarizes the key risks that the organization faces, the potential impacts and likelihoods of those risks, and the acceptable levels of risk exposure for different objectives and activities.
A gap analysis is a tool that compares the current state and the desired state of a process or a system, and identifies the gaps that need to be addressed. Audit reports are documents that present the findings, conclusions, and recommendations of an audit engagement. A risk register is a tool that records and tracks the identified risks, their causes, their consequences, and their mitigation actions. References: CISA Review Manual (Digital Version), Chapter 2: Governance and Management of IT, Section 2.1: IT Governance


NEW QUESTION # 45
During a review of a business continuity plan, an IS auditor noticed that the point at which a situation is declared to be a crisis has not been defined. The MAJOR risk associated with this is that:

  • A. execution of the disaster recovery plan could be impacted.
  • B. assessment of the situation may be delayed.
  • C. potential crisis recognition might be ineffective.
  • D. notification of the teams might not occur.

Answer: A

Explanation:
Execution of the business continuity plan would be impacted if the organization does not know when to declare a crisis. Choices A, C and D are steps that must be performed to know whether to declare a crisis. Problem and severity assessment would provide information necessary in declaring a disaster. Once a potential crisis is recognized, the teams responsible for crisis management need to be notified. Delaying this step until a disaster has been declared would negate the effect of having response teams. Potential crisis recognition is the first step in responding to a disaster.


NEW QUESTION # 46
Which type of device sits on the perimeter of a corporate of home network, where it obtains a public IP address and then generates private IP addresses internally?

  • A. Router
  • B. Switch
  • C. Intrusion prevention system (IPS)
  • D. Gateway

Answer: A

Explanation:
Explanation
A router is a type of device that sits on the perimeter of a corporate or home network, where it obtains a public IP address and then generates private IP addresses internally. A router connects two or more networks and forwards packets between them based on routing rules. A router can also provide network address translation (NAT) functionality, which allows multiple devices to share a single public IP address and access the internet.
A switch is a type of device that connects multiple devices within a network and forwards packets based on MAC addresses. An intrusion prevention system (IPS) is a type of device that monitors network traffic and blocks or modifies malicious packets based on predefined rules. A gateway is a type of device that acts as an interface between different networks or protocols, such as a modem or a firewall. References: CISA Review Manual (Digital Version), [ISACA Glossary of Terms]


NEW QUESTION # 47
......

Today is the right time to learn new and in demands skills. You can do this easily, just get registered in copyright Auditor CISA certification exam and start preparation with ISACA CISA exam dumps. The copyright Auditor CISA pdf questions and practice test are ready for download. Just pay the affordable ISACA CISA authentic dumps charges and click on the download button. Get the Channel Partner Program copyright Auditor CISA latest dumps and start preparing today.

CISA Valid Test Topics: https://www.freepdfdump.top/CISA-valid-torrent.html

Report this page