Free Access to ISACA.CISA.v2022-02-26.q471 with Valid Practice Test (Page 32)

Request Exam Contact

Home
View All Exams
New QA's
Upload

PRACTICE EXAMS:

Oracle
Fortinet
Juniper
Microsoft
Cisco
Citrix
CompTIA
VMware
SAP
EMC
PMI
HP
Salesforce
Other

Oracle
Fortinet
Juniper
Microsoft
Cisco
Citrix
CompTIA
VMware
SAP
EMC
PMI
HP
Salesforce

Home
ISACA Certification
CISA Exam
ISACA.CISA.v2022-02-26.q471 Dumps

««
«
…
27
28
29
30
31
32
33
34
35
36
…
»
»»

Question 151

An IS auditor is reviewing access to an application to determine whether the 10 most recent "new user" forms were correctly authorized. This is an example of:

A.variable sampling.
B.substantive testing.
C.compliance testing.
D.stop-or-go sampling.

Correct Answer: C

Explanation/Reference:
Explanation:
Compliance testing determines whether controls are being applied in compliance with policy. This includes tests to determine whether new accounts were appropriately authorized. Variable sampling is used to estimate numerical values, such as dollar values. Substantive testing substantiates the integrity of actual processing, such as balances on financial statements. The development of substantive tests is often dependent on the outcome of compliance tests. If compliance tests indicate that there are adequate internal controls, then substantive tests can be minimized. Stop-or-go sampling allows a test to be stopped as early as possible and is not appropriate for checking whether procedures have been followed.

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 152

The network of an organization has been the victim of several intruders' attacks. Which of the following measures would allow for the early detection of such incidents?

A.Antivirus software
B.Hardening the servers
C.Screening routers
D.Honeypots

Correct Answer: D

Section: Protection of Information Assets
Explanation:
Honeypots can collect data on precursors of attacks. Since they serve no business function, honeypots are hosts that have no authorized users other than the honeypot administrators. All activity directed at them is considered suspicious. Attackers will scan and attack honeypots, giving administrators data on new trends and attack tools, particularly malicious code. However, honeypots are a supplement to, not a replacement for, properly securing networks, systems and applications. If honeypots are to be used by an organization, qualified incident handlers and intrusion detection analysts should manage them. The other choices do not provide indications of potential attacks.

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 153

Which of the following is a good tool to use to help enforcing the deployment of good passwords?

A.password cracker
B.local DoS attacker
C.network hacker
D.remote windowing tool
E.None of the choices.

Correct Answer: A

"Passwords are the first defensive line in protecting your data and information. Your users need to be made aware of what a password provides them and what can be done with their password. They also need to be made aware of the things that make up a good password versus a bad password. A good password has mixed-case alphabetic characters, numbers, and symbols. Do use a password that is at least eight or more characters. You may want to run a ""password cracker"" program periodically, and require users to immediately change any easily cracked passwords. In any case ask them to change their passwords every 90 to 120 days."

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 154

Which of the following is the MOST effective way to verify an organization's ability to continue its essential business operations after a disruption event? Analysis of:

A.end-to-end recovery flow
B.recovery point objectives (RPOs)
C.call trees
D.business impact analysis (BIA)

Correct Answer: D

Section: Information System Operations, Maintenance and Support

Comment: *

Name: *

Email: *

Verification: *

insert code

Question 155

What process is used to validate a subject's identity?

A.Identification
B.Nonrepudiation
C.Authorization
D.Authentication

Correct Answer: D

Explanation/Reference:
Authentication is used to validate a subject's identity.

Comment: *

Name: *

Email: *

Verification: *

insert code

««
«
…
27
28
29
30
31
32
33
34
35
36
…
»
»»

[×]

Download PDF File

Enter your email address to download ISACA.CISA.v2022-02-26.q471 Dumps

Email:

Our website provides the Largest and the most Latest vendors Certification Exam materials around the world.

Using dumps we provide to Pass the Exam, we has the Valid Dumps with passing guranteed just which you need.

DMCA
About
Contact Us
Privacy Policy
Terms & Conditions

©2026 FreeQAs

www.freeqas.com materials do not contain actual questions and answers from Cisco's certification exams.

Web Analytics Made Easy - Statcounter