Free Access to ISACA.CISA.v2022-02-26.q471 with Valid Practice Test (Page 40)

Question 191

Which of the following recovery strategies is MOST appropriate for a business having multiple offices within
a region and a limited recovery budget?

A.A hot site maintained by the business
B.A commercial cold site
C.A reciprocal arrangement between its offices
D.A third-party hot site

Question 192

For an organization which uses a VoIP telephony system exclusively, the GREATEST concern associated with leaving a connected telephone in an unmonitored public area is the possibility of:

A.unauthorized use leading to theft of services and financial loss,
B.theft of destruction of an expensive piece of electronic equipment.
C.connectivity issues when used with an analog local exchange earner.
D.network compromise due to the introduction of malware.

Question 193

Which of the following attack could be avoided by creating more security awareness in the organization and provide adequate security knowledge to all employees?

A.surf attack
B.Traffic analysis
C.Phishing
D.Interrupt attack

Correct Answer: C

Explanation/Reference:
Phishing techniques include social engineering, link manipulation, spear phishing, whaling, dishing, or web site forgery techniques.
For your exam you should know the information below:
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
Spear phishing
Phishing attempts directed at specific individuals or companies have been termed spear phishing.
Attackers may gather personal information about their target to increase their probability of success.
Link manipulation
Most methods of phishing use some form of technical deception designed to make a link in an email (and the spoofed website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of sub domains are common tricks used by phishes. In the following example URL, http:// www.yourbank.example.com/, it appears as though the URL will take you to the example section of the your bank website; actually this URL points to the "your bank" (i.e. phishing) section of the example website. Another common trick is to make the displayed text for a link (the text between the tags) suggest a reliable destination, when the link actually goes to the phishes' site. The following example link, // en.wikipedia.org/wiki/Genuine, appears to direct the user to an article entitled "Genuine"; clicking on it will in fact take the user to the article entitled "Deception". In the lower left hand corner of most browsers users can preview and verify where the link is going to take them. Hovering your cursor over the link for a couple of seconds may do a similar thing, but this can still be set by the phishes through the HTML tooltip tag.
Website forgery
Once a victim visits the phishing website, the deception is not over. Some phishing scams use JavaScript commands in order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original bar and opening up a new one with the legitimate URL.
An attacker can even use flaws in a trusted website's own scripts against the victim. These types of attacks (known as cross-site scripting) are particularly problematic, because they direct the user to sign in at their bank or service's own web page, where everything from the web address to the security certificates appears correct. In reality, the link to the website is crafted to carry out the attack, making it very difficult to spot without specialist knowledge.
The following answers are incorrect:
Smurf Attack - Occurs when mix-configured network device allow packet to be sent to all hosts on a particular network via the broadcast address of the network Traffic analysis - is the process of intercepting and examining messages in order to deduce information from patterns in communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic. Traffic analysis can be performed in the context of military intelligence, counter-intelligence, or pattern-of-life analysis, and is a concern in computer security.
Interrupt attack- Interrupt attack occurs when a malicious action is performed by invoking the operating system to execute a particular system call.
Following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 323
Official ISC2 guide to CISSP CBK 3rd Edition Page number 493
http://en.wikipedia.org/wiki/Phishing

Question 194

Which of the following is a dynamic analysis tool for the purpose of testing software modules?

A.Blackbox test
B.Desk checking
C.Structured walk-through
D.Design and code

Question 195

Which of the following device in Frame Relay WAN technique is generally customer owned device that provides a connectivity between company's own network and the frame relays network?

A.DTE
B.DCE
C.DME
D.DLE

Correct Answer: A

Explanation/Reference:
Data Terminal Equipment (DTE) - Usually a customer owned device that provides connectivity between company's own network and the frame relay's network.
For your exam you should know below information about WAN Technologies:
Point-to-point protocol
PPP (Point-to-Point Protocol) is a protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. For example, your Internet server provider may provide you with a PPP connection so that the provider's server can respond to your requests, pass them on to the Internet, and forward your requested Internet responses back to you.
PPP uses the Internet protocol (IP) (and is designed to handle other protocol as well). It is sometimes considered a member of the TCP/IP suite of protocols. Relative to the Open Systems Interconnection (OSI) reference model, PPP provides layer 2 (data-link layer) service. Essentially, it packages your computer's TCP/IP packets and forwards them to the server where they can actually be put on the Internet.
PPP is a full-duplex protocol that can be used on various physical media, including twisted pair or fiber optic lines or satellite transmission. It uses a variation of High Speed Data Link Control (HDLC) for packet encapsulation.
PPP is usually preferred over the earlier de facto standard Serial Line Internet Protocol (SLIP) because it can handle synchronous as well as asynchronous communication. PPP can share a line with other users and it has error detection that SLIP lacks. Where a choice is possible, PPP is preferred.
Point-to-point protocol

Image from:http://withfriendship.com/images/g/31728/a-pointtopoint-protocol.png
X.25
X.25 is an ITU-T standard protocol suite for packet switched wide area network (WAN) communication.
X.25 is a packet switching technology which uses carrier switch to provide connectivity for many different networks.
Subscribers are charged based on amount of bandwidth they use. Data are divided into 128 bytes and encapsulated in High Level Data Link Control (HDLC).
X.25 works at network and data link layer of an OSI model.
X.25

Image from:http://www.sangoma.com/assets/images/content/tutorials_x25_1.gif Frame Relay Works as packet switching Operates at data link layer of an OSI model Companies that pay more to ensure that a higher level of bandwidth will always be available, pay a committed information rate or CIR Two main types of equipment's are used in Frame Relay
1. Data Terminal Equipment (DTE) - Usually a customer owned device that provides connectivity between company's own network and the frame relay's network.
2. Data Circuit Terminal Equipment (DCE) - Service provider device that does the actual data transmission and switching in the frame relay cloud.
The Frame relay cloud is the collection of DCE that provides that provides switching and data communication functionality. Frame relay is any to any service.
Frame Relay

Image from: http://www.cpcstech.com/images/frame-2.jpg
Integrated Service Digital Network (ISDN)
Enables data, voice and other types of traffic to travel over a medium in a digital manner previously used only for analog voice transmission.
Runs on top of the Plain Old Telephone System (POTS). The same copper telephone wire is used.
Provide digital point-to-point circuit switching medium.
ISDN

Image from: http://www.hw-server.com/obrazek/network_topology
Asynchronous Transfer Mode (ATM)
Uses Cell switching method
High speed network technology used for LAN, MAN and WAN
Like frame relay it is connection oriented technology which creates and uses fixed channel Data are segmented into fixed size cell of 53 bytes Some companies have replaces FDDI back-end with ATM Asynchronous Transfer Mode

Image from: http://html.rincondelvago.com/000050700.png
Multiprotocol Label Switching (MPLS)
Multiprotocol Label Switching (MPLS) is a standard-approved technology for speeding up network traffic flow and making things easier to manage.MPLS involves setting up a specific path for a given sequence of packets, identified by a label put in each packet, thus saving the time needed for a router to look up the address to the next node to forward the packet to.
MPLS is called multiprotocol because it works with the Internet Protocol (IP), Asynchronous Transport Mode (ATM), and frame relay network protocols.
In reference to the Open Systems Interconnection, or OSI model, MPLS allows most packets to be forwarded at Layer 2 (switching) level rather than at the Layer 3 (routing) level.
In addition to moving traffic faster overall, MPLS makes it easy to manage a network for quality of service (QoS). For these reasons, the technique is expected to be readily adopted as networks begin to carry more and different mixtures of traffic.
MPLS

Image from: http://www.carrierbid.com/wp-content/uploads/2011/01/mpls1.gif The following answers are incorrect:
DCE - Data Circuit Terminal Equipment (DCE) is a service provider device that does the actual data transmission and switching in the frame relay cloud.
DME - Not a valid frame relay technique
DLE - Not a valid frame relay technique
The following reference(s) were/was used to create this question:
CISA review manual 2014 page number 266

Question 191

Question 192

Question 193

Question 194

Question 195

Download PDF File