Free Access to ISACA.CISA.v2022-02-26.q471 with Valid Practice Test (Page 86)

Question 421

Which of the following controls BEST ensures appropriate segregation of duties within an accounts payable department?

A.Restricting access to update programs to accounts payable staff only
B.Ensuring that audit trails exist for transactions
C.Restricting program functionality according to user security profiles
D.Including the creators user ID as a field in every transaction record created

Question 422

Which of the following types of firewall treats each network frame or packet in isolation?

A.statefull firewall
B.hardware firewall
C.combination firewall
D.packet filtering firewall
E.stateless firewall
F.None of the choices.

Question 423

Which of the following functionality is NOT supported by SSL protocol?

A.Confidentiality
B.Integrity
C.Authentication
D.Availability

Correct Answer: D

Explanation/Reference:
The NOT is a keyword used in this question. You need to find out the functionality which is NOT provided by SSL protocol. The SSL protocol provides:
Confidentiality
Integrity
Authentication, e.g. between client and server
Non-repudiation
For CISA exam you should know the information below about Secure Socket Layer (SSL) and Transport Layer Security (TLS)
These are cryptographic protocols which provide secure communication on Internet. There are only slight difference between SSL 3.0 and TLS 1.0. For general concept both are called SSL.
SSL is session-connection layer protocol widely used on Internet for communication between browser and web servers, where any amount of data is securely transmitted while a session is established. SSL provides end point authentication and communication privacy over the Internet using cryptography. In typical use, only the server is authenticated while client remains unauthenticated. Mutual authentication requires PKI development to clients. The protocol allows application to communicate in a way designed to prevent eavesdropping, tampering and message forging.
SSL involves a number of basic phases
Peer negotiation for algorithm support
Public-key, encryption based key exchange and certificate based authentication Symmetric cipher based traffic encryption.
SSL runs on a layer beneath application protocol such as HTTP, SMTP and Network News Transport Protocol (NNTP) and above the TCP transport protocol, which forms part of TCP/IP suite.
SSL uses a hybrid hashed, private and public key cryptographic processes to secure transmission over the INTERNET through a PKI.
The SSL handshake protocol is based on the application layer but provides for the security of the communication session too. It negotiates the security parameter for each communication section. Multiple session can belong to one SSL session and the participating in one session can take part in multiple simultaneous sessions.
The following were incorrect answers:
Confidentiality - It is supported by the SSL Protocol
Integrity -It is supported by the SSL Protocol
Authentication - It is supported by the SSL protocol
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 352

Question 424

What is wrong with a Black Box type of intrusion detection system?

A.you cannot patch it
B.you cannot test it
C.you cannot examine its internal workings from outside.
D.you cannot tune it
E.None of the choices.

Question 425

The MAJOR consideration for an IS auditor reviewing an organization's IT project portfolio is the:

A.IT budget.
B.existing IT environment.
C.business plan.
D.investment plan.

Question 421

Question 422

Question 423

Question 424

Question 425

Download PDF File