An IS auditor is evaluating an organization's IT strategy and plans. Which of the following would be of GREATEST concern?
Correct Answer: B
Question 607
As part of business continuity planning, which of the following is MOST important to assess when conducting a business impact analysis (BIA)?
Correct Answer: D
Question 608
To install backdoors, hackers generally prefer to use:
Correct Answer: A
A backdoor is a method of bypassing normal authentication procedures. Many computer manufacturers used to preinstall backdoors on their systems to provide technical support for customers. Hackers typically use backdoors to secure remote access to a computer, while attempting to remain hidden from casual inspection. To install backdoors, hackers prefer to use either Trojan horse or computer worm.
Question 609
Which of the following Is essential to an effective continuous improvement program within the IS department?
Correct Answer: A
Question 610
Which of the following is the MOST effective way to identify exfiltration of sensitive data by a malicious insider?
Correct Answer: D
Explanation The most effective way to identify exfiltration of sensitive data by a malicious insider is to establish behavioral analytics monitoring. Behavioral analytics is the process of analyzing the patterns and anomalies in user behavior to detect and prevent insider threats. Behavioral analytics can help identify unusual or suspicious activities, such as accessing sensitive data at odd hours, transferring large amounts of data to external devices or locations, or using unauthorized applications or protocols. Behavioral analytics can also help correlate data from multiple sources, such as network logs, user profiles, and access rights, to provide a holistic view of user activity and risk. Data loss prevention (DLP) software is a tool that can help prevent exfiltration of sensitive data by a malicious insider, but it is not the most effective way to identify it. DLP software can block or alert on unauthorized data transfers based on predefined rules and policies, but it may not be able to detect sophisticated or stealthy exfiltration techniques, such as encryption, steganography, or data obfuscation. Reviewing perimeter firewall logs is a way to identify exfiltration of sensitive data by a malicious insider, but it is not the most effective way. Perimeter firewall logs can show the traffic volume and destination of data transfers, but they may not be able to show the content or context of the data. Perimeter firewall logs may also be overwhelmed by the amount of normal traffic and miss the signals of malicious exfiltration. Providing ongoing information security awareness training is a way to reduce the risk of exfiltration of sensitive data by a malicious insider, but it is not a way to identify it. Information security awareness training can help educate users on the importance of protecting sensitive data and the consequences of violating policies and regulations, but it may not deter or detect those who are intentionally or maliciously exfiltrating data. References: ISACA, CISA Review Manual, 27th Edition, 2019, p. 300 ISACA, CISA Review Questions, Answers & Explanations Database - 12 Month Subscription 1 Cybersecurity Engineering for Legacy Systems: 6 Recommendations - SEI Blog 2 How to Secure Your Company's Legacy Applications - iCorps
