Free Access to ISACA.CISA.v2024-03-31.q980 with Valid Practice Test (Page 86)

Question 421

Which of the following attack is against computer network and involves fragmented or invalid ICMP packets sent to the target?

A.Nuke attack
B.Brute force attack
C.Buffer overflow
D.Pulsing Zombie

Correct Answer: A

Explanation/Reference:
A Nuke attack is an old denial-of-service attack against computer networks consisting of fragmented or otherwise invalid ICMP packets sent to the target, achieved by using a modified ping utility to repeatedly send this corrupt data, thus slowing down the affected computer until it comes to a complete stop.
A specific example of a nuke attack that gained some prominence is the Win Nuke, which exploited the vulnerability in the NetBIOS handler in Windows 95. A string of out-of-band data was sent to TCP port 139 of the victim's machine, causing it to lock up and display a Blue Screen of Death (BSOD).
The following answers are incorrect:
Brute force attack - Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.
Buffer overflow - A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity.
Pulsing Zombie - A Dos attack in which a network is subjected to hostile pinging by different attacker computer over an extended time period.
Following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 322

Question 422

By evaluating application development projects against the capability maturity model (CMM), an IS auditor should be able to verify that:

A.reliable products are guaranteed.
B.programmers' efficiency is improved.
C.security requirements are designed.
D.predictable software processes are followed.

Question 423

Which of the following type of lock uses a numeric keypad or dial to gain entry?

A.Bolting door locks
B.Cipher lock
C.Electronic door lock
D.Biometric door lock

Correct Answer: B

Section: Protection of Information Assets
Explanation/Reference:
The combination door lock or cipher lock uses a numeric key pad, push button, or dial to gain entry, it is
often seen at airport gate entry doors and smaller server rooms. The combination should be changed at
regular interval or whenever an employee with access is transferred, fired or subject to disciplinary action.
This reduces risk of the combination being known by unauthorized people.
A cipher lock, is controlled by a mechanical key pad, typically 5 to 10 digits that when pushed in the right
combination the lock will releases and allows entry. The drawback is someone looking over a shoulder can
see the combination. However, an electric version of the cipher lock is in production in which a display
screen will automatically move the numbers around, so if someone is trying to watch the movement on the
screen they will not be able to identify the number indicated unless they are standing directly behind the
victim.
Remember locking devices are only as good as the wall or door that they are mounted in and if the frame
of the door or the door itself can be easily destroyed then the lock will not be effective. A lock will eventually
be defeated and its primary purpose is to delay the attacker.
For your exam you should know below types of lock
Bolting door lock - These locks required the traditional metal key to gain entry. The key should be stamped
"do not duplicate" and should be stored and issued under strict management control.
Biometric door lock - An individual's unique physical attribute such as voice, retina, fingerprint, hand
geometry or signature, activate these locks. This system is used in instances when sensitive facilities must
be protected such as in the military.
Electronic door lock - This system uses a magnetic or embedded chip based plastic card key or token
entered into a sensor reader to gain access. A special code internally stored in the card or token is read by
sensor device that then activates the door locking mechanism.
The following were incorrect answers:
Bolting door lock - These locks required the traditional metal key to gain entry. The key should be stamped
"do not duplicate" and should be stored and issued under strict management control.
Biometric door lock - An individual's unique body features such as voice, retina, fingerprint, hand geometry
or signature, activate these locks. This system is used in instances when extremely sensitive facilities must
be protected such as in the military.
Electronic door lock - This system uses a magnetic or embedded chip based plastic card key or token
entered into a sensor reader to gain access. A special code internally stored in the card or token is read by
sensor device that then activates the door locking mechanism.
Following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 376
and
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2
Press) (Kindle Locations 25144-25150). Acerbic Publications. Kindle Edition.

Question 424

Which of the following would be an appropriate rote of internal audit in helping to establish an organization's privacy program?

A.Analyzing risks posed by new regulations
B.Designing controls to protect personal data
C.Defining roles within the organization related to privacy
D.Developing procedures to monitor the use of personal data

Question 425

Identify the network topology from below diagram presented below:

Network Topology

A.Bus
B.Star
C.Ring
D.Mesh

Correct Answer: B

Section: Information System Operations, Maintenance and Support
Explanation/Reference:
For your exam you should know the information below related to LAN topologies:
LAN Topologies
Network topology is the physical arrangement of the various elements (links, nodes, etc.) of a computer
network.
Essentially, it is the topological structure of a network, and may be depicted physically or logically. Physical
topology refers to the placement of the network's various components, including device location and cable
installation, while logical topology shows how data flows within a network, regardless of its physical design.
Distances between nodes, physical interconnections, transmission rates, and/or signal types may differ
between two networks, yet their topologies may be identical.
Bus
In local area networks where bus topology is used, each node is connected to a single cable. Each
computer or server is connected to the single bus cable. A signal from the source travels in both directions
to all machines connected on the bus cable until it finds the intended recipient. If the machine address does
not match the intended address for the data, the machine ignores the data. Alternatively, if the data
matches the machine address, the data is accepted. Since the bus topology consists of only one wire, it is
rather inexpensive to implement when compared to other topologies. However, the low cost of
implementing the technology is offset by the high cost of managing the network. Additionally, since only one
cable is utilized, it can be the single point of failure. If the network cable is terminated on both ends and
when without termination data transfer stop and when cable breaks, the entire network will be down.
Bus topology
Graphic from:

Linear bus
The type of network topology in which all of the nodes of the network are connected to a common
transmission medium which has exactly two endpoints (this is the 'bus', which is also commonly referred to
as the backbone, or trunk) - all data that is transmitted between nodes in the network is transmitted over
this common transmission medium and is able to be received by all nodes in the network simultaneously.
Distributed bus
The type of network topology in which all of the nodes of the network are connected to a common
transmission medium which has more than two endpoints that are created by adding branches to the main
section of the transmission medium - the physical distributed bus topology functions in exactly the same
fashion as the physical linear bus topology (i.e., all nodes share a common transmission medium).
Star
In local area networks with a star topology, each network host is connected to a central point with a point-
to-point connection. In Star topology every node (computer workstation or any other peripheral) is
connected to central node called hub or switch.
The switch is the server and the peripherals are the clients. The network does not necessarily have to
resemble a star to be classified as a star network, but all of the nodes on the network must be connected to
one central device.
All traffic that traverses the network passes through the central point. The central point acts as a signal
repeater.
The star topology is considered the easiest topology to design and implement. An advantage of the star
topology is the simplicity of adding additional nodes. The primary disadvantage of the star topology is that
the central point represents a single point of failure.
Star Topology

Ring
A network topology that is set up in a circular fashion in which data travels around the ring in one direction
and each device on the ring acts as a repeater to keep the signal strong as it travels. Each device
incorporates a receiver for the incoming signal and a transmitter to send the data on to the next device in
the ring.
The network is dependent on the ability of the signal to travel around the ring. When a device sends data, it
must travel through each device on the ring until it reaches its destination. Every node is a critical link. If
one node goes down the whole link would be affected.
Ring Topology

Mesh
The value of a fully meshed networks is proportional to the exponent of the number of subscribers,
assuming that communicating groups of any two endpoints, up to and including all the endpoints, is
approximated by Reed's Law.
A mesh network provides for high availability and redundancy. However, the cost of such network could be
very expensive if dozens of devices are in the mesh.
Mesh Topology

Fully connected mesh topology
A fully connected network is a communication network in which each of the nodes is connected to each
other. In graph theory it known as a complete graph. A fully connected network doesn't need to use
switching nor broadcasting. However, its major disadvantage is that the number of connections grows
quadratic ally with the number of nodes, so it is extremely impractical for large networks. A two-node
network is technically a fully connected network.
Partially connected mesh topology
The type of network topology in which some of the nodes of the network are connected to more than one
other node in the network with a point-to-point link - this makes it possible to take advantage of some of
the redundancy that is provided by a physical fully connected mesh topology without the expense and
complexity required for a connection between every node in the network.
The following answers are incorrect:
The other options presented are not valid.
The following reference(s) were/was used to create this question:
CISA review manual 2014, Page number 262

Question 421

Question 422

Question 423

Question 424

Question 425

Download PDF File