Free Access to ISACA.CISA.v2024-12-27.q999 with Valid Practice Test (Page 125)

Question 616

An IS auditor determines that a business continuity plan has not been reviewed and approved by management. Which of the following is the MOST significant risk associated with this situation?

A.The plan has not been reviewed by risk management
B.Continuity planning may be subject to resource constraints.
C.The plan may not be aligned with industry best practice.
D.Critical business processes may not be addressed adequate.

Question 617

During an incident management audit, an IS auditor finds that several similar incidents were logged during the audit period Which of the following is the auditor's MOST important course of action?

A.Confirm the resolution time of the incidents.
B.Document the finding and present it to management.
C.Validate whether all incidents have been actioned.
D.Determine if a root cause analysis was conducted

Question 618

There are many firewall implementations provided by firewall manufacturers. Which of the following implementation utilize two packet filtering routers and a bastion host? This approach creates the most secure firewall system since it supports network and application level security while defining a separate DMZ.

A.Dual Homed firewall
B.Screened subnet firewall
C.Screened host firewall
D.Anomaly based firewall

Correct Answer: B

Explanation/Reference:
In network security, a screened subnet firewall is a variation of the dual-homed gateway and screened host firewall. It can be used to separate components of the firewall onto separate systems, thereby achieving greater throughput and flexibility, although at some cost to simplicity. As each component system of the screened subnet firewall needs to implement only a specific task, each system is less complex to configure.
A screened subnet firewall is often used to establish a demilitarized zone (DMZ).
Below are few examples of Firewall implementations:
Screened host Firewall
Utilizing a packet filtering router and a bastion host, this approach implements a basic network layer security and application server security.
An intruder in this configuration has to penetrate two separate systems before the security of the private network can be compromised This firewall system is configured with the bastion host connected to the private network with a packet filtering router between internet and the bastion host Dual-homed Firewall
A firewall system that has two or more network interface, each of which is connected to a different network In a firewall configuration, a dual homed firewall system usually acts to block or filter some or all of the traffic trying to pass between the network A dual-homed firewall system is more restrictive form of screened-host firewall system Demilitarize Zone (DMZ) or screened-subnet firewall Utilizing two packet filtering routers and a bastion host
This approach creates the most secure firewall system since it supports network and application level security while defining a separate DMZ network Typically, DMZs are configured to limit access from the internet and organization's private network.
The following were incorrect answers:
The other types of firewall mentioned in the option do not utilize two packet filtering routers and a bastion host.
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 346

Question 619

The CIO of an organization is concerned that the information security policies may not be comprehensive. Which of the following should an IS auditor recommend be performed FIRST?

A.Determine if there is j process to handle exceptions to the policies
B.Compare the policies against an industry framework.
C.Establish a governance board to track compliance with the policies
D.Obtain a copy of their competitor's policies

Question 620

Which of the following is critical to the successful establishment of an enterprise IT architecture?

A.A well-defined data migration policy
B.Comparison of the architecture with that of other organizations
C.An architecture encompassing only critical systems
D.Organizational support for standardization

Question 616

Question 617

Question 618

Question 619

Question 620

Download PDF File