Free Access to ISACA.CISA.v2024-12-27.q999 with Valid Practice Test (Page 53)

Question 256

An IS auditor observes a weakness in the tape management system at a data center in that some parameters are set to bypass or ignore tape header records. Which of the following is the MOST effective compensating control for this weakness?

A.Staging and job set up
B.Supervisory review of logs
C.Regular back-up of tapes
D.Offsite storage of tapes

Question 257

Which of the following type of an IDS resides on important systems like database, critical servers and
monitors various internal resources of an operating system?

A.Signature based IDS
B.Host based IDS
C.Network based IDS
D.Statistical based IDS

Correct Answer: B

Section: Protection of Information Assets
Explanation/Reference:
Host Based IDS resides on important systems like database, critical servers and monitors various internal
resources of an operating system.
Also, you should know below mentioned categories and types of IDS for CISA exam
An IDS works in conjunction with routers and firewall by monitoring network usage anomalies.
Broad categories of IDS include:
1. Network Based IDS
2. Host Based IDS
Network Based IDS
They identify attack within the monitored network and issue a warning to the operator.
If a network based IDS is placed between the Internet and the firewall, it will detect all the attack attempts
whether or not they enter the firewall
Network Based IDS are blinded when dealing with encrypted traffic
Host Based IDS
They are configured for a specific environment and will monitor various internal resources of the operating
system to warn of a possible attack.
They can detect the modification of executable programs, detect the detection of files and issue a warning
when an attempt is made to use a privilege account.
They can monitor traffic after it is decrypted and they supplement the Network Based IDS.
Types of IDS includes:
Statistical Based IDS - This system needs a comprehensive definition of the known and expected behavior
of system
Neural Network - An IDS with this feature monitors the general patterns of activity and traffic on the
network, and create a database. This is similar to statistical model but with added self-learning functionality.
Signature Based IDS - These IDS system protect against detected intrusion patterns. The intrusive pattern
they can identify are stored in the form of signature.
The following were incorrect answers:
The other types of IDS mentioned in the options do not resides on important systems like database and
critical servers
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 346 and 347

Question 258

Which of the following is the MOST effective way to achieve the integration of information security governance into corporate governance?

A.Ensure information security aligns with IT strategy.
B.Provide periodic IT balanced scorecards to senior management.
C.Align information security budget requests to organizational goals.
D.Ensure information security efforts support business goals.

Question 259

Which of the following techniques is MOST appropriate for verifying application program controls?

A.Observation of data entry
B.Statistical sampling
C.Use of test data
D.Code review

Question 260

A live test of a mutual agreement for IT system recovery has been carried out, including a
four-hour test of intensive usage by the business units. The test has been successful, but gives only partial assurance that the:

A.system and the IT operations team can sustain operations in the emergency environment.
B.resources and the environment could sustain the transaction load.
C.connectivity to the applications at the remote site meets response time requirements.
D.workflow of actual business operations can use the emergency system in case of a disaster.

Question 256

Question 257

Question 258

Question 259

Question 260

Download PDF File