ISACA CISA. ISACA CISA ( Certified Information Systems Auditor ) Download Full Version :

Similar documents
Network Security and Cryptography. December Sample Exam Marking Scheme

itexamdump 최고이자최신인 IT 인증시험덤프 일년무료업데이트서비스제공

Overview. SSL Cryptography Overview CHAPTER 1

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Most Common Security Threats (cont.)

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

On the Internet, nobody knows you re a dog.

HP Instant Support Enterprise Edition (ISEE) Security overview

(2½ hours) Total Marks: 75

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

The Tension. Security vs. ease of use: the more security measures added, the more difficult a site is to use, and the slower it becomes

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

SMart esolutions Information Security

Network Security and Cryptography. 2 September Marking Scheme

UNIT - IV Cryptographic Hash Function 31.1

Service Managed Gateway TM. Configuring IPSec VPN

Verteilte Systeme (Distributed Systems)

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

CTS2134 Introduction to Networking. Module 08: Network Security

تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم

E-Commerce Security Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al.

Cryptographic Concepts

KALASALINGAM UNIVERSITY

14. Internet Security (J. Kurose)

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

Web Tap Payment Authentication and Encryption With Zero Customer Effort

SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security

Lecture III : Communication Security Mechanisms

Security Enhancements in Informatica 9.6.x

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

Security+ SY0-501 Study Guide Table of Contents

BCA III Network security and Cryptography Examination-2016 Model Paper 1

e-commerce Study Guide Test 2. Security Chapter 10

ISO/IEC Common Criteria. Threat Categories

Security & Privacy. Web Architecture and Information Management [./] Spring 2009 INFO (CCN 42509) Contents. Erik Wilde, UC Berkeley School of

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Sample excerpt. Virtual Private Networks. Contents

Chapter 19 Security. Chapter 19 Security

Data Communication Prof.A.Pal Dept of Computer Science & Engineering Indian Institute of Technology, Kharagpur Lecture - 40 Secured Communication - II

Cryptography (Overview)

TopSec Product Family Voice encryption at the highest security level

Firewalls, Tunnels, and Network Intrusion Detection

Cryptography and Network Security

The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,

Security Fundamentals

From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005

Cryptography and Network Security

Prof. Shervin Shirmohammadi SITE, University of Ottawa. Security Architecture. Lecture 13: Prof. Shervin Shirmohammadi CEG

Network Security Issues and Cryptography

10EC832: NETWORK SECURITY

Chapter 8 Network Security

Message authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against:

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Syllabus: The syllabus is broadly structured as follows:

19.1. Security must consider external environment of the system, and protect it from:

CSC 6575: Internet Security Fall 2017

CYBER SECURITY MADE SIMPLE

Digital Certificates Demystified

Chapter 9: Database Security: An Introduction. Nguyen Thi Ai Thao

AIT 682: Network and Systems Security

Chapter 15: Security. Chapter 15: Security

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

Cryptography and Network Security

Cryptography and Network Security Chapter 14

School of Computer Sciences Universiti Sains Malaysia Pulau Pinang

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Introduction and Overview. Why CSCI 454/554?

CS 425 / ECE 428 Distributed Systems Fall 2017

Data Security and Privacy. Topic 14: Authentication and Key Establishment

IS-2150/TEL-2810 Introduction to Computer Security Quiz 2 Thursday, Dec 14, 2006

EEC-682/782 Computer Networks I

2/24/2018. Computer Security CS433 Luai E. Hasnawi, PhD

Chapter 15: Security. Operating System Concepts 8 th Edition,

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

CHAPTER 8 SECURING INFORMATION SYSTEMS

MLR Institute of Technology

SENETAS ENCRYPTION KEY MANAGEMENT STATE-OF-THE-ART KEY MANAGEMENT FOR ROBUST NETWORK SECURITY

1.264 Lecture 28. Cryptography: Asymmetric keys

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

WAP Security. Helsinki University of Technology S Security of Communication Protocols

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

IBM Presentations: Implementing SSL Security in WebSphere Partner Gateway

L13. Reviews. Rocky K. C. Chang, April 10, 2015

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)?

SDR Guide to Complete the SDR

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

Security Digital Certificate Manager

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2

An Overview of Secure and Authenticated Remote Access to Central Sites

IBM i Version 7.2. Security Object signing and signature verification IBM

Transcription:

ISACA CISA ISACA CISA ( Certified Information Systems Auditor ) Download Full Version : http://killexams.com/pass4sure/exam-detail/cisa

QUESTION: 390 Applying a digital signature to data traveling in a network provides: A. confidentiality and integrity. B. security and nonrepudiation. C. integrity and nonrepudiation. D. confidentiality and nonrepudiation. Answer: C The process of applying a mathematical algorithm to the data that travel in the network and placing the results of this operation with the hash data is used for controlling data integrity, since any unauthorized modification to this data would result in a different hash. The application of a digital signature would accomplish the non repudiation of the delivery of the message. The term security is a broad concept and not a specific one. In addition to a hash and a digital signature, confidentiality is applied when an encryption process exists. QUESTION: 391 Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure with digital certificates for its business-to- consumer transactions via the internet? A. Customers are widely dispersed geographically, but the certificate authorities are not. B. Customers can make their transactions from any computer or mobile device. C. The certificate authority has several data processing subcenters to administer certificates. D. The organization is the owner of the certificate authority. Answer: D

If the certificate authority belongs to the same organization, this would generate a conflict of interest. That is, if a customer wanted to repudiate a transaction, they could allege that because of the shared interests, an unlawful agreement exists between the parties generating the certificates, if a customer wanted to repudiate a transaction, they could argue that there exists a bribery between the parties to generate the certificates, as shared interests exist. The other options are not weaknesses. QUESTION: 392 Which of the following implementation modes would provide the GREATEST amount of security for outbound data connecting to the internet? A. Transport mode with authentication header (AH) plus encapsulating security payload (ESP) B. Secure Sockets Layer (SSL) mode C. Tunnel mode with AH plus ESP D. Triple-DES encryption mode Answer: C Tunnel mode provides protection to the entire IP package. To accomplish this, AH and ESP services can be nested. The transport mode provides primary protection for the higher layers of the protocols by extending protection to the data fields (payload) of an IP package. The SSL mode provides security to the higher communication layers (transport layer). The triple-des encryption mode is an algorithm that provides confidentiality QUESTION: 393 Which of the following is the MOST reliable sender authentication method? A. Digital signatures B. Asymmetric cryptography C. Digital certificates D. Message authentication code Answer: C

Digital certificates are issued by a trusted third party. The message sender attaches the certificate and the recipient can verify authenticity with the certificate repository. Asymmetric cryptography, such as public key infrastructure ( PKl ), appears to authenticate the sender but is vulnerable to a man-in-the-middle attack. Digital signatures are used for both authentication and confidentiality, but the identity of the sender would still be confirmed by the digital certificate. Message authentication code is used for message integrity verification. QUESTION: 394 Which of the following provides the GREATEST assurance of message authenticity? A. Theprehash code is derived mathematically from the message being sent. B. Theprehash code is encrypted using the sender's private key. C. Theprehash code and the message are encrypted using the secret key. D. The sender attains the recipient's public key and verifies the authenticity of its digital certificate with a certificate authority. Answer: B Encrypting the prehash code using the sender's private key provides assurance of the authenticity of the message. Mathematically deriving the prehash code provides integrity to the message. Encrypting the prehash code and the message using the secretkey provides confidentiality. QUESTION: 395 Which of the following internet security threats could compromise integrity? A. Theft of data from the client B. Exposure of network configuration information C. A Trojan horse browser D. Eavesdropping on the net Answer: C

Internet security threats/vulnerabilities to integrity include a Trojan horse, which could modify user data, memory and messages found in client-browser software. The other options compromise confidentiality. QUESTION: 396 Which of the following is a concern when data are transmitted through Secure Sockets Layer (SSL) encryption, implemented on a trading partner's server? A. The organization does not have control over encryption. B. Messages are subjected to wire tapping. C. Data might not reach the intended recipient. D. The communication may not be secure. The SSL security protocol provides data encryption, server authentication, message integrity and optional client authentication. Because SSL is built into all major browsers and web servers, simply installing a digital certificate turns on the SSL capabilities. SSL encrypts the datum while it is being transmitted over the internet. The encryption is done in the background, without any interaction from the user; consequently, there is no password to remember. The other choices are incorrect. Since the communication between client and server is encrypted, the confidentiality of information is not affected by wire tapping. Since SSL does the client authentication, only the intended recipient will receive the decrypted data.all data sent over an encrypted SSL connection are protected with a mechanism to detect tampering, i.e., automatically determining whether data has been altered in transit. QUESTION: 397 If inadequate, which of the following would be the MOST likely contributor to a denialof-service attack? A. Router configuration and rules B. Design of the internal network C. Updates to the router system software D. Audit testing and review techniques

Inadequate router configuration and rules would lead to an exposure to denial-of-service attacks. Choices B and C would be lesser contributors. Choice D is incorrect because audit testing and review techniques are applied after the fact. QUESTION: 398 The Secure Sockets Layer (SSL) protocol addresses the confidentiality of a message through: A. symmetric encryption. B. message authentication code. C. hash function. D. digital signature certificates. SSL uses a symmetric key for message encryption. A message authentication code is used for ensuring data integrity. Hash function is used for generating a message digest; it does not use public key encryption for message encryption. Digital signature certificates are used by SSL for server authentication. QUESTION: 399 The PRIMARY goal of a web site certificate is: A. authentication of the web site that will be surfed. B. authentication of the user who surfs through that site. C. preventing surfing of the web site by hackers. D. the same purpose as that of a digital certificate. Authenticating the site to be surfed is the primary goal of a web certificate. Authentication of a user is achieved through passwords and not by a web site certificate. The site certificate does not prevent hacking nor does it authenticate a person.

QUESTION: 400 An IS auditor performing detailed network assessments and access control reviews should FIRST: A. determine the points of entry. B. evaluate users' access authorization. C. assess users' identification and authorization. D. evaluate the domain-controlling server configuration. In performing detailed network assessments and access control reviews, an IS auditor should first determine the points of entry to the system and review the points of entry accordingly for appropriate controls. Evaluation of user access authorization, assessment of user identification and authorization, and evaluation of the domain-controlling server configuration are all implementation issues for appropriate controls for the points of entry.

For More exams visit http://killexams.com Kill your exam at First Attempt...Guaranteed!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback