[2022] Get Top-Rated ISACA CISA Exam Dumps Now [Q61-Q85]

Section: Protection of Information Assets
Explanation:
The basis for an expert system is the capture and recording of the knowledge and experience of individuals
in an organization. Coding and entering the knowledge in a central repository, shareable within the
enterprise, is a means of facilitating the expert system. Enhancing personnel productivity and performance
is a benefit; however, it is not as important as capturing the knowledge and experience. Employee turnover
is not necessarily affected by an expert system.

Section: Protection of Information Assets

Explanation/Reference:
Explanation:
It is important to evaluate what the exposure would be when audit recommendations have not been completed by the target date. Based on the evaluation, management can accordingly consider compensating controls, risk acceptance, etc. All other choices might be appropriate only after the risks have been assessed.

Section: Information System Operations, Maintenance and Support

Explanation/Reference:
The word INCORRECTLY is the keyword used in the question. You need to find out the functionality that is not performed by LAN or WAN layer in TCP/IP model.
The Network layer of a TCP/IP model provides logical addressing which routers use for path determination.
For your exam you should know below information about TCP/IP model:
Network Models

Layer 4. Application Layer
Application layer is the top most layer of four layer TCP/IP model. Application layer is present on the top of the Transport layer. Application layer defines TCP/IP application protocols and how host programs interface with Transport layer services to use the network.
Application layer includes all the higher-level protocols like DNS (Domain Naming System), HTTP (Hypertext Transfer Protocol), Telnet, SSH, FTP (File Transfer Protocol), TFTP (Trivial File Transfer Protocol), SNMP (Simple Network Management Protocol), SMTP (Simple Mail Transfer Protocol) , DHCP (Dynamic Host Configuration Protocol), X Windows, RDP (Remote Desktop Protocol) etc.
Layer 3. Transport Layer
Transport Layer is the third layer of the four layer TCP/IP model. The position of the Transport layer is between Application layer and Internet layer. The purpose of Transport layer is to permit devices on the source and destination hosts to carry on a conversation. Transport layer defines the level of service and status of the connection used when transporting data.
The main protocols included at Transport layer are TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).
Layer 2. Internet Layer
Internet Layer is the second layer of the four layer TCP/IP model. The position of Internet layer is between Network Access Layer and Transport layer. Internet layer pack data into data packets known as IP datagram’s, which contain source and destination address (logical address or IP address) information that is used to forward the datagram’s between hosts and across networks. The Internet layer is also responsible for routing of IP datagram’s.
Packet switching network depends upon a connectionless internetwork layer. This layer is known as Internet layer. Its job is to allow hosts to insert packets into any network and have them to deliver independently to the destination. At the destination side data packets may appear in a different order than they were sent. It is the job of the higher layers to rearrange them in order to deliver them to proper network applications operating at the Application layer.
The main protocols included at Internet layer are IP (Internet Protocol), ICMP (Internet Control Message Protocol), ARP (Address Resolution Protocol), RARP (Reverse Address Resolution Protocol) and IGMP (Internet Group Management Protocol).
Layer 1. Network Access Layer
Network Access Layer is the first layer of the four layer TCP/IP model. Network Access Layer defines details of how data is physically sent through the network, including how bits are electrically or optically signaled by hardware devices that interface directly with a network medium, such as coaxial cable, optical fiber, or twisted pair copper wire.
The protocols included in Network Access Layer are Ethernet, Token Ring, FDDI, X.25, Frame Relay etc.
The most popular LAN architecture among those listed above is Ethernet. Ethernet uses an Access Method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection) to access the media, when Ethernet operates in a shared media. An Access Method determines how a host will place data on the medium.
IN CSMA/CD Access Method, every host has equal access to the medium and can place data on the wire when the wire is free from network traffic. When a host wants to place data on the wire, it will check the wire to find whether another host is already using the medium. If there is traffic already in the medium, the host will wait and if there is no traffic, it will place the data in the medium. But, if two systems place data on the medium at the same instance, they will collide with each other, destroying the data. If the data is destroyed during transmission, the data will need to be retransmitted. After collision, each host will wait for a small interval of time and again the data will be retransmitted.
Protocol Data Unit (PDU) :
Protocol Data Unit – PDU

The following answers are incorrect:
The other options correctly describe functionalities of application layer in TCP/IP model.
The following reference(s) were/was used to create this question:
CISA review manual 2014 page number 272

Two-factor authentication (T-FA) refers to any authentication protocol that requires two independent ways to establish identity and privileges. Common implementations of two-factor authentication use ‘something you know’ as one of the two factors, and use either ‘something you have’ or ‘something you are’ as the other factor. In fact, using more than one factor is also called strong authentication. On the other hand, using just one factor is considered by some weak authentication.

Section: Protection of Information Assets
Explanation/Reference:
Security administrator are responsible for providing adequate physical and logical security for IS programs,
data and equipment.
For CISA exam you should know below roles in an organization
Data Owners – These peoples are generally managers and directors responsible for using information for
running and controlling the business. Their security responsibilities include authorizing access, ensuring
that access rules are updated when personnel changes occur, and regularly review access rule for the data
for which they are responsible.
Data Custodian or Data Steward – These people are responsible for storing and safeguarding the data,
and include IS personnel such as system analysis and computer operators.
Security Administrator -Security administrator is responsible for providing adequate physical and logical
security for IS programs, data and equipment.
Data Users – Data users, including internal and external user community, are the actual user of
computerized data. Their level of access into the computer should be authorized by data owners, and
restricted and monitor by security administrator.
The following were incorrect answers:
Data Owner- These peoples are generally managers and directors responsible for using information for
running and controlling the business.
Data Users – Data users, including internal and external user community, are the actual user of
computerized data.
Data custodian is responsible for storing and safeguarding the data, and include IS personnel such as
system analyst and computer operators.
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 361

If the sender sends both a message and a message hash encrypted by its private key, then the receiver can apply the sender’s public key to the hash and get the message hash. The receiver can apply the hashing algorithm to the message received and generate a hash. By matching the generated hash with the one received, the receiver is ensured that the message has been sent by the specific sender, i.e., authenticity, and that the message has not been changed enroute . Authenticity and privacy will beensured by first using the sender’s private key and then the receiver’s public key to encrypt the message. Privacy and integrity can be ensured by using the receiver’s public key to encrypt the message and sending a message hash/digest. Only nonrepudiation can be ensured by using the sender’s private key to encrypt the message. The sender’s public key, available to anyone, can decrypt a message; thus, it does not ensure privacy.

Section: Protection of Information Assets
Explanation
Explanation:
A backdoor is a method of bypassing normal authentication procedures.
Many computer manufacturers used to preinstall backdoors on their systems to provide technical support for customers. Hackers typically use backdoors to secure remote access to a computer, while attempting to remain hidden from casual inspection. To install backdoors, hackers prefer to use either Trojan horse or computer worm.

Explanation/Reference:
Explanation:
Control totals should be implemented as early as data preparation to support data integrity at the earliest point possible.

Explanation/Reference:
Explanation:
A transaction journal provides the information necessary for detecting unauthorized input from a terminal.

Section: Protection of Information Assets
Explanation:
It is important that the data entered from a remote site is edited and validated prior to transmission to the
central processing site.

Explanation/Reference:
Explanation:
The IS auditor should be present when disaster recovery plans are tested, to ensure that the test meets the targets for restoration, and the recovery procedures are effective and efficient. As appropriate, the auditor should provide a report of the test results. All other choices are a responsibility of management.

Explanation/Reference:
Explanation:
A low equal-error rate (EER) is a combination of a low false-rejection rate and a low false-acceptance rate.
EER, expressed as a percentage, is a measure of the number of times that the false-rejection and false- acceptance rates are equal. A low EER is the measure of the more effective biometrics control device. Low false-rejection rates or low false-acceptance rates alone do not measure the efficiency of the device.
Estimated-error rate is nonexistent and therefore irrelevant.

Section: The process of Auditing Information System
Explanation

Section: Protection of Information Assets

Explanation/Reference:
Plans for testing for user acceptance are usually prepared in the requirements definition phase of the systems-development project.