CISA Flashcards-Domain 4





[qdeck style=”border-width: 5px !important; border-color: #003366 !important;”] [q] What is Recovery Time Objective (RTO)?  (a) The extent of acceptable system downtime  or (b) The extent of acceptable data loss.

[a] (a) The extent of acceptable system downtime

[q]
(i)__________ uses radio waves to identify tagged objects within a limited radius.

(ii)__________ tag consists of microchip and an antenna. The __________ stores information along with ID to identify a product. __________ transmits the information to RFID reader.

[a]
(i)Radio Frequency identification (RFID) uses radio waves to identify tagged objects within a limited radius.

(ii)RFID tag consists of microchip and an antenna. The microchip stores information along with ID to identify a product. Antenna transmits the information to RFID reader.

[q]What are the risks associated with RFID ?

[a]
(i)Business Process Risk: Direct attack on RFID can impact business processes.

(ii)Business Intelligence Risk: An adversary or competitor can gain unauthorised access to RFID generated information.

(iii)Privacy Risk: Private information may be compromised.

(iv)Externality Risk: It could threat to non-RFID networked, systems, assets and people.

[q] What is Recovery Point Objective (RPO)? (a) The extent of acceptable system downtime or (b) The extent of acceptable data loss.

[a] (b) The extent of acceptable data loss.

 

[q] __________of 2 hours indicates that organization needs to ensure that their system downtime should not exceed 2 hours.  (a) RPO  or (b) RTO

[a] (b)RTO

 

[q] __________of 2 hours indicates that organization needs to ensure that their data loss should not exceed 2 hours of data captured. (a) RPO or (b) RTO

[a] (a)RPO

[q] For critical systems/data, RTO and RPO, should be __________.    (a)Low or (b) high.

[a] (a) Low

[q] Low RTO/RPO indicates that disaster tolerance is __________. (a)Low or (b) high.

[a] (a)Low

[q] If disaster tolerance is low, RTO/RPO should be __________. (a)Low or (b) high.

[a] (a)Low

[q] When RTO is low, most suitable site is __________.  (a) hot or (b) cold.

[a] (a)hot

[q] When RTO is high, most suitable site is __________.  (a) hot or (b) cold.

[a] (a)cold

[q] Find RTO & RPO from below statement:

An organization cannot afford to have any downtime and can afford data loss upto 2 hours.

[a] RTO- 0 hours    RPO-2 hours

 

  [q] In a day, back-up is taken twice i.e at 12 AM &  at 12 PM. What is RPO?

[a] RPO-12 hours

  [q] Daily back-up schedule is follow: First back-up at 8.00, second back-up at 16.00 and third back-up is at 24.00. What is RPO?

[a] RPO-8 hours

  [q] If RTO and RPO are low (i.e. zero or near zero) then systems and data are __________ (a) critical or (b) non-critical.

[a] (a)Critical

[q] __________ will have lowest expenditure in terms of recovery arrangement. (a)reciprocal agreement  (b)hot site

[a] (a)reciprocal agreement

[q] __________ is the fastest mode of recovery. (a) Mirrored Site (b) Hot Site

[a] (a)Mirrored Site

[q] For critical system, most suitable alternate site arrangement is __________. (a) hot site  (b) cold site

[a] (a) hot site

[q] Which of the following is the BEST way to handle obsolete magnetic tapes before
disposing of them?
A. Overwriting the tapes
B. Initializing the tape labels
C. Degaussing the tapes
D. Erasing the tapes

[a] C. Degaussing the tapes

[q] Which of the following controls will detect MOST effectively the presence of bursts of errors in network transmissions?

(a) Parity check Or (b) Cyclic redundancy check

[a] Cyclic redundancy check

[q] Which of the following devices extends the network and has the capacity to store frames and act as a storage and forward device?

(a) Router Or (b) Bridge

[a] A bridge connects two separate networks to form a logical network and has the storage capacity to store frames and act as a storage and forwarding device.

[q] Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized?

(a)Release-to-release source and object comparison reports Or
(b) Date and time-stamp reviews of source and object code

[a] Date and time-stamp reviews of source and object code

[q] A critical function of a firewall is to act as a:

(a)special router that connects the Internet to a LAN Or
(b) server used to connect authorized users to private, trusted network resources.

[a]server used to connect authorized users to private, trusted network resources.

[q] A Ping command is used to measure:

(a)attenuation. Or (b)latency

[a] latency.
Latency, which is measured using a Ping command, represents the delay that a message/packet
will have in travelling from source to destination.
[q] An installed Ethernet cable run in an unshielded twisted pair (UTP) network is more
than 100 meters long. Which of the following could be caused by the length of the cable?

(a)Electromagnetic interference (EMI) Or (b) Cross-talk Or (c)Attenuation

[a]Attenuation

Attenuation is the weakening of signals during transmission.. UTP faces
attenuation around 100 meters. Electromagnetic interference (EMI) is caused by outside
electromagnetic waves affecting the desired signals, which is not the case here. Cross-talk has
nothing to do with the length of the UTP cable.

[q] Which of the following is MOST directly affected by network performance monitoring tools?

(a)Integrity Or (b) Availability

[a]Availability

[q]Which of the following would be the MOST secure firewall system?

(a)Screened-host firewall Or (b)Screened-subnet firewall

[a] Screened-subnet firewall

[q] An independent software program that connects two otherwise separate applications
sharing computing resources across heterogeneous technologies is known as:

(a) middleware. Or (b)firmware.

[a] middleware

[q] To evaluate the referential integrity of a database, an IS auditor should review the:

(a) composite keys Or (b) foreign keys

[a] foreign keys.
A foreign key is a column in a table that references a primary key of another table, thus
providing the referential integrity. Composite keys consist of two or more columns designated together as a table’s primary key.

[q]In case of __________ systems, generally RTO is zero or near to zero.

[a] In case of critical systems, generally RTO is zero or near to zero.

[q]In which recovery processing site, only arrangement for electricity and HVAC is available?

[a]cold site

[q]Which of the propagation problems do wired and wireless transmissions have
in common?

[a] Attenuation

Attenuation exists in both wired and wireless transmissions.

[q]A __________ is an abstract mechanism that checks each request by a subject (user
process) to access and uses an object (e.g., file, device, program) to ensure that the request
complies with a security policy.

[a]A reference monitor is an abstract mechanism that checks each request by a subject (user
process) to access and uses an object (e.g., file, device, program) to ensure that the request
complies with a security policy.

[q]__________ are the agreements wherein two organisations (mostly having similar processing) agree to help each other in case of emergency. They are the least expensive because they usually rely on agreement between two firms

[a]Reciprocal Agreements

[q]A hot site should be implemented as a recovery strategy when the:

(a)recovery time objective (RTO) is low Or (b) recovery time objective (RTO) is high.

[a] recovery time objective (RTO) is low

[q]
(i) A __________ transmits and receives electronic documents between trading partners
and/or wide area networks (WANs).

(ii)An __________ translates data between the standard format and a trading partner’s proprietary format.

(iii)An __________ moves electronic transactions to or from the application system and performs data mapping.

(iv)An __________ manipulates and routes data between the application system and the communications handler.

[a]
(i)A communications handler transmits and receives electronic documents between trading partners
and/or wide area networks (WANs).

(ii)An EDI translator translates data between the standard format and a trading partner’s proprietary format.

(iii)An application interface moves electronic transactions to or from the application system and performs data mapping.

(iv)An EDI interface manipulates and routes data between the application system and the communications handler.

[q]__________ controls prevent data integrity problems, which can arise when two update
processes access the same data item at the same time.

[a]Concurrency controls prevent data integrity problems, which can arise when two update
processes access the same data item at the same time.

[q]__________ constraints ensure that a change in a primary key of one table is automatically updated in the matching foreign keys of other tables.

[a] Referential integrity

[q]A __________performs the job of translating e-mail formats from one network to another, so
messages can make their way through all the networks.

[a] Gateway

[q] __________ refers to the ability to ensure that a party to a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. It provides evidence that a specific action occurred.

[a] Non-repudiation

[q]An alternate recovery site with space and basic infrastructure like electrical wiring, air-conditioning and flooring, but no computer or communications equipment is a:

[a]cold site.

[q]Which types of transmission media provide the BEST security against unauthorized access?

[a]fibre-optics

[q]A __________ allows external partners to securely participate in the extranet using public networks as a transport or shared private networks

[a] virtual private network (VPN)

[q]Weakening of signals during transmission is known as __________

[a]Attenuation

[q]Process of removal of redundant data elements from the database structure is known as __________

[a]Normalization

[q]__________ management is the planning and monitoring of computing and network resources to ensure that the available resources are used efficiently and effectively.

[a]
Capacity management is the planning and monitoring of computing and network resources to ensure that the available resources are used efficiently and effectively.

[q]
Nucleus is a highly privileged area where access by most users is restricted. Functions of the nucleus relate
to basic processes associated with the OS, which include:

[a]
• Interrupt handling
• Process creation/destruction
• Process state switching
• Dispatching
• Process synchronization
• Interprocess comn1unication
• Support of l/0 processes
• Support of the allocation and reallocation/release of memory

[q]
In a __________environment, software is used to partition one physical server into multiple independent servers. Each of these environments can then run its own (and if required different) OS. To the operator, the OS behaves as if it were running on a physical server.

[a]
Virtual Environment

[q]
The __________contains programs that interface between the user, processor and applications software. It is the control program that runs the computer and acts as a scheduler and traffic controller. It provides the primary means of managing the sharing and use of computer resources such as processors, real memory (e.g., RAM), a~xiliary memory
(e.g., disk storage) and VO devices.

[a]
Operating System

[q]
Many intruders will attempt to alter logs to hide their activities. Secure logging is also needed to preserve evidence authenticity should the logs be required for legal/court use. It is, therefore, important that logs are protected against alteration. A common way to achieve this is to capture, centralize and analyze the logs on a secure server using __________.

[a]
security information and event management (SIEM) software.

[q]What is Attenuation ?
[a]
-Attenuation is the weakening of signals during transmission.
-Attenuation exists in both wired and wireless transmissions.
-Length of wire impacts the severity of attenuation. Higher the length, more chances of attenuation.
[q]What is Electromagnetic Interference (EMI) ?
[a]
-EMI is a disturbance generated by an external source that affects an electrical circuit.
-The disturbance may degrade the performance of the circuit or even stop it from functioning. In the case of a data path, these effects can range from an increase in error rate to a total loss of the data.
-EMI is caused by electrical storms or noisy electrical equipments (e.g. motors, fluorescent lighting, radio transmitters etc.)
[q]What is cross-talks?
[a]
Crosstalk is electromagnetic interference from one unshielded twisted pair to another twisted pair, normally running in parallel.
[q]Which of the following exists both in wired as well as wireless transmissions?
Attenuation/EMI/Cross Talks
[a] Attenuation exists in both wired and wireless transmissions.
[q]How to differentiate between alternate routing and diverse routing ?
[a]
Diverse routing is the method of routing traffic through split-cable facilities or duplicate-cable facilities.
Alternative routing is the method of routing information via an alternative medium, such as copper cable or fiber optics.

[q]How to differentiate between last mile circuit protection & long haul network diversity?
[a]
Last mile circuit protection provides redundancy for local communication loop.
Long haul network diversity provides redundancy for long distance availability.
[q] __________ provides redundancy for local communication loop. (last mile circuit protection/long haul network diversity)
[a]
Last mile circuit protection provides redundancy for local communication loop.
[q] __________ provides redundancy for long distance availability. (last mile circuit protection/long haul network diversity)
[a]
Long haul network diversity provides redundancy for long distance availability.
[q] __________routing is the method of routing traffic through split-cable facilities or duplicate-cable facilities (Alternate/Diverse)
[a]
Diverse routing is the method of routing traffic through split-cable facilities or duplicate-cable facilities.
[q]__________ routing is the method of routing information via an alternative medium, such as copper cable or fiber optics. (Alternate/Diverse)
[a]
Alternative routing is the method of routing information via an alternative medium, such as copper cable or fiber optics.
[q] __________cables have proven to be more secure than the other media. They have very low transmission loss, not affected by EMI and preferred choice for high volumes and long distance calls.
[a]
Fiber-optic
[q]An organisation is considering type of transmission media which provide best security against unauthorized access. Which of the following provides best security? (UTP/STP/Co-axial/Fiber Optic)
[a]
Fiber-optic

[q]Below devices operate at which layer of OSI :

 

Hub

Switch

Bridge

Router

Gateway

 

[a]

Hub – Physical Layer (1st Layer)

Switch – Data Link Layer (2nd Layer)

Bridge – Data Link Layer (2nd Layer)

Router – Network Layer (3rd Layer)

Gateway-Application Layer (7th Layer)

 

[q]Below devices operates either at MAC address or IP address. Please select the correct answer:

Switch

Bridge

Router

 

[a]

Switch – MAC Address

Bridge – MAC Address

Router – IP Address

 

[q]Device operating at higher layer of OSI will have more intelligence as compared to device operating at lower layer of OSI:

True

False

[a]

True

[q] ‘Bridge’ operates at which of the following OSI layer?

[a] Data Link Layer (2nd layer)

 

 

[q] ‘Switch’ operates at which of the following OSI layer?

[a] Data Link Layer (2nd layer)

 

[q] ‘Router’ operates at which of the following OSI layer?

[a] Network layer (3rd layer)

 

[q] ‘Hub’ operates at which of the following OSI layer?

[a] Physical layer (1st layer)

[q] Which of the following devices has the capacity to store frames and act as a storage and forward device?

 

  1. Hub
  2. Bridge

 

[a] Bridge

[q] By examining the ______ address, router can make intelligent decisions to direct the packet to its destination? (IP address or MAC address)

[a] IP address

 

[q] By examining the IP address, which of the following device can make intelligent decisions to direct the packet to its destination?

A.Hub

B.Layer-2 Switch

C.Bridge

D.Router

 

[a]Answer: D.Router

 

Explanation: Router operates at Network Layer (i.e. 3rd Layer) of OSI Model. By examining the IP address, the router can make intelligent decisions to direct the packet to its destination. Router can block broadcast information, block traffic to unknown addresses, and filter traffic based on network or host information.

 

[q]What is the major difference between Hub & Switch?

[a]

(i)Hub is a dumb device. It forwards message to all the connected computers irrespective of whether message is intended for them or not. Switch is a smarter than Hub. It forwards message to only that computer for which message is intended.

 

(ii)Hub operates at  physical layer (1st layer) of OSI whereas Switch operates at datalink layer (2nd layer) of OSI.

 

(iii)Switch can identify MAC address. However, Hub do not have functionality to identify MAC address.

[/qdeck]




Share