100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISA Questions (801 - 900) with 100% Correct Answers $14.49   Add to cart

Exam (elaborations)

CISA Questions (801 - 900) with 100% Correct Answers

 7 views  0 purchase
  • Course
  • CISA - Certified Information Systems Auditor
  • Institution
  • CISA - Certified Information Systems Auditor

CISA Questions (801 - 900) with 100% Correct Answers An organization is proposing to establish a wireless local area network (WLAN). Management asks the IS auditor to recommend security controls for the WLAN. Which of the following would be the MOST appropriate recommendation? Select an answer:...

[Show more]

Preview 4 out of 182  pages

  • August 16, 2024
  • 182
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CISA - Certified Information Systems Auditor
  • CISA - Certified Information Systems Auditor
avatar-seller
OliviaWest
©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM



CISA Questions (801 - 900) with 100% Correct Answers

An organization is proposing to establish a wireless local area network (WLAN).

Management asks the IS auditor to recommend security controls for the WLAN.

Which of the following would be the MOST appropriate recommendation?




Select an answer:

A.

Physically secure wireless access points to prevent tampering.




B.

Use service set identifiers (SSIDs) that clearly identify the organization.




C.

Encrypt traffic using the Wired Equivalent Privacy (WEP) mechanism.




D.



1

,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


Implement the Simple Network Management Protocol (SNMP) to allow active

monitoring. - Answer✔️✔️-You are correct, the answer is A.




A. Physically securing access points such as wireless routers, as well as preventing

theft, addresses the risk of malicious parties tampering with device settings. If

access points can be physically reached, it is often a simple matter to restore weak

default passwords and encryption keys, or to totally remove authentication and

encryption from the network.




B. Service set identifiers (SSIDs) should not be used to identify the organization

because hackers can associate the wireless local area network (WLAN) with a

known organization and this increases both their motivation to attack and,

potentially, the information available to do so.




C. The original Wired Equivalent Privacy (WEP) security mechanism has been

demonstrated to have a number of exploitable weaknesses. The more recently

developed Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2)




2

,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


standards represent considerably more secure means of authentication and

encryption.




D. Installing Simple Network Management Protocol (SNMP) on wireless access

points can actually open up security vulnerabilities. If SNMP is required at all, then

SNMP v3, which has stronger authentication mechanisms than earlier versions,

should be deployed.

A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of

receiving financial data and has communicated the site's address, user ID and

password to the financial services company in separate email messages. The

company is to transmit its data to the FTP site after manually encrypting the data.

The IS auditor's GREATEST concern with this process is that:




Select an answer:

A.

the users may not remember to manually encrypt the data before transmission.




B.



3

, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


the site credentials were sent to the financial services company via email.




C.

personnel at the consulting firm may obtain access to sensitive data.




D.

the use of a shared user ID to the FTP site does not allow for user accountability. -

Answer✔️✔️-You are correct, the answer is A.




A. If the data is not encrypted, an unauthorized external party may download

sensitive company data.




B. Even though the possibility exists that the logon information was captured from

the emails, data should be encrypted, so the theft of the data would not allow the

attacker to read it.




4

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller OliviaWest. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $14.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

67866 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$14.49
  • (0)
  Add to cart