Separated by firewalls - Study guides, Class notes & Summaries

ISACA CISA SET Exam 121 Questions with Verified Answers The internal audit dept. wrote some scripts that are sued for continuous auditing of some information systems. The IT dept. asked for compies of the scripts so that they can use them for setting up a continuous monitoring process on key systems. Does sharing these scripts with IT affect the ability of the IS auditors to independently and objectively audit the IT functions? a. sharing scripts is not permitted because it gives IT abilit...

*baseline - Answer- NIST SP 800-53 discusses security control baselines as a list of security controls. CIS releases security baselines, and a baseline is a useful part of a threat management strategy and may contain a list of acceptable configuration items. *Content Distribution Network (CDN) - Answer- is designed to provide reliable, low-latency, geographically distributed content distribution. In this scenario, a CDN is an ideal solution. A P2P CDN like BitTorrent isn't a typical choice f...

What is the CIA triad? - Answer- Confidentiality, Integrity, and Availability. Which are the elements of the information system that each organization is trying to protect. Confidentiality - Answer- the concept of the measures used to ensure the protection of the security of the data, objects, or resources. The goal is to prevent or minimize unauthorized access to data. I.E. encryption, access controls, and steganography. Access Control - Answer- The management of the relationship between ...

case studies defining the problem - important- to clarify nature of business issues =important step. even can ask questions after define the proble - need logical answer - can break problem into smaller pieces , could also conduct a SWOT analysis of the firm, then state hypotheiss and potential solutions, then choose framework to structure your hypotheses, then state assumptions, at end summarize framework and analyses you utilized. importance of pose and flexibility - confidence in...

Which one of the following objectives is not one of the three main objectives that information security professionals must achieve to protect their organizations against cybersecurity threats? - correct answer nonrepudiation Tommy is assessing the security database servers in his datacenter and realizes that one of them is missing a critical Oracle security patch. What type of situation has Tommy detected? - correct answer vulnerability Ben is preparing to conduct a cybersecurity risk asse...

CISA Exam 533 Questions with Verified Answers 2021 Acceptance Testing - CORRECT ANSWER Testing to see whether products meet requirements specified in contract or by user. Access - CORRECT ANSWER A specific type of interaction between a subject and an object that results in the flow of information from one to the other. A subject's right to use an object. Access Control - CORRECT ANSWER Aka controlled access & limited access. (1) Process of limiting access to resources of a system only ...

In which phase of the security intelligence cycle is information from several different sources aggregated into useful repositories? A.Collection B.Analysis C.Dissemination D.Feedback - Answer A.Collection (Correct) Explanation OBJ-1.2: The collection phase is usually implemented by administrators using various software suites, such as security information and event management (SIEM). This software must be configured with connectors or agents that can retrieve data from sources such as ...

All of the statements about the administrative duties of a fire inspector are TRUE EXCEPT: - correct score The administrative work of the fire inspector is typically delegated to the fire chief Before you plan a meeting: - correct score Make sure that the meeting is the best way to accomplish your objectives The reference library provides the authority in guidance for the inspection, maintenance, and testing for all of the following except: - correct score Pumper apparatus criteria An a...

The user installed Trojan horse malware. A user used an administrator account to download and install a software application. After the user launched the .exe extension installer file, the user experienced frequent crashes, slow computer performance, and strange services running when turning on the computer. What most likely happened to cause these issues? A worm A security operations center (SOC) analyst investigates the propagation of a memory-resident virus across the network and notices a...

CISA EXAM 1|132 Questions with Verified Answers Q3) During the review of an in-house developed application, the GREATEST concern to an IS auditor is if a: A) manager approves a change request and then reviews it in production. B) programmer codes a change in the development environment and tests it in the test environment. C) manager initiates a change request and subsequently approves it. D) user raises a change request and tests it in the test environment. - CORRECT ANSWER C) ...