CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 304
1. Users are issued security tokens to be used in combination with a PIN to access the corporate virtual private network (VPN). Regarding the PIN, what is theMOST important rule to be included in a security policy?
A) Users should not leave tokens where they could be stolen
B) Users must never keep the token in the same bag as their laptop computer
C) Users should select a PIN that is completely random, with no repeating digits
D) Users should never write down their PIN
2. Which of the following fire suppression systems is MOST appropriate to use in a data center environment?
A) Wet-pipe sprinkler system
B) Dry-pipe sprinkler system
C) FM-200system
D) Carbon dioxide-based fire extinguishers
3. During the review of a biometrics system operation, an IS auditor should FIRST review the stage of:
A) enrollment.
B) identification.
C) verification.
D) storage.
4. An accuracy measure for a biometric system is:
A) system response time.
B) registration time.
C) input file size.
D) false-acceptance rate.
5. What is a risk associated with attempting to control physical access to sensitive areas such as computer rooms using card keys or locks?
A) Unauthorized individuals wait for controlled doors to open and walk in behind those authorized.
B) The contingency plan for the organization cannot effectively test controlled access practices.
C) Access cards, keys and pads can be easily duplicated allowing easy compromise of the control.
D) Removing access for those who are no longer authorized is complex.
A) Users should not leave tokens where they could be stolen
B) Users must never keep the token in the same bag as their laptop computer
C) Users should select a PIN that is completely random, with no repeating digits
D) Users should never write down their PIN
2. Which of the following fire suppression systems is MOST appropriate to use in a data center environment?
A) Wet-pipe sprinkler system
B) Dry-pipe sprinkler system
C) FM-200system
D) Carbon dioxide-based fire extinguishers
3. During the review of a biometrics system operation, an IS auditor should FIRST review the stage of:
A) enrollment.
B) identification.
C) verification.
D) storage.
4. An accuracy measure for a biometric system is:
A) system response time.
B) registration time.
C) input file size.
D) false-acceptance rate.
5. What is a risk associated with attempting to control physical access to sensitive areas such as computer rooms using card keys or locks?
A) Unauthorized individuals wait for controlled doors to open and walk in behind those authorized.
B) The contingency plan for the organization cannot effectively test controlled access practices.
C) Access cards, keys and pads can be easily duplicated allowing easy compromise of the control.
D) Removing access for those who are no longer authorized is complex.
1. Right Answer: D
Explanation: If a user writes their PIN on a slip of paper, an individual with the token, the slip of paper, and the computer could access the corporate network. A token and thePIN is a two-factor authentication method. Access to the token is of no value without the PIN; one cannot work without the other. The PIN does not need to be random as long as it is secret.
2. Right Answer: C
Explanation: FM-200 is safer to use than carbon dioxide. It is considered a clean agent for use in gaseous fire suppression applications. A water-based fire extinguisher is suitable when sensitive computer equipment could be damaged before the fire department personnel arrive at the site. Manual firefighting (fire extinguishers) may not provide fast enough protection for sensitive equipment (e.g., network servers).
3. Right Answer: A
Explanation: The users of a biometrics device must first be enrolled in the device. The device captures a physical or behavioral image of the human, identifies the unique features and uses an algorithm to convert them into a string of numbers stored as a template to be used in the matching processes.
4. Right Answer: D
Explanation: For a biometric solution three main accuracy measures are used: false-rejection rate (FRR), cross-error rate (CER) and false-acceptance rate (FAR). FRR is a measure of how often valid individuals are rejected. FAR is a measure of how often invalid individuals are accepted. CER is a measure of when the false-rejection rate equals the false-acceptance rate. Choices A and B are performance measures.
5. Right Answer: A
Explanation: The concept of piggybacking compromises all physical control established. Choice B would be of minimal concern in a disaster recovery environment. Items in choice C are not easily duplicated. Regarding choice D, while technology is constantly changing, card keys have existed for some time and appear to be a viable option for the foreseeable future.
Explanation: If a user writes their PIN on a slip of paper, an individual with the token, the slip of paper, and the computer could access the corporate network. A token and thePIN is a two-factor authentication method. Access to the token is of no value without the PIN; one cannot work without the other. The PIN does not need to be random as long as it is secret.
2. Right Answer: C
Explanation: FM-200 is safer to use than carbon dioxide. It is considered a clean agent for use in gaseous fire suppression applications. A water-based fire extinguisher is suitable when sensitive computer equipment could be damaged before the fire department personnel arrive at the site. Manual firefighting (fire extinguishers) may not provide fast enough protection for sensitive equipment (e.g., network servers).
3. Right Answer: A
Explanation: The users of a biometrics device must first be enrolled in the device. The device captures a physical or behavioral image of the human, identifies the unique features and uses an algorithm to convert them into a string of numbers stored as a template to be used in the matching processes.
4. Right Answer: D
Explanation: For a biometric solution three main accuracy measures are used: false-rejection rate (FRR), cross-error rate (CER) and false-acceptance rate (FAR). FRR is a measure of how often valid individuals are rejected. FAR is a measure of how often invalid individuals are accepted. CER is a measure of when the false-rejection rate equals the false-acceptance rate. Choices A and B are performance measures.
5. Right Answer: A
Explanation: The concept of piggybacking compromises all physical control established. Choice B would be of minimal concern in a disaster recovery environment. Items in choice C are not easily duplicated. Regarding choice D, while technology is constantly changing, card keys have existed for some time and appear to be a viable option for the foreseeable future.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment