- 20.Which of the following technique is more relevant to test wireless (Wi-Fi) security of an organization?
- A.A. WPA-2
- B.B. War dialling
- C.C. War driving
- D.D. Social Engineering
- 21.Which of the following should be a concern to an IS auditor reviewing a wireless network?
- A.A. System hardening of all wireless clients.
- B.B. SSID (service set identifier) broadcasting has been enabled.
- C.C. WPA-2 (Wi-Fi Protected Access Protocol) encryption is enabled.
- D.D. DHCP (Dynamic Host Configuration Protocol) is disabled at all wireless access points.
- 22.Dynamic Host Configuration Protocol (DHCP)is disabled at all wireless access points. Which of the following statement is true when DHCP is disabled for wireless networks?
- A.A. increases the risk of unauthorized access to the network.
- B.B. decreases the risk of unauthorized access to the network.
- C.C. automatically provides an IP address to anyone.
- D.D. it disables SSID (Service Set Identifier).
- 23.Best method to ensure confidentiality of the data transmitted in a wireless LAN is to:
- A.A. restrict access to predefined MAC addresses.
- B.B. protect the session by encrypting with use of static keys.
- C.C. protect the session by encrypting with use dynamic keys.
- D.D. initiate the session by encrypted device.
- 24.Usage of wireless infrastructure for use of mobile devices within the organization, increases risk of which of the following attacks?
- A.A. Port scanning
- B.B. Social Engineering
- C.C. Piggybacking
- D.D. War driving
- 25.For man-in-the-middle attach, which of the following encryption techniques will BEST protect a wireless network?
- A.A. Wired equivalent privacy (WEP)
- B.B. MAC-based pre-shared key (PSK)
- C.C. Randomly generated pre-shared key (PSK)
- D.D. Service set identifier (SSID)
- 26.The most robust configuration in firewall rule base is:
- A.A. Allow all traffic and deny the specified traffic
- B.B. Deny all traffic and allow the specified traffic
- C.C. Dynamically decide based on traffic
- D.D.Control traffic on the basis of discretion of network administrator.
- 27.
- A.A. Network layer
- B.B. Application layer
- C.C. Transport layer
- D.D. Session layer
- 28.Which of the following would be the MOST secure firewall system implementation?
- A.A. Screened-host firewall
- B.B. Screened-subnet firewall
- C.C. Dual-homed firewall
- D.D. Stateful-inspection firewall
- 29.Which of the following types of firewalls provide the MOST secured environment?
- A.A. Statefull Inspection
- B.B. Packet filter
- C.C. Application gateway
- D.D. Circuit gateway
- 30.An organization wants to protect a network from Internet attack. Which of the following firewall structure would BEST ensure the protection?
- A.A. Screened subnet firewall
- B.B. Screened host firewall
- C.C. Packet filtering router
- D.D. Circuit-level gateway
- 31.The firewall that allows traffic from outside only if it is in response to traffic from internal hosts, is
- A.A. Application level gateway firewall
- B.B. Stateful Inspection Firewall
- C.C. Packet filtering Router
- D.D. Circuit level gateway
- 32.An organization with the objective of preventing downward of file through FTP (File Transfer Protocol) should configure which of the firewall types ?
- A.A. Stateful Inspection
- B.B. Application gateway
- C.C. Packet filter
- D.D. Circuit gateway
- 33.An organization wants to connect a critical server to the internet. Which of the following would provide the BEST protection against hacking?
- A.A. Stateful Inspection
- B.B. A remote access server
- C.C. Application-level gateway
- D.D. Port scanning
- 34.An IS auditor should be most concern about which of the following while reviewing a firewall?
- A.A. Properly defined security policy
- B.B Use of latest firewall structure with most secure algorithm.
- C.C. The effectiveness of the firewall in enforcing the security policy.
- D.D. Technical knowledge of users.
- 35.An IS auditor conducting an access control review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that:
- A.A. exposure is greater, since information is available to unauthorized users.
- B.B. operating efficiency is enhanced, since anyone can print any report at any time.
- C.C. operating procedures are more effective, since information is easily available.
- D.D. user friendliness and flexibility is facilitated, since there is a smooth flow of information among users.
- 36.Security administration procedures require read-only access to:
- A.A. access control tables.
- B.B. security log files.
- C.C. logging options.
- D.D. user profiles.
- 37.Which of the following would MOST effectively reduce social engineering incidents?
- A.A. Security awareness training
- B.B. Increased physical security measures
- C.C. E-mail monitoring policy
- D.D. Intrusion detection systems
- 38.Disabling which of the following would make wireless local area networks more secure against unauthorized access?
- A.A. MAC (Media Access Control) address filtering
- B.B. WPA (Wi-Fi Protected Access Protocol)
- C.C. LEAP (Lightweight Extensible Authentication Protocol)
- D.D. SSID (service set identifier) broadcasting
- 39.During an audit of a telecommunications system, the IS auditor finds that the risk of intercepting data transmitted to and from remote sites is very high. The MOST effective control for reducing this exposure is:
- A.A. encryption.
- B.B. callback modems.
- C.C. message authentication.
- D.D. dedicated leased lines.
- 40.To ensure compliance within security policy requiring that passwords be a combination of letters and numbers, the IS auditor should recommend that:
- A.A. the company policy be changed.
- B.B. passwords be periodically changed.
- C.C. an automated password management tool be used.
- D.D. security awareness training be delivered.
Tuesday, March 6, 2018
Domain-5 Questions Set02
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment