NO.1 Which of the following refers to the act of creating and using an
invented scenario to persuade
a target to perform an action?
A.
Pretexting
B. Backgrounding
C. Check making
D. Bounce checking
E.
None of the choices.
Answer: A
ISACA回答 CISA資格難易度資格難易度
Explanation:
Pretexting
is the act of creating and using an invented scenario to persuade a target to
release
information or perform an action and is usually done over the
telephone. It is more than a simple lie
as it most often involves some prior
research or set up and the use of pieces of known information.
NO.2 Which
of the following refers to a method of bypassing normal system
authentication
procedures?
A. virus
B. worm
C. trojan horse
D.
spyware
E. rootkits
F. backdoor
G. None of the choices.
Answer:
F
ISACA資格練習 CISA資格難易度指導
Explanation:
A
backdoor is a method of bypassing normal authentication procedures.
Many
computer manufacturers used to preinstall backdoors on their systems to provide
technical
support for customers. Hackers typically use backdoors to secure
remote access to a computer,
while attempting to remain hidden from
casual
inspection. To install backdoors, hackers prefer to use either Trojan
horse or computer worm.
NO.3 An IS auditor performing detailed network
assessments and access control reviews should
FIRST:
A. determine the
points of entry.
B. evaluate users' access authorization.
C. assess users'
identification and authorization.
D. evaluate the domain-controlling server
configuration.
Answer:
A
ISACA CISA資格難易度費用 CISA資格難易度必殺問題集
Explanation:
In
performing detailed network assessments and access control reviews, an IS
auditor should first
determine the points of entry to the system and review
the points of entry accordingly for
appropriate controls. Evaluation of user
access authorization, assessment of user identification and
authorization,
and evaluation of the domain-controlling server configuration are all
implementation
issues for appropriate controls for the points of
entry.
NO.4 The 'trusted systems' approach has been predominant in the
design of:
A. many earlier Microsoft OS products
B. the IBM AS/400
series
C. the SUN Solaris series
D. most OS products in the market
E.
None of the choices.
Answer: A
ISACA無料更新 CISA資格難易度問題と解答 CISA資格難易度勉強法
Explanation:
The
'trusted systems' approach has been predominant in the design of many Microsoft
OS products,
due to the long-standing Microsoft policy of emphasizing
functionality and 'ease of use'.
NO.5 The Secure Sockets Layer (SSL)
protocol addresses the confidentiality of a message through:
A. symmetric
encryption.
B. message authentication code.
C. hash function.
D.
digital signature certificates.
Answer:
A
ISACA CISA資格難易度変更 CISA資格難易度オンライン版 CISA資格難易度通信
Explanation:
SSL
uses a symmetric key for message encryption. A message authentication code is
used for
ensuring data integrity. Hash function is used for generating a
message digest; it does not use public
key encryption for message encryption.
Digital signature certificates are used by SSL for
server
authentication.
NO.6 An IS auditor analyzing the audit log of a
database management system (DBMS) finds that
some transactions were partially
executed as a result of an error, and are not rolled back. Which of
the
following transaction processing features has been violated?
A.
Consistency
B. Isolation
C. Durability
D. Atomicity
Answer:
D
ISACA認定デベロッパー CISA資格難易度独学
Explanation:
Atomicity
guarantees that either the entire transaction is processed or none of it is.
Consistency
ensures that the database is in a legal state when the
transaction begins and ends, isolation means
that, while in an intermediate
state, the transaction data is invisible to external operations.
Durability
guarantees that a successful transaction will persist, and cannot
be undone.
NO.7 A live test of a mutual agreement for IT system recovery
has been carried out, including a
four-hour test of intensive usage by the
business units. The test has been successful, but gives only
partial
assurance that the:
A. system and the IT operations team can sustain
operations in the emergency environment.
B. resources and the environment
could sustain the transaction load.
C. connectivity to the applications at
the remote site meets response time requirements.
D. workflow of actual
business operations can use the emergency system in case of a
disaster.
Answer:
A
ISACA受験記 CISA資格難易度合格率
Explanation:
The
applications have been intensively operated, therefore choices B, C and D have
been actually
tested, but the capability of the system and the IT operations
team to sustain and support this
environment (ancillary operations, batch
closing, error corrections, output distribution, etc.) is only
partially
tested.
NO.8 Which of the following applet intrusion issues poses the
GREATEST risk of disruption to an
organization?
A. A program that deposits
a virus on a client machine
B. Applets recording keystrokes and, therefore,
passwords
C. Downloaded code that reads files on a client's hard drive
D.
Applets opening connections from the client machine
Answer:
D
ISACA
Explanation:
An applet is a program
downloaded from a web server to the client, usually through a web
browser
that provides functionality for database access, interactive web
pages and communications with
other users. Applets opening connections from
the client machine to other machines on the network
and damaging those
machines, as a denial-of-service attack, pose the greatest threat to
an
organization and could disrupt business continuity. A program that
deposits a virus on a client
machine is referred toas a malicious attack
(i.e., specifically meant to cause harm to a client
machine), but may not
necessarily result in a disruption of service. Applets that record
keystrokes,
and therefore, passwords, and downloaded code that reads files on
a client's hard drive relate more
to organizational privacy issues, and
although significant, are less likely to cause a significant
disruption of
service.
購入前にJapanCertが提供した無料の問題集をダウンロードできます。自分の練習を通して、試験のまえにうろたえないでしょう。JapanCertを選択して専門性の訓練が君の試験によいだと思います。
あなたはIT職員ですか。今年で一番人気があるIT認証試験に申し込みましたか。もし「はい」と答えてくれたら、あなたはラッキですよ。JapanCertのISACAのCISA資格難易度はあなたが100パーセント試験に合格することを保証しますから。これは絶対に真実なことです。IT業種でより高いレベルに行きたいのなら、JapanCertを選ぶのは間違いなく選択です。当社のトレーニング資料はあなたが全てのIT認証試験に合格することを助けます。しかも値段が手頃です。信じないことはしないでください。JapanCertを利用したら分かります。
試験番号:CISA資格難易度
日本語サンプル試験科目:「Certified Information Systems Auditor」
最近更新時間:2015-12-01
問題と解答:1178
JapanCertは最新の70-684問題集と高品質の642-996問題と回答を提供します。JapanCertのVCP550D VCEテストエンジンとSK0-003試験ガイドはあなたが一回で試験に合格するのを助けることができます。高品質のC2070-587 PDFトレーニング教材は、あなたがより迅速かつ簡単に試験に合格することを100%保証します。試験に合格して認証資格を取るのはそのような簡単なことです。