Cybersecurity Audit Certificate 시험 - ISACA실제시험문제와 답 - 134문항

Question No : 1

In public key cryptography, digital signatures are primarily used to;

A.ensure message integrity.
B.ensure message accuracy.
C.prove sender authenticity.
D.maintain confidentiality.

정답:

Question No : 2

While risk is measured by potential activity, which of the following describes the actual occurrence of a threat?

A.Attack
B.Payload
C.Vulnerability
D.Target

정답:

Question No : 3

Which of the following is a computer-software vulnerability that is unknown to those who would be interested in mitigating the vulnerability?

A.Cross-site scripting vulnerability
B.SQL injection vulnerability
C.Memory leakage vulnerability
D.Zero-day vulnerability

정답:

Question No : 4

Which of the following is MOST important to ensure the successful implementation of continuous auditing?

A.Budget for additional storage hardware
B.Budget for additional technical resources
C.Top management support
D.Surplus processing capacity

정답:

Question No : 5

Which of the following is the SLOWEST method of restoring data from backup media?

A.Monthly backup
B.Full backup
C.Differential Backup
D.Incremental backup

정답:

Question No : 6

What is the MAIN consideration when storing backup files?

A.Utilizing solid slate device (SSDJ media for quick recovery
B.Storing backup files on public cloud storage
C.Protecting the off-site data backup copies from unauthorized access
D.Storing copies on-site for ease of access during incident response

정답:

Question No : 7

When reviewing user management roles, which of the following groups presents the GREATEST risk based on their permissions?

A.Privileged users
B.Database administrators
C.Terminated employees
D.Contractors

정답:

Question No : 8

Which of the following BEST facilitates the development of metrics for repotting to senior management on vulnerability management efforts?

A.Reviewing business impact analysis (BIA) results
B.Regularly benchmarking the number of new vulnerabilities identified with industry peers
C.Tracking vulnerabilities and the remediation efforts to mitigate them
D.Monitoring the frequency of vulnerability assessments using automated scans

정답:

Question No : 9

What is the FIRST activity associated with a successful cyber attack?

A.Exploitation
B.Reconnaissance
C.Maintaining a presence
D.Creating attack tools

정답:

Question No : 10

Using digital evidence to provide validation that an attack has actually occurred is an example of;

A.computer forensic
B.extraction.
C.identification.
D.data acquisition.

정답:

Question No : 11

Which of the following is the GREATEST advantage of using a virtual private network (VPN) over dedicated circuits and dial-in servers?

A.It is more secure
B.It is more reliable
C.It is higher speed.
D.It is more cost effective.

정답:

Question No : 12

Which of the following is a passive activity that could be used by an attacker during reconnaissance to gather information about an organization?

A.Using open source discovery
B.Scanning the network perimeter
C.Social engineering
D.Crafting counterfeit websites

정답:

Question No : 13

he MOST significant limitation of vulnerability scanning is the fact that modern scanners only detect:

A.common vulnerabilities.
B.unknown vulnerabilities.
C.known vulnerabilities.
D.zero-day vulnerabilities.

정답:

Question No : 14

Which of the following is MOST important to verify when reviewing the effectiveness of an organization's identity management program?

A.Processes are approved by the process owner.
B.Processes are aligned with industry best practices.
C.Processes are centralized and standardized.
D.Processes are updated and documented annually.

정답:

Question No : 15

Which type of tools look for anomalies in user behavior?

A.Rootkit detection tools
B.Trend/variance-detection tools
C.Audit reduction tools
D.Attack-signature-detection tools

정답:

ISACA Cybersecurity Audit Certificate 시험