Answer / guest

Answer: A

Tunnel mode with IP security provides encryption and
authentication of the complete IP package. To accomplish
this, the AH (authentication header) and ESP (encapsulating
security payload) services can be nested. Choices B and C
provide authentication and integrity. TCP services do not
provide encryption and authentication.

Answer / antoine

A. Work is completed in tunnel mode with IP security using
the nested services of authentication header (AH) and
encapsulating security payload (ESP).

IPsec

A universal serial bus (USB) port: A. connects the network without a network card. B. connects the network with an Ethernet adapter. C. replaces all existing connections. D. connects the monitor.

1 Answers  

---

When reviewing an organization's logical access security, which of the following would be of the MOST concern to an IS auditor? A. Passwords are not shared. B. Password files are encrypted. C. Redundant logon IDs are deleted. D. The allocation of logon IDs is controlled.

1 Answers  

---

hello all i want to do cisa certification but dont have knowledge of auditing. i m fresher and ccna certified. so, please advice me how should i prepare .and having cisa certification is it easy to get a job. please reply as soon as possible.

1 Answers  

---

With the help of the security officer, granting access to data is the responsibility of: A. data owners. B. programmers. C. system analysts. D. librarians.

1 Answers  

---

Which of the following is a telecommunication device that translates data from digital form to analog form and back to digital? A. Multiplexer B. Modem C. Protocol converter D. Concentrator

2 Answers  

---

Sign-on procedures include the creation of a unique user ID and password. However, an IS auditor discovers that in many cases the user name and password are the same. The BEST control to mitigate this risk is to: A. change the company's security policy. B. educate users about the risk of weak passwords. C. build in validations to prevent this during user creation and password change. D. require a periodic review of matching user ID and passwords for detection and correction.

1 Answers  

---

Change management procedures are established by IS management to: A. control the movement of applications from the test environment to the production environment. B. control the interruption of business operations from lack of attention to unresolved problems. C. ensure the uninterrupted operation of the business in the event of a disaster. D. verify that system changes are properly documented.

1 Answers  

---

While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/back up at an offsite location would be: A. shadow file processing. B. electronic vaulting. C. hard-disk mirroring. D. hot-site provisioning.

2 Answers  

---

During a post-implementation review of an enterprise resource management system, an IS auditor would MOST likely: A. review access control configuration. B. evaluate interface testing. C. review detailed design documentation. D. evaluate system testing.

1 Answers  

---

In the ISO/OSI model, which of the following protocols is the FIRST to establish security for the user application? A. Session layer. B. Transport layer C. Network layer D. Presentation layer

1 Answers  

---

Which of the following IS functions may be performed by the same individual, without compromising on control or violating segregation of duties? A. Job control analyst and applications programmer B. Mainframe operator and system programmer C. Change/problem and quality control administrator D. Applications and system programmer

2 Answers  

---

Which of the following provides the framework for designing and developing logical access controls? A. Information systems security policy B. Access control lists C. Password management D. System configuration files

2 Answers  

---