Last Updated on December 13, 2021 by Admin 3

CISA : Certified Information Systems Auditor : Part 86

  1. Which of the following biometrics has the highest reliability and lowest false-acceptance rate (FAR)?

    • Palm scan
    • Face recognition
    • Retina scan
    • Hand geometry

    Retina scan uses optical technology to map the capillary pattern of an eye’s retina. This is highly reliable and has the lowest false-acceptance rate (FAR) among the current biometric methods. Use of palm scanning entails placing a hand on a scanner where a palm’s physical characteristics are captured. Hand geometry, one of the oldest techniques, measures the physical characteristics of the user’s hands and fingers from a three dimensional perspective. The palm and hand biometric techniques lack uniqueness in the geometry data. In face biometrics, a reader analyzes the images captured for general facial characteristics. Though considered a natural and friendly biometric, the main disadvantage of face recognition is the lack of uniqueness, which means that people looking alike can fool the device.

  2. The MOST likely explanation for a successful social engineering attack is:

    • that computers make logic errors.
    • that people make judgment errors.
    • the computer knowledge of the attackers.
    • the technological sophistication of the attack method.
    Humans make errors in judging others; they may trust someone when, in fact, the person is untrustworthy. Driven by logic, computers make the same error every time they execute the erroneous logic; however, this is not the basic argument in designing a social engineering attack. Generally, social engineering attacks do not require technological expertise; often, the attacker is not proficient in information technology or systems. Social engineering attacks are human-based and generally do not involve complicated technology.
  3. The purpose of a deadman door controlling access to a computer facility is primarily to:

    • prevent piggybacking.
    • prevent toxic gases from entering the data center.
    • starve a fire of oxygen.
    • prevent an excessively rapid entry to, or exit from, the facility.
    The purpose of a deadman door controlling access to a computer facility is primarily intended to prevent piggybacking. Choices B and C could be accomplished with a single self-closing door. Choice D is invalid, as a rapid exit may be necessary in some circumstances, e.g., a fire.
  4. Which of the following is the MOST reliable form of single factor personal identification?

    • Smart card
    • Password
    • Photo identification
    • iris scan
    Since no two irises are alike, identification and verification can be done with confidence. There is no guarantee that a smart card is being used by the correct person since it can be shared, stolen or lost and found. Passwords can be shared and, if written down, carry the risk of discovery.
    Photo IDs can be forged or falsified.
  5. A data center has a badge-entry system. Which of the following is MOST important to protect the computing assets in the center?

    • Badge readers are installed in locations where tampering would be noticed
    • The computer that controls the badge system is backed up frequently
    • A process for promptly deactivating lost or stolen badges exists
    • All badge entry attempts are logged
    Tampering with a badge reader cannot open the door, so this is irrelevant. Logging the entry attempts may be of limited value. The biggest risk is from unauthorized individuals who can enter the data center, whether they are employees or not. Thus, a process of deactivating lost or stolen badges is important. The configuration of the system does not change frequently, therefore frequent backup is not necessary. 
  6. Which of the following physical access controls effectively reduces the risk of piggybacking?

    • Biometric door locks
    • Combination door locks
    • Deadman doors
    • Bolting door locks
    Deadman doors use a pair of doors. For the second door to operate, the first entry door must close and lock with only one person permitted in the holding areA. This effectively reduces the risk of piggybacking. An individual’s unique body features such as voice, retina, fingerprint or signature activate biometric door locks; however, they do not prevent or reduce the risk of piggybacking. Combination door locks, also known as cipher locks, use a numeric key pad or dial to gain entry. They do not prevent or reduce the risk of piggybacking since unauthorized individuals may still gain access to the processing center. Bolting door locks require the traditional metal key to gain entry. Unauthorized individuals could still gain access to the processing center along with an authorized individual.
  7. The MOST effective biometric control system is the one:

    • which has the highest equal-error rate (EER).
    • which has the lowest EER.
    • for which the false-rejection rate (FRR) is equal to the false-acceptance rate (FAR).
    • for which the FRR is equal to the failure-to-enroll rate (FER).
    The equal-error rate (EER) of a biometric system denotes the percent at which the false- acceptance rate (FAR) is equal to the false-rejection rate (FRR). The biometric that has the lowest EER is the most effective. The biometric that has the highest EER is the most ineffective. For any biometric, there will be a measure at which the FRR will be equal to the FAR. This is the EER. FER is an aggregate measure of FRR.
  8. Which of the following is the BEST way to satisfy a two-factor user authentication?

    • A smart card requiring the user’s PIN
    • User ID along with password
    • Iris scanning plus fingerprint scanning
    • A magnetic card requiring the user’s PIN
    A smart card addresses what the user has. This is generally used in conjunction with testing what the user knows, e.g., a keyboard password or personal identification number (PIN). An ID and password, what the user knows, is a single-factor user authentication. Choice C is not a two- factor user authentication because it is only biometric. Choice D is similar to choice A, but the magnetic card may be copied; therefore, choice A is the best way to satisfy a two-factor user authentication.
  9. What should an organization do before providing an external agency physical access to its information processing facilities (IPFs)?

    • The processes of the external agency should be subjected to an IS audit by an independent agency.
    • Employees of the external agency should be trained on the security procedures of the organization.
    • Any access by an external agency should be limited to the demilitarized zone (DMZ).
    • The organization should conduct a risk assessment and design and implement appropriate controls.
    Physical access of information processing facilities (IPFs) by an external agency introduces additional threats into an organization. Therefore, a risk assessment should be conducted and controls designed accordingly. The processes of the external agency are not of concern here. It is the agency’s interaction with the organization that needs to be protected. Auditing their processes would not be relevant in this scenario. Training the employees of the external agency may be one control procedure, but could be performed after access has been granted. Sometimes an external agency may require access to the processing facilities beyond the demilitarized zone (DMZ). For example, an agency which undertakes maintenance of servers may require access to the main server room. Restricting access within the DMZ will not serve the purpose.
  10. An IS auditor is reviewing the physical security measures of an organization. Regarding the access card system, the IS auditor should be MOST concerned that:

    • nonpersonalized access cards are given to the cleaning staff, who use a sign-in sheet but show no proof of identity.
    • access cards are not labeled with the organization’s name and address to facilitate easy return of a lost card.
    • card issuance and rights administration for the cards are done by different departments, causing unnecessary lead time for new cards.
    • the computer system used for programming the cards can only be replaced after three weeks in the event of a system failure.
    Physical security is meant to control who is entering a secured area, so identification of all individuals is of utmost importance. It is not adequate to trust unknown external people by allowing them to write down their alleged name without proof, e.g., identity card, driver’s license. Choice B is not a concern because if the name and address of the organization was written on the card, a malicious finder could use the card to enter the organization’s premises. Separating card issuance from technical rights management is a method to ensure a proper segregation of duties so that no single person can produce a functioning card for a restricted area within the organization’s premises. Choices B and C are good practices, not concerns. Choice D may be a concern, but not as important since a system failure of the card programming device would normally not mean that the readers do not function anymore. It simply means that no new cards can be issued, so this option is minor compared to the threat of improper identification.
  11. Which of the following is the BEST way to handle obsolete magnetic tapes before disposing of them?

    • Overwriting the tapes
    • initializing the tape labels
    • Degaussing the tapes
    • Erasing the tapes
    The best way to handle obsolete magnetic tapes is to degauss them. This action leaves a very low residue of magnetic induction, essentially erasing the data from the tapes. Overwriting or erasing the tapes may cause magnetic errors but would not remove the data completely.
    Initializing the tape labels would not remove the data that follows the label.
  12. Which of the following is the MOST important objective of data protection?

    • identifying persons who need access to information
    • Ensuring the integrity of information
    • Denying or authorizing access to the IS system
    • Monitoring logical accesses
    Maintaining data integrity is the most important objective of data security. This is a necessity if an organization is to continue as a viable and successful enterprise. The other choices are important techniques for achieving the objective of data integrity.
  13. Which of the following aspects of symmetric key encryption influenced the development of asymmetric encryption?

    • Processing power
    • Volume of data
    • Key distribution
    • Complexity of the algorithm
    Symmetric key encryption requires that the keys be distributed. The larger the user group, the more challenging the key distribution. Symmetric key cryptosystems are generally less complicated and, therefore, use less processing power than asymmetric techniques, thus making it ideal for encrypting a large volume of data. The major disadvantage is the need to get the keys into the hands of those with whom you want to exchange data, particularly in e-commerce environments, where customers are unknown, untrusted entities 
  14. A hard disk containing confidential data was damaged beyond repair. What should be done to the hard disk to prevent access to the data residing on it?

    • Rewrite the hard disk with random Os and Is.
    • Low-level format the hard disk.
    • Demagnetize the hard disk.
    • Physically destroy the hard disk.
    Physically destroying the hard disk is the most economical and practical way to ensure that the data cannot be recovered. Rewriting data and low-level formatting are impractical, because the hard disk is damaged. Demagnetizing is an inefficient procedure, because it requires specialized and expensive equipment to be fully effective.
  15. Which of the following is the MOST robust method for disposing of magnetic media that contains confidential information?

    • Degaussing
    • Defragmenting
    • Erasing
    • Destroying
    Destroying magnetic media is the only way to assure that confidential information cannot be recovered. Degaussing or demagnetizing is not sufficient to fully erase information from magnetic media. The purpose of defragmentation is to eliminate fragmentation in file systems and does not remove information. Erasing or deleting magnetic media does not remove the information; this method simply changes a file’s indexing information.
  16. Which of the following would MOST effectively control the usage of universal storage bus (USB) storage devices?

    • Policies that require instant dismissal if such devices are found
    • Software for tracking and managing USB storage devices
    • Administratively disabling the USB port
    • Searching personnel for USB storage devices at the facility’s entrance
    Software for centralized tracking and monitoring would allow a USB usage policy to be applied to each user based on changing business requirements, and would provide for monitoring and reporting exceptions to management. A policy requiring dismissal may result in increased employee attrition and business requirements would not be properly addressed. Disabling ports would be complex to manage and might not allow for new business needs. Searching of personnel for USB storage devices at the entrance to a facility is not a practical solution since these devices are small and could be easily hidden.
  17. An organization is disposing of a number of laptop computers. Which of the following data destruction methods would be the MOST effective?

    • Run a low-level data wipe utility on all hard drives
    • Erase all data file directories
    • Format all hard drives
    • Physical destruction of the hard drive
    The most effective method is physical destruction. Running a low-level data wipe utility may leave some residual data that could be recovered; erasing data directories and formatting hard drives are easily reversed, exposing all data on the drive to unauthorized individuals.
  18. To ensure authentication, confidentiality and integrity of a message, the sender should encrypt the hash of the message with the sender’s:

    • public key and then encrypt the message with the receiver’s private key.
    • private key and then encrypt the message with the receiver’s public key.
    • public key and then encrypt the message with the receiver’s public key.
    • private key and then encrypt the message with the receiver’s private key.
    Obtaining the hash of the message ensures integrity; signing the hash of the message with the sender’s private key ensures the authenticity of the origin, and encrypting the resulting message with the receiver’s public key ensures confidentiality. The other choices are incorrect.
  19. Which of the following would be the MOST significant audit finding when reviewing a point-of-sale (POS) system?

    • invoices recorded on the POS system are manually entered into an accounting application
    • An optical scanner is not used to read bar codes for the generation of sales invoices
    • Frequent power outages occur, resulting in the manual preparation of invoices
    • Customer credit card information is stored unencrypted on the local POS system
    It is important for the IS auditor to determine if any credit card information is stored on the local point-of-sale (POS) system. Any such information, if stored, should be encrypted or protected by other means to avoid the possibility of unauthorized disclosure. Manually inputting sale invoices into the accounting application is an operational issue, if the POS system were to be interfaced with the financial accounting application, the overall efficiency could be improved. The non availability of optical scanners to read bar codes of the products and power outages are operational issues. 
  20. When reviewing the procedures for the disposal of computers, which of the following should be the GREATEST concern for the IS auditor?

    • Hard disks are overwritten several times at the sector level, but are not reformatted before leaving the organization.
    • All files and folders on hard disks are separately deleted, and the hard disks are formatted before leaving the organization.
    • Hard disks are rendered unreadable by hole-punching through the platters at specific positions before leaving the organization.
    • The transport of hard disks is escorted by internal security staff to a nearby metal recycling company, where the hard disks are registered and then shredded.
    Deleting and formatting does not completely erase the data but only marks the sectors that contained files as being free. There are tools available over the Internet which allow one to reconstruct most of a hard disk’s contents. Overwriting a hard disk at the sector level would completely erase data, directories, indices and master file tables. Reformatting is not necessary since all contents are destroyed. Overwriting several times makes useless some forensic measures which are able to reconstruct former contents of newly overwritten sectors by analyzing special magnetic features of the platter’s surface. While hole-punching does not delete file contents, the hard disk cannot be used anymore, especially when head parking zones and track zero information are impacted. Reconstructing data would be extremely expensive since all analysis must be performed under a clean room atmosphere and is only possible within a short time frame or until the surface is corroded. Data reconstruction from shredded hard disks is virtually impossible, especially when the scrap is mixed with other metal parts. If the transport can be secured and the destruction be proved as described in the option, this is a valid method of disposal.