Last Updated on December 13, 2021 by Admin 3

CISA : Certified Information Systems Auditor : Part 97

  1. An accurate biometric system usually exhibits (Choose two.):

    • low EER
    • low CER
    • high EER
    • high CER
    • None of the choices.

    Explanation: 
    One most commonly used measure of real-world biometric systems is the rate at which both accept and reject errors are equal: the equal error rate (EER), also known as the cross-over error rate (CER). The lower the EER or CER, the more accurate the system is considered to be.

  2. As part of the IEEE 802.11 standard ratified in September 1999, WEP uses which stream cipher for confidentiality?

    • CRC-32
    • CRC-64
    • DES
    • 3DES
    • RC4
    • RC5
    • None of the choices.
    Explanation: 
    As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity.
  3. As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the CRC- 32 checksum for:

    • integrity.
    • validity.
    • accuracy.
    • confidentiality.
    • None of the choices.
    Explanation: 
    As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity.
    Many WEP systems require a key in hexadecimal format. If one chooses keys that spell words in the limited 0-9, A-F hex character set, these keys can be easily guessed.
  4. Many WEP systems require a key in a relatively insecure format. What format is this?

    • binary format.
    • hexadecimal format.
    • 128 bit format.
    • 256 bit format.
    • None of the choices.
    Explanation: 
    As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity.
    Many WEP systems require a key in hexadecimal format. If one chooses keys that spell words in the limited 0-9, A-F hex character set, these keys can be easily guessed.
  5. Wi-Fi Protected Access implements the majority of which IEEE standard?

    • 802.11i
    • 802.11g
    • 802.11x
    • 802.11v
    • None of the choices.
    Explanation: 
    Wi-Fi Protected Access (WPA / WPA2) is a class of systems to secure wireless computer networks. It implements the majority of the IEEE 802.11i standard, and is designed to work with all wireless network interface cards (but not necessarily with first generation wireless access points). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.
  6. One major improvement in WPA over WEP is the use of a protocol which dynamically changes keys as the system is used. What protocol is this?

    • SKIP
    • RKIP
    • OKIP
    • EKIP
    • TKIP
    • None of the choices.
    Explanation: 
    Wi-Fi Protected Access (WPA / WPA2) is a class of systems to secure wireless computer networks. It implements the majority of the IEEE 802.11i standard, and is designed to work with all wireless network interface cards (but not necessarily with first generation wireless access points). One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.
  7. Which of the following refers to a symmetric key cipher which operates on fixedlength groups of bits with an unvarying transformation?

    • stream cipher
    • block cipher
    • check cipher
    • string cipher
    • None of the choices.
    Explanation: 
    In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation.
    A stream cipher, on the other hand, operates on individual digits one at a time.
  8. Which of the following typically consists of a computer, some real looking data and/or a network site that appears to be part of a production network but which is in fact isolated and well prepared?

    • honeypot
    • superpot
    • IDS
    • IPS
    • firewall
    • None of the choices.
    Explanation: 
    You may use a honeypot to detect and deflect unauthorized use of your information systems. A typical honeypot consists of a computer, some real looking data and/or a network site that appears to be part of a production network but which is in fact isolated and well prepared for trapping hackers.
  9. Which of the following is a tool you can use to simulate a big network structure on a single computer?

    • honeymoon
    • honeytrap
    • honeytube
    • honeyd
    • None of the choices.
    Explanation: 
    honeyd is a GPL licensed software you can use to simulate a big network structure on a single computer.
  10. Which of the following are valid choices for the Apache/SSL combination (Choose three.):

    • the Apache-SSL project
    • third-party SSL patches
    • the mod_ssl module
    • the mod_css module
    • None of the choices.
    Explanation: 
    On Linux you have Apache which is supposed to be a safer choice of web service. In fact you have several choices for the Apache/SSL combination, such as the Apache-SSL project (www.apache-ssl.org) using third-party SSL patches, or have Apache compiled with the mod_ssl module.
  11. What would be the major purpose of rootkit?

    • to hide evidence from system administrators.
    • to encrypt files for system administrators.
    • to corrupt files for system administrators.
    • to hijack system sessions.
    • None of the choices.
    Explanation: 
    rootkit originally describes those recompiled Unix tools that would hide any trace of the intruder.
    You can say that the only purpose of rootkit is to hide evidence from system administrators so there is no way to detect malicious special privilege access attempts.
  12. Most trojan horse programs are spread through:

    • e-mails.
    • MP3.
    • MS Office.
    • Word template.
    • None of the choices.
    Explanation: 
    “Most trojan horse programs are spread through e-mails. Some earlier trojan horse programs were bundled in “Root Kits”. For example, the Linux Root Kit version 3 (lrk3) which was released in December 96 had tcp wrapper trojans included and enhanced in the kit. Portable devices that run Linux can also be affected by trojan horse. The Trojan.Linux.JBellz Trojan horse runs as a malformed .mp3 file.”
  13. The Trojan.Linux.JBellz Trojan horse runs as a malformed file of what format?

    • e-mails.
    • MP3.
    • MS Office.
    • Word template.
    • None of the choices.
    Explanation: 
    “Most trojan horse programs are spread through e-mails. Some earlier trojan horse programs were bundled in “Root Kits”. For example, the Linux Root Kit version 3 (lrk3) which was released in December 96 had tcp wrapper trojans included and enhanced in the kit. Portable devices that run Linux can also be affected by trojan horse. The Trojan.Linux.JBellz Trojan horse runs as a malformed .mp3 file.”
  14. Which of the following types of spyware was originally designed for determining the sources of error or for measuring staff productivity?

    • Keywords logging
    • Keystroke logging
    • Directory logging
    • Password logging
    • None of the choices.
    Explanation: 
    Keystroke logging (in the form of spyware) was originally a function of diagnostic tool deployed by software developers for capturing user’s keystrokes.
    This is done for determining the sources of error or for measuring staff productivity.
  15. You should know the difference between an exploit and a vulnerability. Which of the following refers to a weakness in the system?

    • exploit
    • vulnerability
    • both
    Explanation: 
    You should know the difference between an exploit and a vulnerability. An exploit refers to software, data, or commands capable of taking advantage of a bug, glitch or vulnerability in order to cause unintended behavior. Vulnerability in this sense refers to a weakness in the system.
  16. Which of the following is a rewrite of ipfwadm?

    • ipchains
    • iptables
    • Netfilter
    • ipcook
    • None of the choices.
    Explanation: 
    ipchains is a free software based firewall running on earlier Linux. It is a rewrite of ipfwadm but is superseded by iptables in Linux 2.4 and above. Iptables controls the packet filtering and NAT components within the Linux kernel. It is based on Netfilter, a framework which provides a set of hooks within the Linux kernel for intercepting and manipulating network packets.
  17. Iptables is based on which of the following frameworks?

    • Netfilter
    • NetDoom
    • NetCheck
    • NetSecure
    • None of the choices.
    Explanation: 
    ipchains is a free software based firewall running on earlier Linux. It is a rewrite of ipfwadm but is superseded by iptables in Linux 2.4 and above.
    Iptables controls the packet filtering and NAT components within the Linux kernel. It is based on Netfilter, a framework which provides a set of hooks within the Linux kernel for intercepting and manipulating network packets.
  18. Cisco IOS based routers perform basic traffic filtering via which of the following mechanisms?

    • datagram scanning
    • access lists
    • stateful inspection
    • state checking
    • link progressing
    • None of the choices.
    Explanation: 
    In addition to deploying stateful firewall, you may setup basic traffic filtering on a more sophisticated router. As an example, on a Cisco IOS based router you may use ip access lists (ACL) to perform basic filtering on the network edge. Note that if they have denied too much traffic, something is obviously being too restrictive and you may want to reconfigure them.
  19. Which of the following correctly describe the potential problem of deploying Wi-Fi Protected Access to secure your wireless network?

    • potential compatibility problems with wireless network interface cards.
    • potential compatibility problems with wireless access points.
    • potential performance problems with wireless network interface cards.
    • potential performance problems with wireless access points.
    • None of the choices.
    Explanation: 
    Wi-Fi Protected Access (WPA / WPA2) is a class of systems to secure wireless computer networks. It implements the majority of the IEEE 802.11i standard, and is designed to work with all wireless network interface cards (but not necessarily with first generation wireless access points).
  20. The Federal Information Processing Standards (FIPS) were developed by:

    • the United States Federal government
    • ANSI
    • ISO
    • IEEE
    • IANA
    • None of the choices.
    Explanation: 
    Federal Information Processing Standards (FIPS) are publicly announced standards developed by the United States Federal government for use by all nonmilitary government agencies and by government contractors. Many FIPS standards are modified versions of standards used in the wider community.