Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtreat

Cybersecurity-Audit-Certificate ISACA Cybersecurity Audit Certificate Exam Questions and Answers

Questions 4

The discovery of known dangerous artifacts on a network such as IP addresses or domain names helps to identify which of the following?

Options:

A.

Data breach

B.

System vulnerabilities

C.

Unauthorized access

D.

Indicator of compromise

Buy Now
Questions 5

Which of the following controls BEST prevents users from intentionally or unintentionally accessing data they are not authorized to view?

Options:

A.

Least privilege

B.

Information security policy

C.

Encryption

D.

Passwords

Buy Now
Questions 6

Which of the following is a feature of an intrusion detection system (IDS)?

Options:

A.

Intrusion prevention

B.

Automated response

C.

Interface with firewalls

D.

Back doors into applications

Buy Now
Questions 7

During which incident response phase is the incident management team activated?

Options:

A.

Recovery

B.

Containment

C.

Eradication

D.

Identification

Buy Now
Questions 8

Which intrusion detection system component is responsible for collecting data in the form of network packets, log files, or system call traces?

Options:

A.

Packet filters

B.

Analyzers

C.

Administration modules

D.

Sensors

Buy Now
Questions 9

Which of the following devices is at GREATEST risk from activity monitoring and data retrieval?

Options:

A.

Mobile devices

B.

Cloud storage devices

C.

Desktop workstation

D.

Printing devices

Buy Now
Questions 10

Which of the following backup procedures would only copy files that have changed since the last backup was made?

Options:

A.

Incremental backup

B.

Differential backup

C.

Daily backup

D.

Full backup

Buy Now
Questions 11

Which of the following defines the minimum acceptable rules for policy compliance?

Options:

A.

Baselines

B.

Guidelines

C.

Standards

D.

Frameworks

Buy Now
Questions 12

Which of the following is the BEST method of maintaining the confidentiality of digital information?

Options:

A.

Use of access controls, file permissions, and encryption

B.

Use of backups and business continuity planning

C.

Use of logging digital signatures, and write protection

D.

Use of the awareness tracing programs and related end-user testing

Buy Now
Questions 13

A healthcare organization recently acquired another firm that outsources its patient information processing to a third-party Software as a Service (SaaS) provider. From a regulatory perspective, which of the following is MOST important for the healthcare organization to determine?

Options:

A.

Cybersecurity risk assessment methodology

B.

Encryption algorithms used to encrypt the data

C.

Incident escalation procedures

D.

Physical location of the data

Buy Now
Questions 14

Which of the following are politically motivated hackers who target specific individuals or organizations to achieve various ideological ends?

Options:

A.

Malware researchers

B.

Hacktivists

C.

Cybercriminals

D.

Script kiddies

Buy Now
Questions 15

Which of the following cloud characteristics refers to resource utilization that can be optimized by leveraging charge-per-use capabilities?

Options:

A.

On demand self-service

B.

Elasticity

C.

Measured service

D.

Resource pooling

Buy Now
Questions 16

Which process converts extracted information to a format understood by investigators?

Options:

A.

Reporting

B.

Ingestion

C.

imaging

D.

Filtering

Buy Now
Questions 17

What is the FIRST phase of the ISACA framework for auditors reviewing cryptographic environments?

Options:

A.

Evaluation of implementation details

B.

Hands-on testing

C.

Risk-based shakeout

D.

Inventory and discovery

Buy Now
Questions 18

Which of the following backup procedure would only copy files that have changed since the last backup was made?

Options:

A.

Incremental backup

B.

Daily backup

C.

Differential backup

D.

Full backup

Buy Now
Questions 19

Which of the following describes Secure Hypertext Transfer Protocol (HTTPS)?

Options:

A.

HTTP protected by symmetric encryption

B.

HTTP with an encrypted session via Transport Layer Security

C.

HTTP protected by asymmetric encryption

D.

HTTP with an encrypted session via MD5 or RC4 protocols

Buy Now
Questions 20

A data loss prevention (DLP) program helps protect an organization from:

Options:

A.

crypto ransomware infection.

B.

unauthorized access to servers and applications.

C.

unauthorized data modification.

D.

exfiltration of sensitive data.

Buy Now
Questions 21

What is the FIRST phase of the ISACA framework for auditors reviewing cryptographic environments?

Options:

A.

Evaluation of implementation details

B.

Hands-on testing

C.

Risk-based shakeout

D.

Inventory and discovery

Buy Now
Questions 22

Which of the following continuous auditing tools scans and flags business transactions according to predefined criteria on a real-time basis?

Options:

A.

Vulnerability scanner

B.

Automated governance, risk, and compliance (GRC) tool

C.

Intrusion detection system (IDS)

D.

Real-time antivirus protection tool

Buy Now
Questions 23

Which of the following is a passive activity that could be used by an attacker during reconnaissance to gather information about an organization?

Options:

A.

Using open source discovery

B.

Scanning the network perimeter

C.

Social engineering

D.

Crafting counterfeit websites

Buy Now
Questions 24

When reviewing user management roles, which of the following groups presents the GREATEST risk based on their permissions?

Options:

A.

Privileged users

B.

Database administrators

C.

Terminated employees

D.

Contractors

Buy Now
Questions 25

Which of the following BEST helps IT administrators to ensure servers have no unnecessary features installed?

Options:

A.

Comparison against information security policy

B.

Review of vulnerability scanning results

C.

Comparison against baseline standards

D.

Verification of user acceptance testing

Buy Now
Questions 26

Which of the following is the SLOWEST method of restoring data from backup media?

Options:

A.

Monthly backup

B.

Full backup

C.

Differential Backup

D.

Incremental backup

Buy Now
Questions 27

in key protection/management, access should be aligned with which of the following?

Options:

A.

System limitation

B.

Least privilege

C.

Position responsibilities

D.

Role descriptions

Buy Now
Questions 28

An information security procedure indicates a requirement to sandbox emails. What does this requirement mean?

Options:

A.

Ensure the emails are encrypted and provide nonrepudiation.

B.

Provide a backup of emails in the event of a disaster

C.

isolate the emails and test for malicious content

D.

Guarantee rapid email delivery through firewalls.

Buy Now
Questions 29

Which of the following is MOST important to verify when reviewing the effectiveness of an organization's identity management program?

Options:

A.

Processes are approved by the process owner.

B.

Processes are aligned with industry best practices.

C.

Processes are centralized and standardized.

D.

Processes are updated and documented annually.

Buy Now
Questions 30

Which of the following features of an anti-malware application is MOST helpful in protecting an organization from the potential of infected computers using a virtual private network (VPN)?

Options:

A.

Data heuristics

B.

On-demand scanning

C.

Endpoint remote control

D.

Data packet analysis

Buy Now
Questions 31

Which of the following is the MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization?

Options:

A.

Fortified demilitarized zone

B.

Software defined perimeter

C.

Layer 3 virtual private network

D.

Virtual local area network

Buy Now
Questions 32

Which type of tools look for anomalies in user behavior?

Options:

A.

Rootkit detection tools

B.

Trend/variance-detection tools

C.

Audit reduction tools

D.

Attack-signature-detection tools

Buy Now
Questions 33

Using a data loss prevention (DLP) solution to monitor data saved to a USB memory device is an example of managing:

Options:

A.

data in use.

B.

data redundancy.

C.

data availability.

D.

data at rest.

Buy Now
Questions 34

Which of the following is MOST likely to result in unidentified cybersecurity risks?

Options:

A.

Lack of cybersecurity procedures and guidelines

B.

Failure to identify and formalize roles and responsibilities for cybersecurity

C.

Lack of protocols for disclosure of serious cybersecurity breaches to authorities

D.

Failure to establish adequate recovery processes for cybersecurity events

Buy Now
Questions 35

Which of the following is the MOST relevant type of audit to conduct when fraud has been detected following an incident?

Options:

A.

Cybersecurity audit

B.

Financial audit

C.

Forensics audit

D.

Cyber insurance audit

Buy Now
Questions 36

Which of the following is the GREATEST risk pertaining to sensitive data leakage when users set mobile devices to "always on" mode?

Options:

A.

An adversary can predict a user's login credentials.

B.

Mobile connectivity could be severely weakened.

C.

A user's behavior pattern can be predicted.

D.

Authorization tokens could be exploited.

Buy Now
Questions 37

Which of the following provides additional protection other than encryption to messages transmitted using portable wireless devices?

Options:

A.

Endpoint protection

B.

Intrusion detection system (IDS)

C.

Virtual private network (VPN)

D.

Intrusion prevention system (IPS)

Buy Now
Questions 38

Which of the following describes specific, mandatory controls or rules to support and comply with a policy?

Options:

A.

Frameworks

B.

Guidelines

C.

Basedine

D.

Standards

Buy Now
Questions 39

Which of the following describes computing capabilities that are available over the network and can be accessed by diverse client platforms?

Options:

A.

Resource pooling

B.

Shared network access

C.

Private network access

D.

Broad network access

Buy Now
Questions 40

One way to control the integrity of digital assets is through the use of:

Options:

A.

policies.

B.

frameworks.

C.

caching

D.

hashing.

Buy Now
Exam Name: ISACA Cybersecurity Audit Certificate Exam
Last Update: May 23, 2024
Questions: 134
Cybersecurity-Audit-Certificate pdf

Cybersecurity-Audit-Certificate PDF

$28  $80
Cybersecurity-Audit-Certificate Engine

Cybersecurity-Audit-Certificate Testing Engine

$33.25  $95
Cybersecurity-Audit-Certificate PDF + Engine

Cybersecurity-Audit-Certificate PDF + Testing Engine

$45.5  $130