Winter Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

Hot Vendors

Cybersecurity-Audit-Certificate ISACA Cybersecurity Audit Certificate Exam Questions and Answers

Questions 4

Which of the following provides additional protection other than encryption to messages transmitted using portable wireless devices?

Options:

A.

Endpoint protection

B.

Intrusion detection system (IDS)

C.

Virtual private network (VPN)

D.

Intrusion prevention system (IPS)

Buy Now
Questions 5

During which incident response phase is the incident management team activated?

Options:

A.

Recovery

B.

Containment

C.

Eradication

D.

Identification

Buy Now
Questions 6

The GREATEST advantage of using a common vulnerability scoring system is that it helps with:

Options:

A.

risk aggregation.

B.

risk prioritization.

C.

risk elimination.

D.

risk quantification

Buy Now
Questions 7

Which of the following backup methods takes the MOST time for restoration of data?

Options:

A.

Incremental backup

B.

Offsite backup

C.

Full backup

D.

Differential backup

Buy Now
Questions 8

Which of the following is MOST likely to result in unidentified cybersecurity risks?

Options:

A.

Lack of cybersecurity procedures and guidelines

B.

Failure to identify and formalize roles and responsibilities for cybersecurity

C.

Lack of protocols for disclosure of serious cybersecurity breaches to authorities

D.

Failure to establish adequate recovery processes for cybersecurity events

Buy Now
Questions 9

What is the FIRST phase of the ISACA framework for auditors reviewing cryptographic environments?

Options:

A.

Evaluation of implementation details

B.

Hands-on testing

C.

Risk-based shakeout

D.

Inventory and discovery

Buy Now
Questions 10

Which of the following is the SLOWEST method of restoring data from backup media?

Options:

A.

Monthly backup

B.

Full backup

C.

Differential Backup

D.

Incremental backup

Buy Now
Questions 11

Which of the following is MOST critical to guiding and managing security activities throughout an organization to ensure objectives are met?

Options:

A.

Allocating a significant amount of budget to security investments

B.

Adopting industry security standards and frameworks

C.

Establishing metrics to measure and monitor security performance

D.

Conducting annual security awareness training for all employees

Buy Now
Questions 12

When performing a teaming exercise, which team works to integrate the defensive tactics and controls from the defending team with the threats and vulnerabilities found by the attacking team?

Options:

A.

Yellow team

B.

Red team

C.

Purple team

D.

Black team

Buy Now
Questions 13

Which of the following is the MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization?

Options:

A.

Fortified demilitarized zone

B.

Software defined perimeter

C.

Layer 3 virtual private network

D.

Virtual local area network

Buy Now
Questions 14

In public key cryptography, digital signatures are primarily used to;

Options:

A.

ensure message integrity.

B.

ensure message accuracy.

C.

prove sender authenticity.

D.

maintain confidentiality.

Buy Now
Questions 15

Which of the following is MOST effective in detecting unknown malware?

Options:

A.

Host-based firewall

B.

Signature-based anti-malware

C.

Regular patching

D.

Heuristic-based anti-malware

Buy Now
Questions 16

Which of the following provides the GREATEST assurance that data can be recovered and restored in a timely manner in the event of data loss?

Options:

A.

Backups of information are regularly tested.

B.

Data backups are available onsite for recovery.

C.

The recovery plan is executed during or after an event

D.

full data backup is performed daily.

Buy Now
Questions 17

An IS auditor has learned that a cloud service provider has not adequately secured its application programming interface (API). Which of the following is MOST important for the auditor to consider in an assessment of the potential risk factors?

Options:

A.

Resource contention

B.

Identity spoofing and phishing

C.

Confidentiality, integrity, and availability

D.

Denial of service

Buy Now
Questions 18

Which of the following is a computer-software vulnerability that is unknown to those who would be interested in mitigating the vulnerability?

Options:

A.

Cross-site scripting vulnerability

B.

SQL injection vulnerability

C.

Memory leakage vulnerability

D.

Zero-day vulnerability

Buy Now
Questions 19

Which of the following is the BEST indication that an organization’s vulnerability management process is operating effectively?

Options:

A.

Remediation efforts are communicated to management

B.

The vulnerability program is formally approved

C.

The vulnerability program is reviewed annually.

D.

Remediation efforts are prioritized.

Buy Now
Questions 20

Within the NIST core cybersecurity framework, which function is associated with using organizational understanding to minimize risk to systems, assets, and data?

Options:

A.

Detect

B.

Identify

C.

Recover

D.

Respond

Buy Now
Questions 21

What is the MAIN objective of an intrusion detection system (IDS) policy?

Options:

A.

To define the assets covered by intrusion detection systems (IDSs)

B.

To establish the criteria and reporting requirements associated with intrusion events

C.

To define the response time required of security personnel when an intrusion is detected

D.

To establish the actions to be taken by security personnel in the event an intruder is detected

Buy Now
Questions 22

Which of the following backup procedure would only copy files that have changed since the last backup was made?

Options:

A.

Incremental backup

B.

Daily backup

C.

Differential backup

D.

Full backup

Buy Now
Questions 23

Which of the following is the PRIMARY goal of implementing a change management process?

Options:

A.

To ensure changes are communicated to the process owners prior to going live

B.

To minimize disruptions to the business from system changes

C.

To ensure that changes made to a system are performed on schedule

D.

To validate that changes to the system provide the expected return on investment

Buy Now
Questions 24

Which of the following is the BEST indication of mature third-party vendor risk management for an organization?

Options:

A.

The third party's security program Mows the organization s security program.

B.

The organization maintains vendor security assessment checklists.

C.

The third party maintains annual assessments of control effectiveness.

D.

The organization's security program follows the thud party's security program.

Buy Now
Questions 25

Which of the following is a known potential risk of using a software defined perimeter (SDP) controller?

Options:

A.

Unauthorized access may jeopardize data confidentiality, integrity, or availability.

B.

Operations may be adversely affected if data cannot be recovered and restored timely.

C.

Unauthorized use of valid credentials may compromise encrypted data at rest.

D.

An ineffective firewall may fail to identify and block unwanted network traffic.

Buy Now
Questions 26

Which of the following is the MOST important consideration when choosing between different types of cloud services?

Options:

A.

Emerging risk and infrastructure scalability

B.

Security features available on demand

C.

Overall risk and benefits

D.

Reputation of the cloud providers

Buy Now
Questions 27

Which of the following is EASIEST for a malicious attacker to detect?

Options:

A.

Use of insufficient cryptography

B.

Insecure storage of sensitive data

C.

Susceptibility to reverse engineering

D.

Ability to tamper with mobile code

Buy Now
Questions 28

Which of the following devices is at GREATEST risk from activity monitoring and data retrieval?

Options:

A.

Mobile devices

B.

Cloud storage devices

C.

Desktop workstation

D.

Printing devices

Buy Now
Questions 29

Which control mechanism is used to detect the unauthorized modification of key configuration settings?

Options:

A.

Sandboxing

B.

Whitelisting

C.

URL filtering

D.

File integrity

Buy Now
Questions 30

Cyber threat intelligence aims to research and analyze trends and technical developments in which of the following areas?

Options:

A.

Industry-specific security regulator

B.

Cybercrime, hacktism. and espionage

C.

Cybersecurity risk scenarios

D.

Cybersecurity operations management

Buy Now
Questions 31

Which of the following is the MOST relevant type of audit to conduct when fraud has been detected following an incident?

Options:

A.

Cybersecurity audit

B.

Financial audit

C.

Forensics audit

D.

Cyber insurance audit

Buy Now
Questions 32

Which intrusion detection system component is responsible for collecting data in the form of network packets, log files, or system call traces?

Options:

A.

Packet filters

B.

Analyzers

C.

Administration modules

D.

Sensors

Buy Now
Questions 33

Which of the following is commonly referred to as a Wi-Fi hot-spot?

Options:

A.

Local area network (LAN)

B.

Wireless local area network (WLAN)

C.

Wireless personal area network (WPAN)

D.

Wide area network (WAN)

Buy Now
Questions 34

Which of the following is the GREATEST risk pertaining to sensitive data leakage when users set mobile devices to "always on" mode?

Options:

A.

An adversary can predict a user's login credentials.

B.

Mobile connectivity could be severely weakened.

C.

A user's behavior pattern can be predicted.

D.

Authorization tokens could be exploited.

Buy Now
Questions 35

Which of the following describes a system that enforces a boundary between two or more networks, typically forming a barrier between a secure and an open environment such as the Internet?

Options:

A.

Intrusion detection system (IDS)

B.

Intrusion prevention system (IPS)

C.

Firewall

D.

Router

Buy Now
Questions 36

Using digital evidence to provide validation that an attack has actually occurred is an example of;

Options:

A.

computer forensic

B.

extraction.

C.

identification.

D.

data acquisition.

Buy Now
Questions 37

Which of the following backup procedures would only copy files that have changed since the last backup was made?

Options:

A.

Incremental backup

B.

Differential backup

C.

Daily backup

D.

Full backup

Buy Now
Questions 38

Which of the following cloud characteristics describes computing capabilities that can be provisioned without human interaction from the service provider?

Options:

A.

On-demand self-service

B.

Measured service

C.

Broad network access

D.

Agile service management

Buy Now
Questions 39

Which of the following are politically motivated hackers who target specific individuals or organizations to achieve various ideological ends?

Options:

A.

Malware researchers

B.

Hacktivists

C.

Cybercriminals

D.

Script kiddies

Buy Now
Questions 40

In cloud computing, which type of hosting is MOST appropriate for a large organization that wants greater control over the environment?

Options:

A.

Private hosting

B.

Public hosting

C.

Shared hosting

D.

Hybrid hosting

Buy Now
Exam Name: ISACA Cybersecurity Audit Certificate Exam
Last Update: Nov 13, 2024
Questions: 134

PDF + Testing Engine

$56  $159.99

Testing Engine

$42  $119.99
buy now Cybersecurity-Audit-Certificate testing engine

PDF (Q&A)

$35  $99.99
buy now Cybersecurity-Audit-Certificate pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 21 Nov 2024