CISSP Exam Preparation (Question 236)

(236) Which choice below BEST describes a power sag?

A. Complete loss of power

B. Momentary low voltage

C. Prolonged high voltage

D. Momentary high voltage

Explanation:

Answer “Complete loss of power” is a blackout, answer “Momentary high volta ” is a spike,
and answer “Prolonged high voltage” is a surge.

- Muhammad Idham Azhari

CISSP Exam Preparation (Question 235)

(235) Which type of fire extinguisher below should be used on an electrical fire?

A. Soda Acid

B. CO2

C. Kerosene

D. Water

Explanation:

The most common electrical fire suppression mediums for an electrical or electronic fire are CO2, Halon , and its substitutes, including several inert gas agents.

- Muhammad Idham Azhari

CISSP Exam Preparation (Question 234)

(234) On June 30, 2000, the U.S. Congress enacted the Electronic Signatures in Global and National Commerce Act (ESIGN) to facilitate the use of electronic records and signatures in interstate and foreign commerce by ensuring the validity and legal effect of contracts entered into electronically. An important provision of the Act requires that:

A. The e-commerce businesses do not have to determine whether the  consumer has the ability to receive an electronic notice before  transmitting the legally required notices to the consumer.

B. Businesses have the ability to use product price to persuade  consumers to accept electronic records instead of paper.

C. Specific technologies be used to ensure technical compatibility.

D. Businesses obtain electronic consent or confirmation from consumers to receive information electronically that a law normally requires to be in writing.

Explanation:
The legislation is intent on preserving the consumers rights under consumer protection laws and went to extraordinary measures to meet this goal. Thus, a business must receive confirmation from the consumer in electronic format that the consumer consents to receiving information electronically that used to be in written form. This provision ensures that the consumer has access to the Internet and is familiar with the basics of electronic communications. Answer b is, therefore, incorrect. Answer c is also incorrect since the legislation reduces the ability of businesses to use product price unfairly to persuade consumers to accept electronic records. Answer d is incorrect since the legislation is specifically technology-neutral to permit the use of the best technology for the
application.

- Muhammad Idham Azhari

CISSP Exam Preparation (Question 233)

(233) Which is NOT considered a preventative security measure?

A. Preset locks

B. Guards

C. Fences

D. Audit trails

Explanation:
Audit trails are detective, rather than preventative, because they are used to piece together the information of an intrusion or intrusion attempt after the fact.

- Muhammad Idham Azhari

CISSP Exam Preparation (Question 232)

(232) Which is NOT a PC security control device?

A. A cable lock

B. A switch control

C. A port control

D. A file cabinet lock

Explanation:
A cable lock is used to attach the PC to a desk; a switch control is used to prevent powering off of a unit; and a port control (such as a diskette drive lock) is used to prevent data from being downloaded from the PC.

- Muhammad Idham Azhari

Fireworks

- Idham Azhari

CISSP Exam Preparation (Question 231)

(231) An IP spoofing attack can be best classified as a:

A. Session hijacking attack

B. Passive attack

C. Fragmentation attack

D. Sniffing attack

Explanation:

IP spoofing attempts to convince a system that it is communicating with a known entity, thus giving an intruder access. This is a type of session hijacking attack.

- Muhammad Idham Azhari

Puntung Rokok

- Idham Azhari

CISSP Exam Preparation (Question 230)

(230) Of the following authentication mechanisms, which creates a problem for mobile users?

A. Address-based mechanism

B. Reusable password mechanism

C. One-time password mechanism

D. Challenge-response mechanism

Explanation:

The address-based mechanism is used for establishing connections, not authentication. This leaves mobile users open to vulnerabilities.

- Muhammad Idham Azhari

CISSP Exam Preparation (Question 229)

(229) What kind of attacks are the lower layers (Physical, Link, Network, Transport) unable to protect against?

A. Piggyback

B. Brute force

C. Denial of service

D. Content-based

Explanation:
Lower layer protocols do not interact with data contained in the payload.

- Muhammad Idham Azhari

CISSP Exam Preparation (Question 228)

(228) Which of the following layers deals with Media Access Control (MAC) addresses?

A. Data Link layer

B. Physical layer

C. Transport layer

D. Network layer

Explanation:

The Data Link layer (Layer 2) transfers information to the other end of the Physical link. It handles physical addressing, network topology, error notification, delivery of frames, and flow control.

- Muhammad Idham Azhari

CISSP Exam Preparation (Question 227)

(227) To obtain an IP address from a MAC address, what mechanism is used?

A. Reverse Address Resolution Protocol (RARP)

B. Address Resolution Protocol (ARP)

C. Data Link layer

D. Network Address Translation (NAT)

Explanation:

The Reverse Address Resolution Protocol (RARP) sends out a packet that includes a MAC address and a request to be informed of the IP address that should be assigned to that MAC. Diskless workstations that need to obtain their IP address from the network may use this process.

- Muhammad Idham Azhari

CISSP Exam Preparation (Question 226)

(226) LAN devices that typically examine the entire packet are called:

A. Routers

B. Brouters

C. Switches

D. Gateways

Explanation:
Gateways are primarily software products that can be run on computers or other network devices. They can link different protocols and examine the entire packet.

- Muhammad Idham Azhari

CISA Exam Preparation (Question 110)

(110) A large chain of shops with electronic funds transfer (EFT) at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor?

A. Offsite storage of daily backups

B. Alternative standby processor onsite

C. installation of duplex communication links

D. Alternative standby processor at another network node

Explanation:
Having an alternative standby processor at another network node would be the best solution. The unavailability of the central communications processor would disrupt all access to the banking network, resulting in the disruption of operations for allof the shops. This could be caused by failure of equipment, power or communications. Offsite storage of backups would not help, since EFT tends to be an online process and offsite storage will not replace the dysfunctional processor. The provision ofan alternate processor onsite would be fine if it were an equipment problem, but would not help in the case of a power outage, installation of duplex communication links would be most appropriate if it were only the communication link that failed.

- Muhammad Idham Azhari

CISA Exam Preparation (Question 109)

(109) The MAIN purpose for periodically testing offsite facilities is to:

A. protect the integrity of the data in the database.

B. eliminate the need to develop detailed contingency plans.

C. ensure the continued compatibility of the contingency facilities.

D. ensure that program and system documentation remains current.

Explanation:
The main purpose of offsite hardware testing is to ensure the continued compatibility of the contingency facilities. Specific software tools are available to protect the ongoing integrity of the database. Contingency plans should not be eliminated and program and system documentation should be reviewed continuously for currency.

- Muhammad Idham Azhari

CISA Exam Preparation (Question 108)

(108) Disaster recovery planning (DRP) for a company’s computer system usually focuses on:

A. operations turnover procedures.

B. strategic long-range planning.

C. the probability that a disaster will occur.

D. alternative procedures to process transactions.

Explanation:
It is important that disaster recovery identifies alternative processes that can be put in place while the system is not available.

- Muhammad Idham Azhari

CISA Exam Preparation (Question 107)

(107) An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following:
The existing disaster recovery plan was compiled two years earlier by a systems analyst in the organization’s IT department using transaction flow projections from the operations department. The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his/her attention.
The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for its area in the event of a disruptive incident.
The basis of an organization’s disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical, hardware configuration is already established. An IS auditor should:

A. take no action as the lack of a current plan is the only significant finding.

B. recommend that the hardware configuration at each site is identical.

C. perform a review to verify that the second configuration can support live processing.

D. report that the financial expenditure on the alternative site is wasted without an effective plan.

Explanation:
An IS auditor does not have a finding unless it can be shown that the alternative hardware cannot support the live processing system. Even though the primary finding is the lack of a proven and communicated disaster recovery plan, it is essential that this aspect of recovery is included in the audit. If it is found to be inadequate, the finding will materially support the overall audit opinion. It is certainly not appropriate to take no action at all, leaving this important factor untested. Unless it is shown that the alternative site is inadequate, there can be no comment on the expenditure, even if this is considered a proper comment for the IS auditor to make. Similarly, there is no need for the configurations to be identical. The alternative site could actually exceed the recovery requirements if it is also used for other work, such as other processing or systems development and testing. The only proper course of action at this point would be to find out if the recovery site can actually cope with a recovery.

- Muhammad Idham Azhari