《CISAPRACTICEQUESTIONALL》由会员分享,可在线阅读,更多相关《CISAPRACTICEQUESTIONALL(265页珍藏版)》请在金锄头文库上搜索。
1、2009 CISA PRACTICE QUESTION ALL(800) QUESTIONS: 1、Which of the following antispam filtering techniques would BEST prevent a valid, variable-length e-mail message containing a heavily weighted spam keyword from being labeled as spam? A、Heuristic (rule-based) B、Signature-based C、Pattern matching D、Bay
2、esian (statistical) ANSWER:D NOTE:Bayesian filtering applies statistical modeling to messages, by performing a frequency analysis on each word within the message and then evaluating the message as a whole. Therefore, it can ignore a suspicious keyword if the entire message is within normal bounds. H
3、euristic filtering is less effective, since new exception rules may need to be defined when a valid message is labeled as spam. Signature-based filtering is useless against variable-length messages, because the calculated MD5 hash changes all the time. Finally, pattern matching is actually a degrade
4、d rule-based technique, where the rules operate at the word level using wildcards, and not at higher levels. 2、An offsite information processing facility with electrical wiring, air conditioning and flooring, but no computer or communications equipment, is a: A、cold site. B、warm site. C、dial-up site
5、. D、duplicate processing facility. ANSWER:A NOTE:A cold site is ready to receive equipment but does not offer any components at the site in advance of the need. A warm site is an offsite backup facility that is partially configured with network connections and selected peripheral equipmentsuch as di
6、sk and tape units, controllers and CPUsto operate an information processing facility. A duplicate information processing facility is a dedicated, self-developed recovery site that can back up critical applications. 3、Which of the following is MOST directly affected by network performance monitoring
7、tools? A、Integrity B、Availability C、Completeness D、Confidentiality ANSWER:B NOTE:In case of a disruption in service, one of the key functions of network performance monitoring tools is to ensure that the information has remained unaltered. It is a function of security monitoring to assure confidenti
8、ality by using such tools as encryption. However, the most important aspect of network performance is assuring the ongoing dependence on connectivity to run the business. Therefore, the characteristic that benefits the most from network monitoring is availability. 4、An IS auditor invited to a develo
9、pment project meeting notes that no project risks have been documented. When the IS auditor raises this issue, the project manager responds that it is too early to identify risks and that, if risks do start impacting the project, a risk manager will be hired. The appropriate response of the IS audit
10、or would be to: A、stress the importance of spending time at this point in the project to consider and document risks, and to develop contingency plans. B、accept the project managers position as the project manager is accountable for the outcome of the project. C、offer to work with the risk manager w
11、hen one is appointed. D、inform the project manager that the IS auditor will conduct a review of the risks at the completion of the requirements definition phase of the project. ANSWER:A NOTE:The majority of project risks can typically be identified before a project begins, allowing mitigation/avoida
12、nce plans to be put in place to deal with these risks. A project should have a clear link back to corporate strategy and tactical plans to support this strategy. The process of setting corporate strategy, setting objectives and developing tactical plans should include the consideration of risks. App
13、ointing a risk manager is a good practice but waiting until the project has been impacted by risks is misguided. Risk management needs to be forward looking; allowing risks to evolve into issues that adversely impact the project represents a failure of risk management. With or without a risk manager
14、, persons within and outside of the project team need to be consulted and encouraged to comment when they believe new risks have emerged or risk priorities have changed. The IS auditor has an obligation to the project sponsor and the organization to advise on appropriate project management practices. Waiting for the possible appointment of a risk manager represents an unnecessary and dangerous delay to implementing
