• Home
  • Articles
  • Pass ISACA Cybersecurity-Audit-Certificate Exam with Guarantee Updated 77 Questions [Q26-Q46]

Pass ISACA Cybersecurity-Audit-Certificate Exam with Guarantee Updated 77 Questions [Q26-Q46]

Share

Pass ISACA Cybersecurity-Audit-Certificate Exam with Guarantee Updated 77 Questions

Latest Cybersecurity-Audit-Certificate Pass Guaranteed Exam Dumps Certification Sample Questions

NEW QUESTION # 26
What is the FIRST activity associated with a successful cyber attack?

  • A. Maintaining a presence
  • B. Reconnaissance
  • C. Creating attack tools
  • D. Exploitation

Answer: B

Explanation:
Explanation
The FIRST activity associated with a successful cyber attack is reconnaissance. This is because reconnaissance is a phase of the cyber attack lifecycle that involves gathering information about the target organization or system, such as its network topology, IP addresses, open ports, services, vulnerabilities, etc. Reconnaissance helps to identify potential entry points and weaknesses that can be exploited by the attackers in later phases of the attack. The other options are not the first activity associated with a successful cyber attack, but rather follow after reconnaissance in the cyber attack lifecycle, such as exploitation (A), maintaining a presence C, or creating attack tools (D).


NEW QUESTION # 27
Cyber threat intelligence aims to research and analyze trends and technical developments in which of the following areas?

  • A. Cybersecurity risk scenarios
  • B. Cybersecurity operations management
  • C. Industry-specific security regulator
  • D. Cybercrime, hacktism. and espionage

Answer: D

Explanation:
Explanation
Cyber threat intelligence aims to research and analyze trends and technical developments in the areas of cybercrime, hacktivism, and espionage. These are the main sources of malicious cyber activities that pose risks to organizations and individuals. Cyber threat intelligence helps to understand the motivations, capabilities, tactics, techniques, and procedures of various threat actors and groups.


NEW QUESTION # 28
Which of the following is MOST critical to guiding and managing security activities throughout an organization to ensure objectives are met?

  • A. Adopting industry security standards and frameworks
  • B. Conducting annual security awareness training for all employees
  • C. Establishing metrics to measure and monitor security performance
  • D. Allocating a significant amount of budget to security investments

Answer: C

Explanation:
Explanation
The MOST critical thing to guiding and managing security activities throughout an organization to ensure objectives are met is establishing metrics to measure and monitor security performance. This is because metrics provide quantifiable and objective data that can be used to evaluate the effectiveness and efficiency of security activities, as well as identify gaps and areas for improvement. Metrics also enable communication and reporting of security performance to stakeholders, such as senior management, board members, auditors, regulators, customers, etc. The other options are not as critical as establishing metrics, because they either involve spending money without knowing the return on investment (A), adopting standards without customizing them to fit the organization's context and needs (B), or conducting training without assessing its impact on behavior change (D).


NEW QUESTION # 29
Which of the following devices is at GREATEST risk from activity monitoring and data retrieval?

  • A. Printing devices
  • B. Mobile devices
  • C. Cloud storage devices
  • D. Desktop workstation

Answer: B

Explanation:
Explanation
The device that is at GREATEST risk from activity monitoring and data retrieval is mobile devices. This is because mobile devices are devices that are portable, wireless, and connected to the Internet or other networks, such as smartphones, tablets, laptops, etc. Mobile devices are at greatest risk from activity monitoring and data retrieval, because they can be easily lost, stolen, or compromised by attackers who can access or extract the data stored or transmitted on the devices. Mobile devices can also be subject to activity monitoring and data retrieval by third-party applications or services that may collect or share the user's personal or sensitive information without their consent or knowledge. The other options are not devices that are at greatest risk from activity monitoring and data retrieval, but rather different types of devices that may have different levels of risk or protection from activity monitoring and data retrieval, such as cloud storage devices (B), desktop workstations C, or printing devices (D).


NEW QUESTION # 30
Which of the following is a feature of an intrusion detection system (IDS)?

  • A. Back doors into applications
  • B. Intrusion prevention
  • C. Automated response
  • D. Interface with firewalls

Answer: C

Explanation:
Explanation
A feature of an intrusion detection system (IDS) is automated response. This is because an IDS is a system that monitors network or system activities for malicious or anomalous behavior, and alerts or reports on any detected incidents. An IDS can also perform automated response actions, such as blocking traffic, terminating sessions, or sending notifications, to contain or mitigate the incidents. The other options are not features of an IDS, but rather different concepts or techniques that are related to intrusion detection or prevention, such as intrusion prevention (A), interface with firewalls C, or back doors into applications (D).


NEW QUESTION # 31
Which of the following describes specific, mandatory controls or rules to support and comply with a policy?

  • A. Frameworks
  • B. Basedine
  • C. Standards
  • D. Guidelines

Answer: C

Explanation:
Explanation
Specific, mandatory controls or rules to support and comply with a policy are known as standards. This is because standards define the minimum level of performance or behavior that is expected from an organization or its employees in order to achieve a policy objective or requirement. Standards also provide clear and measurable criteria for auditing and monitoring compliance with policies. The other options are not specific, mandatory controls or rules to support and comply with a policy, but rather different types of documents or tools that provide guidance or recommendations for implementing policies or controls, such as frameworks (A), guidelines (B), or baselines C.


NEW QUESTION # 32
Which of the following backup procedure would only copy files that have changed since the last backup was made?

  • A. Differential backup
  • B. Incremental backup
  • C. Daily backup
  • D. Full backup

Answer: B

Explanation:
Explanation
The backup procedure that would only copy files that have changed since the last backup was made is an incremental backup. This is because an incremental backup is a type of backup that only copies the files that have been created or modified since the previous backup, whether it was a full or an incremental backup. An incremental backup helps to reduce the backup time and storage space, as well as the recovery time, as only the changed files need to be restored. The other options are not backup procedures that would only copy files that have changed since the last backup was made, but rather different types of backup procedures that copy files based on different criteria, such as daily backup (B), differential backup C, or full backup (D).


NEW QUESTION # 33
Which of the following BEST facilitates the development of metrics for repotting to senior management on vulnerability management efforts?

  • A. Monitoring the frequency of vulnerability assessments using automated scans
  • B. Reviewing business impact analysis (BIA) results
  • C. Regularly benchmarking the number of new vulnerabilities identified with industry peers
  • D. Tracking vulnerabilities and the remediation efforts to mitigate them

Answer: D

Explanation:
Explanation
The BEST feature that facilitates the development of metrics for reporting to senior management on vulnerability management efforts is tracking vulnerabilities and the remediation efforts to mitigate them. This is because tracking vulnerabilities and remediation efforts helps to measure and monitor the performance and effectiveness of vulnerability management efforts, by providing quantifiable and objective data on the number, severity, impact, status, and resolution time of vulnerabilities. Tracking vulnerabilities and remediation efforts also helps to identify and communicate any gaps or issues in vulnerability management efforts to senior management and other stakeholders. The other options are not features that facilitate the development of metrics for reporting to senior management on vulnerability management efforts, but rather different aspects or factors that affect vulnerability management efforts, such as reviewing business impact analysis (BIA) results (A), benchmarking with industry peers (B), or monitoring the frequency of vulnerability assessments (D).


NEW QUESTION # 34
Which of the following cloud characteristics refers to resource utilization that can be optimized by leveraging charge-per-use capabilities?

  • A. Resource pooling
  • B. Elasticity
  • C. On demand self-service
  • D. Measured service

Answer: D

Explanation:
Explanation
The cloud characteristic that refers to resource utilization that can be optimized by leveraging charge-per-use capabilities is measured service. This is because measured service is a characteristic of cloud computing that involves monitoring, controlling, and reporting on the usage and consumption of cloud resources by cloud providers and consumers. Measured service helps to optimize resource utilization by leveraging charge-per-use capabilities, which means that cloud consumers only pay for the amount of resources that they actually use or consume, rather than paying for fixed or predetermined amounts of resources. The other options are not cloud characteristics that refer to resource utilization that can be optimized by leveraging charge-per-use capabilities, but rather different characteristics of cloud computing that describe other aspects or benefits of cloud services, such as on demand self-service (A), elasticity (B), or resource pooling (D).


NEW QUESTION # 35
Which of the following is the BEST indication that an organization's vulnerability management process is operating effectively?

  • A. Remediation efforts are communicated to management
  • B. The vulnerability program is formally approved
  • C. Remediation efforts are prioritized.
  • D. The vulnerability program is reviewed annually.

Answer: C

Explanation:
Explanation
The BEST indication that an organization's vulnerability management process is operating effectively is that remediation efforts are prioritized. This is because prioritizing remediation efforts helps to ensure that the most critical and urgent vulnerabilities are addressed first, based on their severity, impact, and exploitability.
Prioritizing remediation efforts also helps to optimize the use of resources and time for mitigating vulnerabilities and reducing risks. The other options are not as indicative of an effective vulnerability management process, because they either involve communicating (A), approving (B), or reviewing C aspects that are not directly related to remediating vulnerabilities.


NEW QUESTION # 36
Which of the following is an objective of public key infrastructure (PKI)?

  • A. Independently authenticating the validity of the sender's public key
  • B. Securely distributing secret keys to the communicating parties
  • C. Creating the private-public key pair for secure communications
  • D. Approving the algorithm to be used during data transmission

Answer: A

Explanation:
Explanation
An objective of public key infrastructure (PKI) is to independently authenticate the validity of the sender's public key. PKI is a system that uses cryptographic keys to secure communications and transactions. PKI involves a trusted third party called a certificate authority (CA) that issues digital certificates that link a public key with an identity. The recipient can use the CA's public key to verify the sender's certificate and public key.


NEW QUESTION # 37
Which of the following is the MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization?

  • A. Fortified demilitarized zone
  • B. Software defined perimeter
  • C. Virtual local area network
  • D. Layer 3 virtual private network

Answer: C

Explanation:
Explanation
The MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization is using a virtual local area network (VLAN). A VLAN is a logical grouping of network devices that share the same broadcast domain regardless of their physical location or connection. A VLAN can enhance network security by isolating different types of traffic or users from each other and applying different security policies or rules based on the VLAN membership. For example, an organization can create a VLAN for HR desktops and internal laptop users that restricts their access to only HR-related systems or resources. A VLAN can also reduce network costs by saving bandwidth, improving performance, and simplifying management.


NEW QUESTION # 38
Which control mechanism is used to detect the unauthorized modification of key configuration settings?

  • A. URL filtering
  • B. File integrity
  • C. Whitelisting
  • D. Sandboxing

Answer: B

Explanation:
Explanation
The control mechanism that is used to detect the unauthorized modification of key configuration settings is file integrity. File integrity is the property of ensuring that files are not altered or corrupted by unauthorized users or processes. File integrity can be monitored by using tools that compare the current state of files with a baseline or checksum and alert on any changes.


NEW QUESTION # 39
Which of the following features of continuous auditing provides the BEST level of assurance over traditional sampling?

  • A. Reports can be generated more frequently for management.
  • B. Automated tools provide more reliability than an auditors personal judgment
  • C. Voluminous dale can be analyzed at a high speed to show relevant patterns.
  • D. Continuous auditing tools are less complex for auditors to manage.

Answer: C

Explanation:
Explanation
The feature of continuous auditing that provides the BEST level of assurance over traditional sampling is that voluminous data can be analyzed at a high speed to show relevant patterns. This is because continuous auditing is a technique that uses automated tools and processes to perform audit activities on a continuous or near-real-time basis, and to analyze large amounts of data from various sources and systems. Continuous auditing helps to provide a higher level of assurance than traditional sampling, by covering the entire population of transactions or events, rather than a subset or sample, and by identifying trends, anomalies, or exceptions that may indicate risks or issues. The other options are not features of continuous auditing that provide the best level of assurance over traditional sampling, but rather different aspects or benefits of continuous auditing, such as reporting frequency (A), reliability (B), or complexity (D).


NEW QUESTION # 40
Using digital evidence to provide validation that an attack has actually occurred is an example of;

  • A. computer forensic
  • B. extraction.
  • C. data acquisition.
  • D. identification.

Answer: A

Explanation:
Explanation
Using digital evidence to provide validation that an attack has actually occurred is an example of computer forensics. This is because computer forensics is a discipline that involves the identification, preservation, analysis, and presentation of digital evidence from various sources, such as computers, networks, mobile devices, etc., to support investigations of cyber incidents or crimes. Computer forensics helps to provide validation that an attack has actually occurred, by examining the digital traces or artifacts left by the attackers on the compromised systems or devices, and by reconstructing the sequence and timeline of events that led to the attack. The other options are not examples of using digital evidence to provide validation that an attack has actually occurred, but rather different techniques or processes that are related to computer forensics, such as extraction (B), identification C, or data acquisition (D).


NEW QUESTION # 41
Which of the following is the MOST important consideration when choosing between different types of cloud services?

  • A. Security features available on demand
  • B. Emerging risk and infrastructure scalability
  • C. Overall risk and benefits
  • D. Reputation of the cloud providers

Answer: C

Explanation:
Explanation
The MOST important consideration when choosing between different types of cloud services is the overall risk and benefits. This is because choosing between different types of cloud services involves weighing the trade-offs between the risk and benefits of each type of cloud service, such as Software as a Service (SaaS), Platform as a Service (PaaS), or Infrastructure as a Service (IaaS). For example, SaaS may offer more benefits in terms of cost savings, scalability, and usability, but also more risks in terms of security, privacy, and compliance. On the other hand, IaaS may offer more benefits in terms of flexibility, customization, and control, but also more risks in terms of complexity, management, and maintenance. The other options are not the most important consideration when choosing between different types of cloud services, but rather different aspects or factors that affect the choice of cloud services, such as emerging risk and infrastructure scalability (A), security features available on demand (B), or reputation of the cloud providers (D).


NEW QUESTION # 42
The protection of information from unauthorized access or disclosure is known as:

  • A. access control.
  • B. confidentiality.
  • C. media protect on.
  • D. cryptograph

Answer: B

Explanation:
Explanation
The protection of information from unauthorized access or disclosure is known as confidentiality. This is because confidentiality is one of the three main objectives of information security, along with integrity and availability. Confidentiality ensures that information is accessible and readable only by those who are authorized and intended to do so, and prevents unauthorized or accidental exposure of information to unauthorized parties. The other options are not the protection of information from unauthorized access or disclosure, but rather different concepts or techniques that are related to information security, such as access control (A), cryptography (B), or media protection C.


NEW QUESTION # 43
A data loss prevention (DLP) program helps protect an organization from:

  • A. crypto ransomware infection.
  • B. unauthorized access to servers and applications.
  • C. unauthorized data modification.
  • D. exfiltration of sensitive data.

Answer: D

Explanation:
Explanation
A data loss prevention (DLP) program helps protect an organization from exfiltration of sensitive data. This is because exfiltration of sensitive data is a type of cyberattack that involves stealing or leaking sensitive or confidential information from an organization's systems or networks to an external destination or party.
Exfiltration of sensitive data can cause serious harm to an organization's reputation, operations, finances, legal compliance, etc. A DLP program helps to prevent exfiltration of sensitive data by detecting and blocking any unauthorized or suspicious attempts to access, copy, transfer, or share sensitive data by users or applications.
The other options are not cyberattacks that a DLP program helps protect an organization from, but rather different types of cyberattacks that affect other aspects or objectives of information security, such as crypto ransomware infection (A), unauthorized access to servers and applications (B), or unauthorized data modification C.


NEW QUESTION # 44
What would be an IS auditor's BEST response to an IT managers statement that the risk associated with the use of mobile devices in an organizational setting is the same as for any other device?

  • A. The risk associated with mobile devices is less than that of other devices and systems.
  • B. The ability to wipe mobile devices and disable connectivity adequately mitigates additional
  • C. Replication of privileged access and the greater likelihood of physical loss increases risk levels.
  • D. The risk associated with mobile devices cannot be mitigated with similar controls for workstations.

Answer: C

Explanation:
Explanation
The BEST response to an IT manager's statement that the risk associated with the use of mobile devices in an organizational setting is the same as for any other device is that replication of privileged access and the greater likelihood of physical loss increases risk levels. Mobile devices pose unique risks to an organization due to their portability, connectivity, and functionality. Mobile devices may store or access sensitive data or systems that require privileged access, which can be compromised if the device is lost, stolen, or hacked. Mobile devices also have a higher chance of being misplaced or taken by unauthorized parties than other devices.


NEW QUESTION # 45
The "recover" function of the NISI cybersecurity framework is concerned with:

  • A. allocating costs incurred as part of the implementation of cybersecurity measures.
  • B. planning for resilience and timely repair of compromised capacities and service.
  • C. identifying critical data to be recovered m case of a security incident.
  • D. taking appropriate action to contain and eradicate a security incident.

Answer: B

Explanation:
Explanation
The "recover" function of the NIST cybersecurity framework is concerned with planning for resilience and timely repair of compromised capacities and service. This is because the recover function helps organizations to restore normal operations as quickly as possible after a cybersecurity incident, while also learning from the incident and improving their security posture. The other options are not part of the recover function, but rather belong to the identify (B), respond C, or protect (D) functions.


NEW QUESTION # 46
......

New Cybersecurity-Audit-Certificate Test Materials & Valid Cybersecurity-Audit-Certificate Test Engine: https://www.free4dump.com/Cybersecurity-Audit-Certificate-braindumps-torrent.html

Cybersecurity-Audit-Certificate Updated Exam Dumps [2023] Practice Valid Exam Dumps Question: https://drive.google.com/open?id=1dmMmEJRbw96R8wSeOI_GSKLYYnvrve48

Related Articles

more
ISACA Cybersecurity-Audit-Certificate Certification Practice Exam