As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the CRC- 32 checksum for:
Correct Answer: A
Section: Protection of Information Assets Explanation: As part of the IEEE 802.11 standard ratified in September 1999, WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity. Many WEP systems require a key in hexadecimal format. If one chooses keys that spell words in the limited 0-9, A-F hex character set, these keys can be easily guessed.
CISA Exam Question 392
A hot site should be implemented as a recovery strategy when the:
Correct Answer: A
Explanation/Reference: Explanation: Disaster tolerance is the time gap during which the business can accept nonavailability of IT facilities. If this time gap is low, recovery strategies that can be implemented within a short period of time, such as a hot site, should be used. The RPO is the earliest point in time at which it is acceptable to recover the data. A high RPO means that the process can wait for a longer time. In such cases, other recovery alternatives, such as warm or cold sites, should be considered. A high RTO means that additional time would be available for the recovery strategy, thus making other recovery alternatives-such as warm or cold sites- viable alternatives.
CISA Exam Question 393
In an online banking application, which of the following would BEST protect against identity theft?
Correct Answer: C
Two-factor authentication requires two independent methods for establishing identity and privileges. Factors include something you know, such as a password; something you have, such as a token; and something you are, which is biometric. Requiring twoof these factors makes identity theft more difficult. A password could be guessed or broken. Restricting the user to a specific terminal is not a practical alternative for an online application. Periodic review of access logs is a detective controland does not protect against identity theft.
CISA Exam Question 394
Which of the following is MOST likely to be spoofed in an email transmission?
Correct Answer: D
CISA Exam Question 395
Identify the correct sequence which needs to be followed as a chain of event in regards to evidence handling in computer forensics?
Correct Answer: D
Section: Protection of Information Assets Explanation: There are 4 major considerations in the chain of event in regards to evidence in computer forensics: Identify -Refers to identification of information that is available and might form evidence of an accident Preserve -Refers to the practice of retrieving identified information and preserving it as evidence. The practice generally includes the imaging of original media in presence of an independent third party. The process also requires being able to document chain-of-custody so that it can be established in a court law. Analyze - Involves extracting, processing and interpreting the evidence. Extracted data could be unintelligible binary data after it has been processed and converted into human readable format. Interpreting the data requires an in-depth knowledge of how different pieces of evidences may fit together. The analysis should be performed using an image of media and not the original. Present -Involves a presentation of the various audiences such as management, attorneys, court, etc.Acceptance of evidence depends upon the manner of presentation, qualification of the presenter, and credibility of the process used to preserve and analyze the evidence. The following were incorrect answers: The other options presented are not a valid sequence which needs to be followed in the chain of events in regards to evidence in computer forensic. Reference: CISA review manual 2014 Page number367
