Isaca Cybersecurity-Audit-Certificate ISACA Cybersecurity Audit Certificate Exam Practice Test

Answer : C

Key risk indicators (KRIs) are metrics that can provide an early signal of increasing risk exposures for an organization. KRIs are designed to measure and predict potential losses, and they help in identifying trends that could lead to future risks. They are different from Key Performance Indicators (KPIs), which measure the performance related to the achievement of strategic goals. KRIs, on the other hand, are specifically focused on risk and are used to monitor changes in the level of risk exposure.

Answer : D

A web application firewall (WAF) is specifically designed to monitor, filter, and block HTTP traffic to and from a web application. It is different from other types of firewalls because it can filter the content of specific web applications. By inspecting HTTP traffic, a WAF can prevent attacks stemming from web application security flaws, such as SQL injection and cross-site scripting (XSS), file inclusion, and security misconfigurations.

Answer : D

A computer-software vulnerability that is unknown to those who would be interested in mitigating the vulnerability is a zero-day vulnerability. This is because a zero-day vulnerability is a type of vulnerability that has not been reported or disclosed to the public or to the software vendor yet, and may be exploited by attackers before it is patched or fixed. A zero-day vulnerability poses a high risk to systems and applications that are affected by it, as there may be no known defense or solution against it. The other options are not computer-software vulnerabilities that are unknown to those who would be interested in mitigating the vulnerability, but rather types of vulnerabilities that are known and reported to the public or to the software vendor, such as cross-site scripting vulnerability (A), SQL injection vulnerability (B), or memory leakage vulnerability C.

Answer : B

Continuous auditing tools are designed to monitor and analyze business transactions on an ongoing basis. An automated GRC tool fits this description as it can scan and flag transactions according to predefined criteria in real-time. This is in contrast to vulnerability scanners, IDS, or antivirus tools, which serve different purposes such as scanning for system weaknesses, detecting unauthorized access, or protecting against malware, respectively.

Answer : A

Cybersecurity insurance typically covers direct and immediate losses due to data breaches and information security breaches. This often includes legal costs, credit monitoring costs, litigation costs (such as breach of privacy), and costs of regulatory investigations. Forensic investigation is a critical component of the response to a cyber incident, and the costs associated with it are generally covered under a cybersecurity insurance policy.

Answer : C

The BEST basis for allocating proportional protection activities when comprehensive classification is not feasible is a business dependency assessment. This is because a business dependency assessment helps to identify the criticality and sensitivity of business processes and their supporting assets, based on their contribution to the organization's objectives and value proposition. This allows for prioritizing protection activities according to the level of risk and impact. The other options are not as effective as a business dependency assessment, because they either use a single classification level allocation (A), which does not account for different levels of risk and impact; require a significant amount of time and resources to perform a business process re-engineering (B); or rely on external parties to cover potential losses without reducing the likelihood or impact of incidents (D).

Answer : C

The correct answer is C. SSH.

SSH stands for Secure Shell, a client-server program that opens a secure, encrypted command-line shell session from the Internet for remote logon. SSH allows users to remotely access and execute commands on a server without exposing their credentials or data to eavesdropping, tampering or replay attacks. SSH also supports secure file transfer protocols such as SFTP and SCP1.

VPN stands for Virtual Private Network, a technology that creates a secure, encrypted tunnel between two or more devices over a public network such as the Internet. VPN allows users to access resources on a remote network as if they were physically connected to it, while protecting their privacy and identity2.

IPsec stands for Internet Protocol Security, a set of protocols that provides security at the network layer of the Internet. IPsec supports two modes: transport mode and tunnel mode. Transport mode encrypts only the payload of each packet, while tunnel mode encrypts the entire packet, including the header. IPsec can be used to secure VPN connections, as well as other applications that require data confidentiality, integrity and authentication3.

SFTP stands for Secure File Transfer Protocol, a protocol that uses SSH to securely transfer files between a client and a server over a network. SFTP provides encryption, authentication and compression features to ensure the security and reliability of file transfers.

1: SSH (Secure Shell) 2: What is a VPN? How It Works, Types of VPN | Kaspersky 3: IPsec - Wikipedia : [SFTP - Wikipedia]