Isaca Cybersecurity-Audit-Certificate ISACA Cybersecurity Audit Certificate Exam Practice Test

Answer : D

A web application firewall (WAF) is specifically designed to monitor, filter, and block HTTP traffic to and from a web application. It is different from other types of firewalls because it can filter the content of specific web applications. By inspecting HTTP traffic, a WAF can prevent attacks stemming from web application security flaws, such as SQL injection and cross-site scripting (XSS), file inclusion, and security misconfigurations.

Answer : B

A Wi-Fi hotspot is a physical location where people can obtain Internet access, typically using Wi-Fi technology, via a wireless local area network (WLAN) using a router connected to an Internet service provider.Public hotspots are often found in places like coffee shops or hotels and are created from wireless access points configured to provide Internet access1.

Answer : B

The increasing amount of storage space available on mobile devices poses the greatest concern for organizations needing to protect sensitive data. Larger storage capacities allow for more data to be stored on a device, which can include sensitive organizational information. If such a device is lost, stolen, or compromised, the potential for sensitive data to be accessed increases significantly. Additionally, the more data a device can hold, the more attractive it becomes as a target for attackers.

Reference= ISACA's resources highlight the risks associated with mobile devices' storage capabilities, especially when they contain sensitive organizational data.The threats, vulnerabilities, and risks related to the storage of sensitive data on mobile devices are discussed, emphasizing the importance of protecting such data from unauthorized access123.

Answer : C

System hardening is a process that involves implementing security measures to reduce the system's vulnerability. The main purpose of this process is to limit the number of attack vectors that can be exploited by threats. By removing unnecessary programs, closing unused ports, and applying security patches, the system's attack surface is reduced, making it more difficult for attackers to find vulnerabilities to exploit.

Answer : C

Imaging is the process used by an IS auditor to create a bit-for-bit copy of data. This method ensures that an exact replica of the data is made, preserving all the information in the same structure and format as the original. Imaging is essential for tasks such as digital forensics, where maintaining the integrity of the data is critical.

Answer : A

The phase that typically occurs before containment in an incident response is Identification. This phase involves detecting and determining the nature of the incident. It's crucial to correctly identify an incident before it can be contained, as containment strategies may vary depending on the type of incident.

Answer : C

In a teaming exercise, the purple team is responsible for integrating the defensive tactics and controls from the blue team (defensive) with the threats and vulnerabilities found by the red team (attacking). The purple team's role is to ensure that the defense mechanisms are effective against the identified threats and to improve the overall security posture of the organization.They work collaboratively with both the red and blue teams to provide a comprehensive view of the organization's security readiness1.