To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against:
Correct Answer: A
A digital signature is a cryptographic method that ensures data integrity, authentication of the message, and non-repudiation. To ensure these, the sender first creates a message digest by applying a cryptographic hashing algorithm against the entire message and thereafter enciphers the message digest using the sender's private key. A message digest is created by applying a cryptographic hashing algorithm against the entire message not on any arbitrary part of the message. After creating the message digest, only the message digest is enciphered using the sender's private key, not the message.
Question 857
Which of the following is MOST likely to increase non-sampling risk?
Correct Answer: A
Question 858
An IS auditor reviewing a job scheduling tool notices performance and reliability problems. Which of the following is MOST likely affecting the tool?
Correct Answer: D
The performance and reliability of a job scheduling tool can be significantly affected if maintenance patches and the latest enhancement upgrades are missing1. These patches and upgrades often contain fixes for known issues and improvements to the tool's functionality. If they are not applied, the tool may continue to exhibit known problems or fail to benefit from enhancements that could improve its performance and reliability1. While factors like administrator password requirements23, number of support staff45, and tool classification64 can impact various aspects of a tool's operation, they are less likely to be the direct cause of performance and reliability problems. References: Patch Management Definition & Best Practices - Rapid7 Password must meet complexity requirements - Windows Security NIST's New Password Rule Book: Updated Guidelines Offer Benefits and Risk - ISACA Workforce optimization: Staff scheduling with AI | McKinsey Poor Employee Scheduling - Major Consequences And Solutions A Critical Analysis of Job Shop Scheduling in Context of Industry 4.0
Question 859
Which of the following statement correctly describes difference between packet filtering firewall and stateful inspection firewall?
Correct Answer: A
Explanation/Reference: Packet Filtering Firewall Also Known as First Generation Firewall Do not maintain client session The advantage of this type of firewall are simplicity and generally stable performance since the filtering rules are performed at the network layer. Its simplicity is also disadvantage, because it is vulnerable to attack from improperly configured filters and attack tunneled over permitted services. Some of the more common attack on packet filtering are IP Spoofing, Source Routing specification, Miniature fragment attack. Stateful Inspection Firewall A stateful inspection firewall keep track of the destination IP address of each packet that leaves the organization's internal network. The session tracking is done by mapping the source IP address of incoming packet with the list of destination IP addresses that is maintained and updated This approach prevent any attack initiated and originated by outsider. The disadvantage includes stateful inspection firewall can be relatively complex to administer as compare to other firewall. The following were incorrect answers: All other choices presented were incorrect answers because they all had the proper definition. The following reference(s) were/was used to create this question: CISA review manual 2014 Page number 345 and 346
Question 860
Which of the following is the GREATEST advantage of vulnerability scanning over penetration testing?
Correct Answer: D
The greatest advantage of vulnerability scanning over penetration testing is that the testing process can be automated to cover large groups of assets. Vulnerability scanning is an automated, high-level security test that reports its findings of known vulnerabilities in systems, networks, applications, and devices. Vulnerability scanning can be performed frequently, quickly, and efficiently to scan a large number of assets and identify potential weaknesses that need to be addressed. Vulnerability scanning can also help organizations comply with security standards and regulations, such as PCI DSS1. The other options are not as advantageous as option D, as they may not reflect the true benefits or limitations of vulnerability scanning compared to penetration testing. The testing produces a lower number of false positive results, but this is not necessarily true, as vulnerability scanning may report vulnerabilities that are not exploitable or relevant in the context of the organization. Network bandwidth is utilized more efficiently, but this may not be a significant advantage, as vulnerability scanning may still consume considerable network resources depending on the scope and frequency of the scans. Custom-developed applications can be tested more accurately, but this is also not true, as vulnerability scanning may not be able to detect complex or unknown vulnerabilities that require manual analysis or exploitation. References: * 1: Vulnerability scanning vs penetration testing: What's the difference? | TechRepublic * 2: Vulnerability Scanning vs. Penetration Testing - Fortinet * 3: Penetration Test Vs Vulnerability Scan | Digital Defense * 4: Penetration Testing vs. Vulnerability Scanning: What's the difference? * 5: Penetration Testing vs. Vulnerability Scanning | Secureworks * 6: PCI DSS Quick Reference Guide - PCI Security Standards Council
