CSIT 161 Final Exam 2023 Questions and Answers with
complete solution
Ricky is reviewing security logs to independently assess security controls. Which
security review process is Ricky engaging in?
audit
Christopher is designing a security policy for his organization. He would like to
use an approach that allows a reasonable list of activities but does not allow
other activities. Which permission level is he planning to use?
prudent
Jacob is conducting an audit of the security controls at an organization as an
independent reviewer. Which question would NOT be part of his audit?
Is the security control likely to become obsolete in the near future?
Which regulatory standard would NOT require audits of companies in the United
States?
Personal Information Protection and Electronic Documents Act (PIPEDA)
Emily is the information security director for a large company that handles
sensitive personal information. She is hiring an auditor to conduct an
assessment demonstrating that her firm is satisfying requirements regarding
customer private data. What type of assessment should she request?
SOC 3
Which item is an auditor least likely to review during a system controls audit?
Resumes of system administrators
What is a set of concepts and policies for managing IT infrastructure,
development, and operations?
IT Infrastructure Library (ITIL)
Which audit data collection method helps ensure that the information-gathering
process covers all relevant areas?
Checklist
Curtis is conducting an audit of an identity management system. Which question
is NOT likely to be in the scope of his audit?
Does the firewall properly block unsolicited network connection attempts?
What information should an auditor share with the client during an exit interview?
Details on major issues
What is NOT generally a section in an audit report?
system configurations
What type of security monitoring tool would be most likely to identify an
unauthorized change to a computer system?
System integrity monitoring
Gina is preparing to monitor network activity using packet sniffing. Which
technology is most likely to interfere with this effort if used on the network?
Secure Sockets Layer (SSL)
Anthony is responsible for tuning his organization's intrusion detection system.
He notices that the system reports an intrusion alert each time that an
, administrator connects to a server using Secure Shell (SSH). What type of error is
occurring?
False positive error
Isaac is responsible for performing log reviews for his organization in an attempt
to identify security issues. He has a massive amount of data to review. What type
of tool would best assist him with this work?
Security information and event management (SIEM)
Which intrusion detection system strategy relies upon pattern matching?
Signature detection
Which security testing activity uses tools that scan for services running on
systems?
Network mapping
Fran is conducting a security test of a new application. She does not have any
access to the source code or other details of the application she is testing. What
type of test is Fran conducting?
Black-box test
When should an organization's managers have an opportunity to respond to the
findings in an audit?
Managers should include their responses to the draft audit report in the final audit
report.
Which activity is an auditor least likely to conduct during the information-
gathering phase of an audit?
Report writing
What is a key principle of risk management programs?
Don't spend more to protect an asset than it is worth.
Adam is evaluating the security of a web server before it goes live. He believes
that an issue in the code allows an SQL injection attack against the server. What
term describes the issue that Adam discovered?
Vulnerability
Adam's company recently suffered an attack where hackers exploited an SQL
injection issue on their web server and stole sensitive information from a
database. What term describes this activity?
incident
Joe is responsible for the security of the industrial control systems for a power
plant. What type of environment does Joe administer?
Supervisory Control and Data Acquisition (SCADA)
Beth is conducting a risk assessment. She is trying to determine the impact a
security incident will have on the reputation of her company. What type of risk
assessment is best suited to this type of analysis?
qualitative
Kim is the risk manager for a large organization...what is the exposure factor?
20%
Kim is the risk manager for a large organization...what is the single loss
expectancy (SLE)?
$2,000,000
complete solution
Ricky is reviewing security logs to independently assess security controls. Which
security review process is Ricky engaging in?
audit
Christopher is designing a security policy for his organization. He would like to
use an approach that allows a reasonable list of activities but does not allow
other activities. Which permission level is he planning to use?
prudent
Jacob is conducting an audit of the security controls at an organization as an
independent reviewer. Which question would NOT be part of his audit?
Is the security control likely to become obsolete in the near future?
Which regulatory standard would NOT require audits of companies in the United
States?
Personal Information Protection and Electronic Documents Act (PIPEDA)
Emily is the information security director for a large company that handles
sensitive personal information. She is hiring an auditor to conduct an
assessment demonstrating that her firm is satisfying requirements regarding
customer private data. What type of assessment should she request?
SOC 3
Which item is an auditor least likely to review during a system controls audit?
Resumes of system administrators
What is a set of concepts and policies for managing IT infrastructure,
development, and operations?
IT Infrastructure Library (ITIL)
Which audit data collection method helps ensure that the information-gathering
process covers all relevant areas?
Checklist
Curtis is conducting an audit of an identity management system. Which question
is NOT likely to be in the scope of his audit?
Does the firewall properly block unsolicited network connection attempts?
What information should an auditor share with the client during an exit interview?
Details on major issues
What is NOT generally a section in an audit report?
system configurations
What type of security monitoring tool would be most likely to identify an
unauthorized change to a computer system?
System integrity monitoring
Gina is preparing to monitor network activity using packet sniffing. Which
technology is most likely to interfere with this effort if used on the network?
Secure Sockets Layer (SSL)
Anthony is responsible for tuning his organization's intrusion detection system.
He notices that the system reports an intrusion alert each time that an
, administrator connects to a server using Secure Shell (SSH). What type of error is
occurring?
False positive error
Isaac is responsible for performing log reviews for his organization in an attempt
to identify security issues. He has a massive amount of data to review. What type
of tool would best assist him with this work?
Security information and event management (SIEM)
Which intrusion detection system strategy relies upon pattern matching?
Signature detection
Which security testing activity uses tools that scan for services running on
systems?
Network mapping
Fran is conducting a security test of a new application. She does not have any
access to the source code or other details of the application she is testing. What
type of test is Fran conducting?
Black-box test
When should an organization's managers have an opportunity to respond to the
findings in an audit?
Managers should include their responses to the draft audit report in the final audit
report.
Which activity is an auditor least likely to conduct during the information-
gathering phase of an audit?
Report writing
What is a key principle of risk management programs?
Don't spend more to protect an asset than it is worth.
Adam is evaluating the security of a web server before it goes live. He believes
that an issue in the code allows an SQL injection attack against the server. What
term describes the issue that Adam discovered?
Vulnerability
Adam's company recently suffered an attack where hackers exploited an SQL
injection issue on their web server and stole sensitive information from a
database. What term describes this activity?
incident
Joe is responsible for the security of the industrial control systems for a power
plant. What type of environment does Joe administer?
Supervisory Control and Data Acquisition (SCADA)
Beth is conducting a risk assessment. She is trying to determine the impact a
security incident will have on the reputation of her company. What type of risk
assessment is best suited to this type of analysis?
qualitative
Kim is the risk manager for a large organization...what is the exposure factor?
20%
Kim is the risk manager for a large organization...what is the single loss
expectancy (SLE)?
$2,000,000
