Scribd Logo
Upload

Welcome to Scribd!

  • CISA Question 11 - 12 - Explenation

    Uploaded by

    MM
    17 views2 pages
    The document contains two questions from the CISA exam. The first question asks which filter rule would best protect a network from being used in a denial of service attack. The answer is to deny outgoing traffic with external IP addresses, as this would stop an attack originating from inside the network. The second question asks which aspect is assured when a sender applies a digital signature to an email's digest. The answer is the authenticity of the sender, as the signature authenticates who sent the message but not other details like time, computer, or confidentiality.

    Original Description:

    CISA examination, questions with answers and explanation

    Original Title

    CISA Question 11_12_explenation

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document contains two questions from the CISA exam. The first question asks which filter rule would best protect a network from being used in a denial of service attack. The answer is to deny outgoing traffic with external IP addresses, as this would stop an attack originating from inside the network. The second question asks which aspect is assured when a sender applies a digital signature to an email's digest. The answer is the authenticity of the sender, as the signature authenticates who sent the message but not other details like time, computer, or confidentiality.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    17 views2 pages

    CISA Question 11 - 12 - Explenation

    Uploaded by

    MM
    The document contains two questions from the CISA exam. The first question asks which filter rule would best protect a network from being used in a denial of service attack. The answer is to deny outgoing traffic with external IP addresses, as this would stop an attack originating from inside the network. The second question asks which aspect is assured when a sender applies a digital signature to an email's digest. The answer is the authenticity of the sender, as the signature authenticates who sent the message but not other details like time, computer, or confidentiality.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 2

    CISA Question 11

    Question

    The BEST filter rule for protecting a network from being used as an amplifier in a
    denial of service (DoS) attack is to deny all:

    A. outgoing traffic with IP source addresses externa! to the network.


    B. incoming traffic with discernible spoofed IP source addresses.
    C. incoming traffic with IP options set.
    D. incoming traffic to critical hosts.
    Answer

    A. outgoing traffic with IP source addresses externa! to the network.

    Explanation

    Outgoing traffic with an IP source address different than the IP range in the
    network is invalid, in most of the cases, it signals a DoS attack originated by an
    internal user or by a previously compromised internal machine; in both cases,
    applying this filter will stop the attack.

    CISA Question 12
    Question

    A sender of an e-mail message applies a digital signature to the digest of the


    message. This action provides assurance of the:

    A. date and time stamp of the message.


    B. identity of the originating computer.
    C. confidentiality of the message’s content.
    D. authenticity of the sender.
    Answer

    D. authenticity of the sender.

    Explanation

    The signature on the digest can be used to authenticate the sender. It does not
    provide assurance of the date and time stamp or the identity of the originating
    computer. Digitally signing an e-mail message does not prevent access to its
    content and, therefore, does not assure confidentiality.

    You might also like