Free CISA Braindumps


  • Exam Number: CISA
  • Provider: ISACA
  • Questions: 3107
  • Updated On: 18-Jan-2021

Exam A
QUESTION 1
A shared resource matrix is a technique commonly used to locate:
A. Malicious code
B. Security flaws
C. Trap doors
D. Covert channels
Correct Answer: D
Section: The process of Auditing Information System
Analyzing resources of a system is one standard for locating covert channels because the basis of a covert
channel is a shared resource.
The following properties must hold for a storage channel to exist:
1. Both sending and receiving process must have access to the same attribute of a shared object.
2. The sending process must be able to modify the attribute of the shared object.
3. The receiving process must be able to reference that attribute of the shared object.
4. A mechanism for initiating both processes and properly sequencing their respective accesses to the shared
resource must exist.
Note: Similar properties for timing channel can be listed
The following answers are incorrect:
All other answers were not directly related to discovery of Covert Channels.
The following reference(s) were/was used to create this question:
Acerbic Publications, Acerbic Publications (Test Series) - CRC Press LLC, Page No. 225
QUESTION 2
You are part of a security staff at a highly profitable bank and each day, all traffic on the network is logged for
later review. Every Friday when major deposits are made you're seeing a series of bits placed in the "Urgent
Pointer" field of a TCP packet. This is only 16 bits which isn't much but it concerns you because:
A. This could be a sign of covert channeling in bank network communications and should be investigated.
B. It could be a sign of a damaged network cable causing the issue.
C. It could be a symptom of malfunctioning network card or drivers and the source system should be checked
for the problem.
D. It is normal traffic because sometimes the previous fields 16-bit checksum value can over run into the
urgent pointer's 16-bit field causing the condition.
Correct Answer: A
Section: The process of Auditing Information System
The Urgent Pointer is used when some information has to reach the server ASAP. When the TCP/IP stack at
the other end sees a packet using the Urgent Pointer set, it is duty bound to stop all ongoing activities and
immediately send this packet up the stack for immediate processing. Since the packet is plucked out of the
processing queue and acted upon immediately, it is known as an Out Of Band (OOB)packet and the data is
01FBAEF084FA42B3BDA0C32C94CD0BF3

Get The Premium Version

Allbraindumps.com
 Test Questions PDF from Myitguides.com

 Test Questions PDF from Myitguides.com