Weekend Sale 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Free Isaca CCOA Practice Exam with Questions & Answers | Set: 4

Questions 31

Which of the following is a KEY difference between traditional deployment methods and continuous integration/continuous deployment (CI/CD)?

Options:
A.

CI/CD decreases the frequency of updates.

B.

CI/CD decreases the amount of testing.

C.

CI/CD increases the number of errors.

D.

CI/CD Increases the speed of feedback.

Isaca CCOA Premium Access
Questions 32

On the Analyst Desktop is a Malware Samples folderwith a file titled Malscript.viruz.txt.

Based on the contents of the malscript.viruz.txt, whichthreat actor group is the malware associated with?

Options:
Questions 33

Which of the following is the GREATEST risk resulting from a Domain Name System (DNS) cache poisoning attack?

Options:
A.

Reduced system availability

B.

Noncompliant operations

C.

Loss of network visibility

D.

Loss of sensitive data

Questions 34

Which of the following is MOST likely to result from misunderstanding the cloud service shared responsibility model?

Options:
A.

Falsely assuming that certain risks have been transferred to the vendor

B.

Improperly securing access to the cloud metastructure layer

C.

Misconfiguration of access controls for cloud services

D.

Being forced to remain with the cloud service provider due to vendor lock-In

Questions 35

Which of the following Is the MOST effective way to ensure an organization's management of supply chain risk remains consistent?

Options:
A.

Regularly seeking feedback from the procurement team regarding supplier responsiveness

B.

Periodically confirming suppliers' contractual obligations are met

C.

Periodically counting the number of incident tickets associated with supplier services

D.

Regularly meeting with suppliers to informally discuss Issues

Questions 36

The network team has provided a PCAP file withsuspicious activity located in the Investigations folderon the Desktop titled, investigation22.pcap.

What date was the webshell accessed? Enter the formatas YYYY-MM-DD.

Options:
Questions 37

Multi-factor authentication (MFA) BEST protects against which of the following attack vectors?

Options:
A.

Compromised credentials

B.

Social engineering

C.

Malware

D.

Ransomware

Questions 38

A cybersecurity analyst has been asked to review firewall configurations andrecommend which ports to deny in order to prevent users from making outbound non-encrypted connections to the Internet. The organization is concerned that traffic through this type of port is insecure and may be used asanattack vector. Which port should the analyst recommend be denied?

Options:
A.

Port 3389

B.

Port 25

C.

Port 443

D.

Port 80

Questions 39

Exposing the session identifier in a URL is an example of which web application-specific risk?

Options:
A.

Cryptographic failures

B.

Insecure design and implementation

C.

Identification and authentication failures

D.

Broken access control

Questions 40

Which ofthe following BEST enables a cybersecurity analyst to influence the acceptance of effective security controls across an organization?

Options:
A.

Contingency planning expertise

B.

Knowledge of cybersecurity standards

C.

Communication skills

D.

Critical thinking