Isaca CCOA Certification Practice Questions & Answers

Question 6 of 108

A cybersecurity analyst has discovered a vulnerability in an organization's web application. Which of the following should be done FIRST to address this vulnerability?

A.

Immediately shut down the web application to prevent exploitation.

B.

Attempt to exploit the vulnerability to determine its severity.

C.

Follow the organization's incident response management procedures.

D.

Restart the web server hosting the web application.

Question 7 of 108

Which ruleset can be applied in the /home/administrator/hids/ruleset/rules directory?

A.

B.

C.

D.

Question 8 of 108

Which of the following is MOST important for maintaining an effective risk management program?

A.

Approved budget

B.

Ongoing review

C.

Automated reporting

D.

Monitoring regulations

Question 9 of 108

Which of the following is the MOST important reason to limit the number of users with local admin privileges on endpoints?

A.

Local admin accounts require more administrative work in order to manage them properly.

B.

Local admin accounts have elevated privileges that can be exploited by threat actors.

C.

Local admin users might make unauthorized changes.

D.

Local admin users might install unapproved software.

Question 10 of 108

Which of the following is a security feature provided by the WS-Security extension in the Simple Object Access Protocol (SOAP)?

A.

Malware protection

B.

Message confidentiality

C.

Transport Layer Security (TLS)

D.

Session management