CISA / CISM Exam Preparation Tip #2 -- Read the Question Carefully
As noted in Tip #1, the wording of exam questions can be challenging in themselves. Here’s a paraphrase of one of my favourite examples:
Which of the following should be a concern to an IS auditor reviewing a wireless network?
A. Wi-Fi Protected Access (WPA) encryption is enabled.
B. SSID (Service Set IDentifier) broadcasting is enabled.
C. Anti-malware software is running on all wireless clients.
D. MAC (Media Access Control) access control filtering is used on all wireless access points.
Now when reading that quickly, one might see a list of important security features an IS auditor would typically look for when reviewing an organization’s wireless networking infrastructure. And of those security features, WPA is arguably the most effective, and therefore the most important. So the temptation might be to choose answer “A”.
But of course that's wrong. The correct answer is “B”. Why? Because of the way the question is worded.
The question asks “which of the following should be a concern...” Would an auditor be concerned that WPA is enabled? No, but they’d sure be concerned if it was not enabled. Similarly, answers “C” and “D” are both good security practices, and would make the auditor happy, not concerned.
The only item of concern is broadcasting SSIDs. While supressing SSIDs isn’t crucial to security, in my own opinion, of the choices presented, it’s the only item of concern.
If you chose “B”, it probably shows you are getting the feel of exam question syntax and semantics. Well done!
But if you’re like me, and repeatedly get tricked by the wording, only to curse when you see the logic of the correct answer, keep practising, you’ll get it.
And keep telling yourself to read the question carefully!