Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
cissp answers exam
cissp answers
| Question | Answer |
|---|---|
| "A forensic examination should inspect slack space because it" | "Can be defeted to avoid detection." |
| "Ensuring the integrity of business information is the PRIMARY concern of" | "Procedural Security" |
| "Which one of the following actions should be taken FIRST after a fire has been detected?" | "Evacuate all personnel" |
| "Which one of the following is the Open Systems Interconnection (OSI) protocol for message handling?" | "X.400" |
| "Which of the following is a weakness of both statistical anomaly detection and pattern matching?" | "Requirement to monitor every event" |
| "Digital signature users register their public keys with a certification authority | which distributes a certificate containing the user's public key and digital signature of the certification authority. In create the certificate |
| "Why are macro viruses easy to write?" | "Office templates are fully API compliant" |
| "Tracing violations | or attempted violations of system security to the user responsible is a function of" |
| "Which one of the following is concerned with masking the frequency | length |
| "In which situation would TEMPEST risks and technologies be of MOST interest?" | "Where the consequences of disclose are very high." |
| "In which state must a computer system operate to process input/output instructions?" | "Supervisor mode" |
| "All of the following are basic components of a security policy EXCEPT the" | "statement of performance of characteristics and requirements" |
| "What set of principles is the basis for information systems controls?" | "Need to know |
| "Why do vendors publish MD5 hash values when they provide software patches for their customers to download from the Internet?" | "Recipients can verify the software's integrity after downloading" |
| "Which one of the following is NOT a requirement before a search warrant can be issued?" | "There is a written document detailing the anticipated evidence" |
| "The Trusted Computer Security Evaluation Criteria (TBSEC) provides" | "a basis for assessing the effectiveness of security controls built into automatic data-processing system products" |
| "Which factor is critical in all systems to protect data integrity?" | "Data classification" |
| "Audit trails based upon access and identification codes establish" | "individual accontabbility" |
| "Which one of the following attacks is MOST effective against an Internet Protocol Security (IPSEC) based virtual private network (VPN)?" | "Man-in-the-middle" |
| "Satellite communications are easily intercepted because__" | "a satellite footprint is very large." |
| "A country that fails to legally protect personal data in order to attract companies engaged in collection of such data is referred to as a" | "data haven" |
| "Management can expect penetration tests to provide all of the following EXCEPT" | "demonstration of the effects of the flaws" |
| "The Common Criteria construct which allows prospective consumers or developers to create standardized sets of security requirements to meet there needs is" | "a Protection Profile (PP)." |
| "Which one of the following security technologies provides safeguards for authentication before securely sending information to a web server?" | "Certificates" |
| "Which one of the following traits alow macro viruses to spread more effectively than other types?" | "They can be transported between different operating systems." |
| "After law enforcement is informed of a computer crime | the organization's investigators constraints are" |
| "Which of the following are objectives of an information systems security program?" | "Integrity |
| "Who is the individual permitted to add users or install trusted programs?" | "Operations Manager" |
| "What is the basis for the Rivest-Shamir-Adelman (RSA) algorithm scheme?" | "Factorability" |
| "In which one of the following documents is the assignment of individual roles and responsibilities MOST appropriately defined?" | "Acceptable use policy" |
| "In addition to providing an audit trail required by auditors | logging can be used to" |
| "Which one of the following tests determines whether the content of data within an application program falls within predetermined limits?" | "Reasonableness check" |
| "The MAIN reason for developing closed-circuit television (CCTV) as part of your physical security program is to" | "Increase guard visibility" |
| "Which one of the following is a characteristic of a penetration testing project?" | "The project tasks are to break into a targeted system" |
| "The intent of least privilege is to enforce the most restrictive user rights required" | "To execute authorized tasks" |
| "In which way does a Secure Socket Layer (SSL) server prevent a “man-in-the-middle” attack?" | "It uses signed certificates to authenticate the server’s public key" |
| "What is the PRIMARY advantage of using a separate authentication server (e.g. | Remote Access Dial- In User System |
| "Which one of the following operations of a secure communication session cannot be protected?" | "Session termination" |
| "Which one of the following is an example of electronic piggybacking?" | "Following an authorized user into the computer room." |
| "Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP) addresses/names with the intent of diverting traffic?" | "Domain Name Server (DNS) poisoning" |
| "When conducting a risk assessment | which one of the following is NOT an acceptable social engineering practice?" |
| "In what way could the use of “cookies” violate a person’s privacy?" | "When they are used to tie together a set of unconnected requests for web pages to cause an electronic map of where one has been." |
| "Which one of the following is a KEY responsibility for the “Custodian of Data”?" | "Integrity and security of data" |
| "In a Secure Electronic Transaction (SET) | how many certificates are required for a payment gateway to support multiple acquires?" |
| "Which one of the following conditions is NOT necessary for a long dictionary attack to succeed?" | "The attacker must have write access to the password file" |
| "Security measures that protect message traffic independently on each communication path are called" | "Link oriented" |
| "Which security program exists if a user accessing low-level data is able to draw conclusions about high-level information?" | "Inference" |
| "To mitigate the impact of a software vendor going out of business | a company that uses vendor software should require which one of the following?" |
| "Which one of the following instigates a SYN flood attack?" | "Creating a high number of half-open connections." |
| "What is the purpose of certification path validation?" | "Checks the legitimacy of the certificates in the certification path." |
| "Which of the following is a means of restricting access to objects based on the identity of the subject to which they belong?" | "Mandatory access control" |
| "Why is the investigation of computer crime involving malicious damage especially challenging?" | "Evidence may be destroyed in an attempt to restore the system." |
| "Which one of the following properties of a transaction processing system ensures that once a transaction completes successfully (commits) | the update service even if there is a system failure?" |
| "Which one of the following control steps is usually NOT performed in data warehousing applications?" | "Monitor summary tables for regular use." |
| "The PRIMARY purpose of operations security is" | "Safeguard information assets that are resident in the system." |
| "The auditing method that assesses the extent of the system testing | and identifies specific program logic that has not been tested is called" |
| "Which one of the following describes Kerchoff’s Assumption for cryptoanalytic attack?" | "Key is secret; algorithm is known" |
| "Which one of the following access control models associates every resource and every user of a resource with one of an ordered set of classes?" | "Lattice model" |
| "The concept that all accesses must be meditated | protected from modification |
| "Which one of the following could a company implement to help reduce PBX fraud?" | "Direct Inward System Access (DISA)" |
| "A screening router can perform packet filtering based upon what data?" | "Source and destination port number." |
| "A controlled light fixture mounted on a 5-meter pole can illuminate an area 30 meter in diameter. For security lighting purposes | what would be the proper distance between fixtures?" |
| "Within the Open Systems Interconnection (OSI) Reference Model | authentication addresses the need for a network entity to verify both" |
| "When block chaining cryptography is used | what type of code is calculated and appended to the data to ensure authenticity?" |
| "What are the assurance designators used in the Common Criteria (CC)?" | "EAL 1 |
| "Which option is NOT a benefit derived from the use of neural networks?" | "Fault Tolerance" |
| "What is an important factor affecting the time required to perpetrate a manual trial and error attack to gain access to a target computer system?" | "Processing speed of the system executing the attack." |
| "Evidence corroboration is achieved by" | "maintaining all evidence under the control of an independent source." |
| "Which one of the following can be identified when exceptions occur using operations security detective controls?" | "Authorized operations people performing unauthorized functions." |
| "Which one of the following threats does NOT rely on packet size or large volumes of data?" | "Macro virus" |
| "Scheduled tests of application contingency plans should be based on the" | "Criticality of the application" |
| "Data inference violations can be reduced using" | "Polyinstantiation technique." |
| "A system using Discretionary Access Control (DAC) is vulnerable to which one of the following attacks?" | "Spoofing" |
| "When continuous availability (24 hours-a-day processing) is required | which one of the following provides a good alternative to tape backups?" |
| "Which one of the following | if embedded within the ciphertext |
| "Program change controls must ensure that all changes are" | "Tested to ensure correctness." |
| "A network of five nodes is using symmetrical keys to securely transmit data. How many new keys are required to re-establish secure communications to all nodes in the event there is a key compromise?" | "5" |
| "Which one the following is the primary goal of Business Continuity Planning?" | "Sustain the organization." |
| "What is the PRIMARY component of a Trusted Computer Base?" | "The reference monitor" |
| "Which one of the following is a technical solution for the quality of service | speed |
| "Once a decision is made to further investigate a computer crime incident | which one of the following is NOT employed?" |
| "Which one of the following statements describes management controls that are instituted to implement a security policy?" | "They may be administrative |
| "Why are hardware security features preferred over software security features?" | "They permit higher performance." |
| "Which of the following is a potential problem when creating a message digest for forensic purposes?" | "One-way hashing technology invalidates message digest processing." |
| "A feature deliberately implemented in an operating system as a trap for intruders is called a:" | "Pseudo flaw" |
| "What is one issue NOT addressed by the Bell-LaPadula model?" | "Covert channels" |
| "Which of the following is LEAST necessary when creating evidence tags detailing the chain of custody for electronic evidence?" | "Notifying the person who owns the information being sized." |
| "From a legal perspective | which of the following rules must be addressed when investigating a computer crime?" |
| "Which of the following layers supervises the control rate of packet transfers in an Open Systems Interconnections (OSI) implementation?" | "Transport" |
| "Which one of the following describes a reference monitor?" | "Access control concept that refers to an abstract machine that mediates all accesses to objects by subjects." |
| "Why must senior management endorse a security policy?" | "So that they will accept ownership for security within the organization." |
| "Which one of the following is a good defense against worms?" | "Placing limits on sharing |
| "What type of wiretapping involves injecting something into the communications?" | "Active" |
| "Which one of the following is the reason why a hyperlink spoofing attack is usually successful?" | "Most users do not make a request to connect to a DNS names |
| "Disaster Recover Plan emergency produces is a plan of action that commences immediately to prevent or minimize property damage and to" | "Prevent loss of life." |
| "Which of the following business continuity stages ensures the continuity strategy remains visible?" | "Implementation |
| "he concentric circle approach is used to" | "Assess the physical security facility |
| "Which one of the following BEST describes a password cracker?" | "A program that performs comparative analysis." |
| "In developing a security awareness program | it is MOST important to" |
| "Which one of the following is the PRIMARY objective of penetration testing?" | "Assessment" |
| "When combined with unique session values | message authentication can protect against which of the following?" |
| "he concentric circle approach is used to" | "Assess the physical security facility" |
| "Which one of the following BEST describes a password cracker?" | "A program that performs comparative analysis" |
| "In developing a security awareness program | it is MOST important to" |
| "Which one of the following is the PRIMARY objective of penetration testing?" | "Assessment" |
| "When combined with unique session values | message authentication can protect against which of the following?" |
| "Which risk management methodology uses the exposure factor multiplied by the asset value to determine its outcome?" | "Single Loss Expectancy" |
| "The alternate processing strategy in a business continuity plan can provide for required backup computing capacity through a hot site | a cold site |
| "Open box testing | in the Flow Hypothesis Methodology of Penetration Testing applies to the analysis of" |
| "In a change control environment | which one of the following REDUCES the assurance of proper changes to source programs in production status?" |
| "Under the standard of due care | failure to achieve the minimum standards would be considered" |
| "Which one of the following is a security issue related to aggregation in a database?" | "Inference" |
| "What is a PRIMARY reason for designing the security kernel to be as small as possible?" | "Due to its compactness |
| "What methodology is commonly used in Business Continuity Program?" | "Business Impact Analysis" |
| "Which one of the following processing alternatives involves a ready-to-use computing facility with telecommunications equipment | but not computers?" |
| "emoving unnecessary processes | segregating inter-process communications |
| "Forensic imaging of a workstation is initiated by" | "Directing the output of the forensic imaging software to the small computer system interface (SCSI)." |
| "Which of the following was the first mathematical model of multilevel security policy?" | "Bell-La Padula" |
| "A stack overflow attack that “crashes” a Transmission Control Protocol/Internet Protocol (TCP/IP) service daemon can result in a serious security breach because the" | "Daemon can be replaced by a trojan horse." |
| "Which one of the following is NOT a characteristic of an Intrusion Detection System? (IDS)" | "Recognizes and report alterations to data files." |
| "The design phase in a system development life cycle includes all of the following EXCEPT" | "Developing an operations and maintenance manual." |
| "Which one of the following describes a covert timing channel?" | "Allows one process to signal information to another by modulating its own use of system resources." |
| "In the public sector | as opposed to the private sector |
| "Which set of principal tasks constitutes configuration management?" | "Identification |
| "Which one of the following is the MOST solid defense against interception of a network transmission?" | "Encryption" |
| "Which one of the following risk analysis terms characterizes the absence or weakness of a riskreducing safegaurd?" | "Vulnerability" |
| "Which one of the following is the MOST critical characteristic of a biometrics system?" | "Accuracy" |
| "The unauthorized mixing of data of one sensitivity level and need-to-know which data of a lower sensitivity level | or different need-to-know |
| "Why would an Ethernet LAN in a bus topology have a greater risk of unauthorized disclosure than switched Ethernet in a hub-and-spoke or star topology?" | "Ethernet is a broadcast technology." |
| "A “critical application” is one that MUST" | "Remain operational for the organization to survive." |
| "By far | the largest security exposure in application system development relates to" |
| "Which one of the following is NOT a factor to consider when establishing a core incident response team?" | "The recovery capability" |
| "What two factors should a backup program track to ensure the serviceability of backup tape media?" | "The physical characteristics and rotation cycle of the media." |
| "Which one of the following describes a bastion host?" | "A computer which plays a critical role in a firewall configuration." |
| "What is the MAIN purpose of a change control/management system?" | "Document the change for audit and management review." |
| "What is the FIRST step that should be considered in a penetration test?" | "The formulation of specific management objectives." |
| "Within the organizational environment | the security function should report to an organizational level that" |
| "Which of the following are PRIMARY elements that are required when designing a Disaster Recovery Plan (DRP)?" | "Impact assessment |
| "Risk is commonly expressed as a function of the" | "Likelihood that the harm will occur and its potential impact." |
| "The relative security of a commercial cryptographic system can be measured by the" | "Size of the key space and the available computational power." |
| "Firewalls can be used to" | "Enforce security policy." |
| "In a typical firewall configuration | what is the central host in organization’s network security?" |
| "An example of an individual point of verification in a computerized application is" | "A check digit." |
| "What is the company benefit | in terms of risk |
| "A backup of all files that are new or modified since the last full backup is" | "A differential backup" |
| "Which of the following defines the key exchange for Internet Protocol Security (IPSEC)?" | "Internet Security Association Key Management Protocol (ISAKMP)" |
| "A common Limitation of information classification systems is the INABILITY to" | "Declassify information when appropriate." |
| "Which one of the following protocols CANNOT be used for full duplex Wide Area Network (WAN) communications?" | "Synchronous Data Link Control (SDLC)" |
| "Which of the following identifies the first phase of a Distributed Denial of Service attack?" | "Compromising as many machines as possible." |
| "At what Trusted Computer Security Evaluation Criteria (TCSEC) or Information Technology Security Evaluation Criteria (ITSEC) security level are database elements FIRST required to have security labels?" | "B1/E3" |
| "On which Open System Interconnection (OSI) Reference Model layer are repeaters used as communications transfer devices?" | "Physica" |
| "A disk image backup is used for forensic investigation because it" | "Creates a bit level copy of the entire disk." |
| "The basic Electronic Access Control (EAC) components required for access doors are an electromagnetic lock | " |
| "What is the act of willfully changing data | using fraudulent input or removal of controls called?" |
| "An active content module | which attempts to monopolize and exploits system resources is called a" |
| "In multi-processing systems | which one of the following lacks mandatory controls and is NORMALLY AVOIDED for communication?" |
| "What access control methodology facilitates frequent changes to data permissions?" | "Rule-based" |
| "In addition to ensuring that changes to the computer system take place in an identifiable and controlled environment | configuration management provides assurance that future changes:" |
| "Which one of the following CANNOT be prevented by the Secure Shell (SSH) program?" | "Compromise of the source/destination host." |
| "A computer program used to process the weekly payroll contains an instruction that the amount of the gross pay cannot exceed $2 | 500 for any one employee. This instruction is an example of a control that is referred to as a" |
| "Which one of the following is a TRUE statement about the bottom three layers of the Open Systems Interconnection (OSI) Reference Model?" | "They support components necessary to transmit network messages." |
| "Which of the following implements the authorized access relationship between subjects and objects of a system?" | "Security kernel" |
| "Which security model allows the data custodian to grant access privileges to other users?" | "Discretionary" |
| "Which one of the following is an ethical consideration of computer technology?" | "Ownership of proprietary software." |
| "Which one of the following is an important characteristic of an information security policy?" | "Identifies major functional areas of information." |
| "Which one of the following is an example of hyperlink spoofing?" | "Connecting the user to a different web server." |
| "Which of the following access control types gives “UPDATE” privileges on Structured Query Language (SQL) database objects to specific users or groups?" | "Mandatory" |
| "Which access control model states that for integrity to be maintained data must now flow from a receptacle of given integrity to a receptacle of higher integrity?" | "Biba Model" |
| "Which of the following is a reasonable response from the intrusion detection system when it detects Internet Protocol (IP) packets where the IP source address is the same as the IP destination address?" | "Record selected information about the item and delete the packet." |
| "A security control should" | "Not rely on the security of its mechanism." |
| "Which security measure BEST provides non-repudiation in electronic mail?" | "Digital signature" |
| "Which of the following is the MOST secure network access control procedure to adopt when using a callback device?" | "The user enters a userid and PIN |
| "Which one of the following is NOT a fundamental component of a Regulatory Security Policy?" | "Who is to do it." |
| "Which is the MAIN advantage of having an application gateway?" | "To log and control incoming and outgoing traffic." |
| "The INITIAL phase of the system development life cycle would normally include" | "Executive project approval" |
| "Why are packet filtering routers NOT effective against mail bomb attacks?" | "Filters do not examine the data portion of a packet." |
| "Who is responsible for the security and privacy of data during a transmission on a public communications link?" | "The sending party" |
| "Employee involuntary termination processing should include" | "The surrender of any company identification." |
| "In the context of computer security | “scavenging” refers to searching" |
| "Covert channel analysis is required for" | "A Trusted Computer Base with a level of trust B2 or above." |
| "Which one of the following addresses the protection of computers and components from electromagnetic emissions?" | "TEMPEST" |
| "What is the function of a corporate information security policy?" | "Define the main security objectives which must be achieved and the security framework to Meet business objectives." |
| "Monitoring electromagnetic pulse emanations from PCs and CRTs provides a hacker with that significant advantage?" | "Undetectable active monitoring." |
| "Which one of the following correctly identifies the components of a Distributed Denial of Service Attack?" | "Client |
| "Which Open Systems Interconnect (OSI) layers provide Transport Control Protocol/Internet Protocol (TCP/IP) end-to-end security?" | "Presentation and session" |
| "Which one of the following are examples of security and controls that would be found in a “trusted” application system?" | "File integrity routines and audit trail" |
| "When establishing a violation tracking and analysis process | which one of the following parameters is used to keep the quantity of data to manageable levels?" |
| "How is polyinstantiation used to secure a multilevel database?" | "It prevents low-level database users from inferring the existence of higher level data." |
| "Which process on a firewall makes permit/deny forwarding decisions based solely on address and service port information?" | "Circuit Proxy" |
| "What Distributed Computing Environment (DCE) component provides a mechanism to ensure that services are made available only to properly designated parties?" | "Directory Service" |
| "In a cryptographic key distribution system | the master key is used to exchange?" |
| "Which one of the following devices might be used to commit telecommunications fraud using the “shoulder surfing” technique?" | "Tone recorder" |
| "What security risk does a covert channel create?" | "A process can signal information to another process." |
| "The repeated use of the algorithm to encipher a message consisting of many blocks is called" | "Cipher block chaining" |
| "What is the purpose of the Encapsulation Security Payload (ESP) in the Internet Protocol (IP) Security Architecture for Internet Protocol Security?" | "To provide integrity and confidentiality for IP transmissions." |
| "Which one of the following is an effective communications error-control technique usually implemented in software?" | "Packet checksum" |
| "Annualized Loss Expectancy (ALE) value is derived from an algorithm of the product of annual rate of occurrence and" | "Single loss expectancy." |
| "For what reason would a network administrator leverage promiscuous mode?" | "To monitor the network to gain a complete statistical picture of activity." |
| "One method to simplify the administration of access controls is to group" | "Objects and subjects" |
| "Which step ensures the confidentiality of a facsimile transmission?" | "Encrypt the transmission." |
| "Which one of the following is commonly used for retrofitting multilevel security to a Database Management System" | "Trusted front-end" |
| "What should be the size of a Trusted Computer Base?" | "Small – in order to facilitate the detailed analysis necessary to prove that it meets design requirements." |
| "Which one of the following is an asymmetric algorithm?" | "Knapsack" |
| "Which one of the following attacks will pass through a network layer intrusion detection system undetected?" | "A test.cgi attack" |
| "Which one of the following entails immediately transmitting copies of on-line transactions to a remote computer facility for backup?" | "Electronic vaulting" |
| "Which one of the following should NOT be contained within a computer policy?" | "Responsibilities of individuals and groups for protected information." |
| "Which one of the following data transmission technologies is NOT packet-switch based?" | "CSMA/CD (Carrier Sense Multiple Access/Collision Detection)" |
| "How does the SOCKS protocol secure Internet Protocol (IP) connections?" | "By acting as a connection proxy." |
| "Penetration testing will typically include" | "Social engineering |
| "A forensic examination should inspect slack space because it" | "Can be defeted to avoid detection." |
Created by:
dyadko9999
Popular Standardized Tests sets