53 Ade 06-14 CISSP practice
Which one of the following is a characteristic of tort law?
"Damages usually entail monetary restitution, which can be compensatory, punitive, or statutory"
"Which describes the symmetric cipher ""Blowfish""?"
"Extremely fast, and uses very little memory"
Which of the following is true about maintaining the chain of custody of a digital investigation?
"Keep a log of every person who had physical custody of the evidence, documenting the actions that they performed on the evidence and at what time"
What is the correct order in which the ISC2 Code of Ethics should be upheld?
"Protect society, the commonwealth, and the infrastructure; Act honorably, honestly, justly, responsibly, and legally; Provide diligent and competent service to principals; Advance and protect the profession."
What protocol solicits MAC address from devices on the network without requiring authentication?
ARP
"To maintain the security architecture, of the following, which is true?"
All of the above
Protection practices that can be used to prevent man-in-the-middle attacks include?
All of the above
Which one is a benefit of a enterprise security architecture?
All of the above
Which one of the following describes the Information Technology Security Evaluation Criteria (ITSEC)?
All of the above
Which one of the following is a common system component in the system security architecture?
All of the above
Which of the following layers of the OSI model offer non-repudiation services?
Application
Which of the following layers of the OSI model offers reliability of transmission services?
Application Layer
Which of the following is best described as small changes in an algorithm or key that will result in massive changes to the message?
Avalanche effect
"Of the following plans, which is designed to protect critical business processes from natural or man-made failures or disasters and the consequential loss of capital due to the unavailability of normal business operations?"
Business Continuity Plan
Which of the following processes identifies the threats that can impact the business continuity of operations?
Business impact analysis
Which symmetric cipher is a Feistal-type block cipher with 64-128 bit blocks?
CAST
"Which one of the following tests the system's hardware, software, and configuration in an environment like its eventual operational setting?"
Certification
Which of the following is responsible for maintaining certificates in a public key infrastructure (PKI)?
Certification Authority
List the token-based authentication steps in the correct order.
Challenge>Response> Token Device Challenge>Valid Certificate >Authentication
Wireless transmission technologies include all of the following except?
Code division single access
"You are advising a non-profit organization on disaster recovery plans. In case a disaster affects the main IT centers for the organization, they will need to be able to operate from an alternate location. Budget for the solution is limited, but the organization can tolerate some downtime during a crisis. Which of the following is most appropriate for this type of client?"
Cold site
Which type of law is derived from court decisions and codification of British law dating back to the 12th century?
Common Law
An employee believes their password was compromised while at work by a visitor shoulder surfing in the employee's workspace. Which of the following has been violated?
Confidentiality
Information will not be disclosed to any unauthorized person on a local network via which of the following cryptographic system services?
Confidentiality
Which of the following does NOT describe a State machine model?
Creates one-to-one relationships between subjects and objects
What two cryptographic implementations does Kerberos use?
DES and RC4
Which of the following activities is NOT an example of a technical control?
Data Backup
Attempting to crack a password by using common words from a text file is known as what kind of attack?
Dictionary
"Which of the following plans is a comprehensive statement of consistent actions to be taken before, during, and after a disruptive event that causes a significant loss of information systems resources?"
Disaster recovery plan
"In defining and maintaining the enterprise security architecture, which aspect describes the creating of catalog of inputs?"
Document current technology positions
Which of the following is NOT a natural environmental threat that an organization faces?
Environmentalist Strike
"In defining and maintaining the enterprise security architecture, the gap analysis describes the security functionality in terms of generic components, component flows, and nodes."
FALSE
"The Investigative phase of the incident response process includes detection, identification, and notification."
FALSE
Asynchronous encrypt and decrypt requests are processed immediately.
FALSE
Copyright conveys exclusive rights to the owner of markings the public uses to identify that owner's goods and products.
FALSE
Encryption is converting a message from ciphertext to plaintext.
FALSE
Information flow models help ensure that high-level actions (inputs) do not affect what low-level users can see (outputs).
FALSE
Substitution is mixing the location of plaintext throughout the ciphertext adding a level of complexity to the process.
FALSE
"As an operational system engineer, you are responsible for verifying that a software build meets its data requirements, and correctly generates projected displays and reports. Which type of testing is best used to achieve your goals?"
Functional
A ___ analysis emphasizes the formal study of what your organization is doing currently and where it will be in the future.
Gap
Which one of the following is NOT a common security service in the system security architecture?
Groups and protection services
Which of the following is the technology of indoor environmental comfort?
HVAC
Which of the following describes the type of anti-virus software that looks for suspicious sections of code generally found in malware?
Heuristic scanners
"In which of the following alternative site configurations is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?"
Hot Site
"Which protocol offers native encryption capability, for both authentication and data transfer?"
IMAP
Which layer is not part of the OSI model?
Internet
Which of the following are considered biometric access control systems? (check all that apply)
Iris pattern, Vascular patterns, Keystroke dynamics
Which of the following statements about incremental backup are true? (CHECK ALL THAT APPLY)
It is the fastest method of backing up data, It backs up only the files changed since the most recent backup and clears the archive bit, "A full restoration of data will be slower, since all increments must be restored"
The software development model that is designed for large mainframe systems and requires an environment where developers work directly with users is:
JAD
Which of the following is NOT associated with the access control principles?
Job rotation
Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?
Kerberos
Weaknesses of TELNET include which of the following? (SELECT ALL THAT APPLY)
Limited to UserID/password authentication, No encryption, Usernames/passwords can be brute forced
Which of the following categories of access control implementation includes implementing security services such as smart cards, biometrics, access control lists, firewalls, and intrusion detection systems?
Logical Access Control
You are required to implement a hashing method in your organization's enterprise that can resist forgery and is not susceptible to a man-in-the-middle attack. Which of the following methods will you use to achieve the task?
MAC
"Which of the following attacks allow bypassing access control lists on routers, and aids an aggressor in identity hiding?"
MAC Spoofing Attack
You have been assigned the task of selecting a hash algorithm for your organization to be specifically used to ensure the integrity of certain sensitive files. It must use a 128-bit hash value. Which of the following is your best selection?
MD5
Which of the following describes a virus which often resides on a machine by infecting a template and can cross platform boundaries as long as the application is present?
Macro
Network information services (NIS) are used for what processes?
Manage user credentials across a group of machines in a UNIX environment
Which does NOT describe one-time pads?
May or may not be visible; may affect quality of the original
"Which security model describes strict layers of subjects and objects (active and passive parties, respectively), and defines clear rules of interaction between them?"
Multilevel lattice models
Which intrusion detection system's efficiency decreases with encryption?
NIDS
Which of the following terms refers to a mechanism which proves that the sender really sent a specific message?
Non-repudiation
Which of the following is NOT an information assurance strategy?
None of the above
Which of the following is not one of the four typical elements of a DBMS?
None of the above
Which of the following refers to a location away from the computer center where document copies and backup media are kept?
Off-site storage
Which of the following approaches for identifying appropriate BIA interviewees' includes reviewing the enterprise's functional positions?
Organizational chart reviews
All of the following describes link encryption except:
Performed by the end-user
The trait in object-oriented technology and programming that allows data to be stored in different objects at different levels is:
Polyinstantiation
"Which of the following incident handling process phases is responsible for defining rules, collaborating personnel workforce, creating a backup plan, and testing the plans for an enterprise?"
Preparation Phase
"In managing security services effectively, incident management handles which of the following (check all that apply):"
Prioritization, Training
Which software development model releases multiple beta versions and solicits frequent user feedback?
Prototyping
Which one of the following is true about the criminal law?
Punishments may include loss of personal freedom (to include death) or monetary fines
Which one best describes the religious law?
Punishments may take any and all forms
Management should decide when a system should be returned to operational status in which phase of the incident response process?
Recovery Phase
All of the following is true about 'trade secrets' EXCEPT:
Registered with a government registrar
An organization is seeking to implement a hot site and wants to sustain a live database server at the alternate site. Which of the following solutions will be the best for the organization?
Remote mirroring
The_________________ risk is the risk that remains after the implementation of new or enhanced controls.
Residual
Which network topology's use of tokens allows prediction of node transmission delay and can be used as LAN or network backbone?
Ring
"Many organizations purchase insurance policies, to provide various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques are being employed?"
Risk transfer
A customer requests to connect their LAN to the internet. Which of the following devices do you recommend using to meet this goal?
Router
Which symmetric cipher is used in Bluetooth?
SAFER
"To authenticate the remote computer, which of the following protocols uses public-key cryptography?"
SSH
Which of the following is a software protection mechanism where all references to information and all changes to authorizations must pass through a small portion of the operating system?
Security kernels
Which security operation control enables checks and balances to reduce fraud?
Separation of duties
Single sign-on (SSO) benefits do NOT include which the following?
Single point of failure
Which of the following forms of attack can be used to disrupt even the best physical and logical security mechanism to gain access to a system?
Social Engineering Attack
Modifying identifying information so as to make communication appear to come from a trusted source is known as:
Spoofing
Which of the following disaster recovery testing plans is the most cost-effective and efficient way to identify areas of overlap in the plan before conducting more demanding training exercises?
Structured walk-through test
You are building a personal e-commerce site and seek a simple security solution which does not require each customer to have an individual key. Which of the following encryption method below is your best solution?
Symmetric Encryption
The security concept of operation is developed from whose perspective?
System user
"Administrative law is concerned with confining government power, curtailing governmental abuses, ensuring procedural adherence, and ensuring performance of statutory duties."
TRUE
"Polyalphabetic encryption techniques use multiple alphabets for each successive character replacement, making analysis much more difficult."
TRUE
"With public key cryptography, confidential messages with proof of origin are encrypted with the sender's private key and the public key of the recipient."
TRUE
Defining technology security architecture in relationship with other technology domains is a benefit of the enterprise security architecture.
TRUE
Place the attack methodology in the correct order.
Target analysis> Target acquisition >Target access>Target appropriation>Target ownership
What is the best protection measure against unauthorized access to personal privacy information records in an area where systems are accessed by multiple employees?
The use of smart cards
Which one of the following is designed to protect the goodwill and reputation a merchant or vendor invests in its products?
Trademark
Which phase of the incident response process is triggered by awareness?
Triage Phase
Which cable has a relatively low-speed transmission medium consisting of two insulated wires that are arranged in a regular spiral pattern?
Twisted pair
"When malware infects a host and allows it to be used in a "botnet" for DDoS attacks, the host is said to be a _________ host."
Zombie