CISSP 600-800

¡Supera tus tareas y exámenes ahora con Quizwiz!

A network of five nodes is using symmetrical keys to securely transmit data. How many new keys are required to re-establish secure communications to all nodes in the event there is a key compromise?

A. 5

The basic Electronic Access Control (EAC) components required for access doors are an electromagnetic lock,

A. A credential reader, and a door closed sensor.

____________ is the means by which the ability to do something with a computer resource is explicitly enabled or restricted.

A. Access control

What are the benefits of job rotation? A. All of the choices. B. Trained backup in case of emergencies. C. Protect against fraud. D. Cross training to employees.

A. All of the choices.

PGP provides which of the following?(Choose three)

A. Confidentiality D. Integrity G. Authenticity

Closed circuit TV is a feature of:

A. Detective Physical Controls

Which security measure BEST provides non-repudiation in electronic mail?

A. Digital signature

What is the PRIMARY advantage of secret key encryption systems as compared with public key systems?

A. Faster speed encryption

Which of the following defines the key exchange for Internet Protocol Security (IPSEC)?

A. Internet Security Association Key Management Protocol (ISAKMP)

Which of the following is NOT a type of access control?

A. Intrusive

If the computer system being used contains confidential information, users must not:

A. Leave their computer without first logging off.

Security measures that protect message traffic independently on each communication path are called:

A. Link oriented

When block chaining cryptography is used, what type of code is calculated and appended to the data to ensure authenticity?

A. Message authentication code.

The ability to do something with a computer resource can be explicitly enabled or restricted through:

A. Physical and system-based controls.

As a type of access control, which of the following asks for avoiding occurrence?

A. Preventive

Why do vendors publish MD5 hash values when they provide software patches for their customers to download from the Internet?

A. Recipients can verify the software's integrity after downloading.

What type of access control focuses on restoring resources?

A. Recovery

In a cryptographic key distribution system, the master key is used to exchange?

A. Session keys

What size is an MD5 message digest (hash)?

A.) 128 bits

How many rounds are used by DES?

A.) 16

What is the effective key size of DES?

A.) 56 bits

The RSA algorithm is an example of what type of cryptography?

A.) Asymmetric key

In a Public Key Infrastructure (PKI) context, which of the following is a primary concern with LDAP servers?

A.) Availability

Which of the following ciphers is a subset of the Vignere polyalphabetic cipher?

A.) Caesar

What mechanism automatically causes an alarm originating in a data center to be transmitted over the local municipal fire or police alarm circuits for relaying to both the local police/fire station and the appropriate headquarters?

A.) Central station alarm

Which fire class can water be most appropriate for?

A.) Class A fires

A business continuity plan is an example of which of the following?

A.) Corrective Control

Which of the following is the most secure form of triple-DES encryption?

A.) DES-EDE3

Which of the following are functions that are compatible in a properly segregated environment?

A.) Data entry and job scheduling

What attribute is included in a X.509-certificate?

A.) Distinguished name of subject

What attribute is included in a X-509-certificate?

A.) Distinguished name of the subject

What encryption algorithm is best suited for communication with handheld wireless devices?

A.) ECC

Critical areas should be lighted:

A.) Eight feet high and two feet out

Which of the following is unlike the other three? A.) El Gamal B.) Teardrop C.) Buffer Overflow D.) Smurf

A.) El Gamal

Which of the following services is not provided by the digital signature standard (DSS)?

A.) Encryption

Which of the following suppresses combustion through a chemical reaction that kills the fire?

A.) Halon

Which of the following is NOT a property of a one-way hash function?

A.) It converts a message of a fixed length into a message digest of arbitrary length

Which of the following is NOT a property of a one-way hash function? A.) It converts a message of a fixed length into a message digest of arbitrary length. B.) It is computationally infeasible to construct two different messages with the same digest C.) It converts a message of arbitrary length into a message digest of a fixed length D.) Given a digest value, it is computationally infeasible to find the corresponding message

A.) It converts a message of a fixed length into a message digest of arbitrary length.

Which of the following statements regarding an off-site information processing facility is TRUE? A.) It should have the same amount of physical access restrictions as the primary processing unit B.) It should be located in proximity to the originating site so that it can quicl be made operational C.) It should be easily identified from the outside so in the event of an emergency it can be easily found D.) Need not have the same level of environmental monitoring as the originating site since this would be cost prohibitive

A.) It should have the same amount of physical access restrictions as the primary processing unit

Which of the following control pairing include organizational policies and procedures, pre-employment background checks, strict hiring practices, employment agreements, friendly and unfriendly employee termination procedures, vacation scheduling, labeling of sensitive materials, increased supervision, security awareness training, behavior awareness, and sign-up procedures to obtain access to information systems and networks in?

A.) Preventive/Administrative Pairing

A public key algorithm that does both encryption and digital signature is which of the following?

A.) RSA

The main risks that physical security components combat are all of the following EXCEPT: A.) SYN flood B.) physical damage C.) theft D.) availability

A.) SYN flood

Which of the following are functions that are compatible in a properly segregated environment?

A.) Security administration and quality assurance

Guards are appropriate whenever the function required by the security program involves which of the following?

A.) The use of discriminating judgment

Which of the following would be less likely to prevent an employee from reporting an incident? A.) They are afraid of being pulled into something they don't want to be involved with B.) The process of reporting incidents is centralized C.) They are afraid of being accused of something they didn't do D.) They are unaware of the company's security policies and procedures

A.) They are afraid of being pulled into something they don't want to be involved with

Which trusted facility management concept implies that two operators must review and approve the work of each other?

A.) Two-man control

Where parties do not have a shared secret and large quantities of sensitive information must be passed, the most efficient means of transferring information is to use a hybrid encryption technique. What does this mean?

A.) Use of public key encryption to secure a secret key, and message encryption using the secret key

Which of the following protection devices is used for spot protection within a few inches of the object, rather than for overall room security monitoring?

A.) Wave pattern motion detectors

A prolonged power supply that is below normal voltage is a:

A.) brownout

Which of the following is a class A fire?

A.) common combustibles

Which of the following is electromagnetic interference (EMI) that is noise from the radiation generated by the difference between the hot and ground wires?

A.) common-mode noise

Which of the following is a class C fire?

A.) electrical

Which of the following can be defined as an attribute in one relation that has values matching the primary key in another relation?

A.) foreign key

Matches between which of the following are important because they represent references from one relation to another and establish the connection among these relations?

A.) foreign key to primary key

What is the role of IKE within the IPsec protocol:

A.) peer authentication and key exchange

Which is the last line of defense in a physical security sense?

A.) people

Which of the following is NOT a precaution you can take to reduce static electricity? A.) power line conditioning B.) anti-static sprays C.) maintain proper humidity levels D.) anti-static flooding

A.) power line conditioning

Which of the following is currently the most recommended water system for a computer room?

A.) pre-action

Which of the following suppresses the fuel supply of the fire?

A.) soda acid

A controlled light fixture mounted on a 5-meter pole can illuminate an area 30 meter in diameter. For security lighting purposes, what would be the proper distance between fixtures?

B. 30 meters

Access control is the collection of mechanisms that permits managers of a system to exercise influence over the use of:

B. An IS system

The concentric circle approach is used to

B. Assess the physical security facility.

Access control allows you to exercise directing influence over which of the following aspects of a system?

B. Behavior, use, and content.

An IDS is a category of what control?

B. Detective, Technical

An audit trail is a category of what control?

B. Detective, Technical

What should you do to the user accounts as soon as employment is terminated?

B. Disable the user accounts and have the data kept for a specific period of time.

In addition to ensuring that changes to the computer system take place in an identifiable and controlled environment, configuration management provides assurance that future changes:

B. Do not adversely affect implementation of the security policy.

Preventive Technical Controls are usually built:

B. Into an operating system.

Which of the following are NOT considered technical controls? A. Access Control software B. Man trap C. Passwords D. Antivirus Software

B. Man trap

Who is responsible for the security and privacy of data during a transmission on a public communications link?

B. The sending

In a Secure Electronic Transaction (SET), how many certificates are required for a payment gateway to support multiple acquires?

B. Two certificates for the gateway and two for the acquirers.

PGP uses which of the following to encrypt data?

B.) A symmetric scheme

To be in compliance with the Montreal Protocol, which of the following options can be taken to refill a Halon flooding system in the event that Halon is fully discharged in the computer room?

B.) Contact a Halon recycling bank to make arrangements for a refill

The recording of events with a closed-circuit TV camera is considered a:

B.) Detective control

Which of the following is NOT a symmetric key algorithm? A.) Blowfish B.) Digital Signature Standard (DSS) C.) Triple DES (3DES) D.) RC5

B.) Digital Signature Standard (DSS)

Which of the following is a physical control?

B.) Environmental controls

Which of the following would best describe a Concealment cipher?

B.) Every X number of words within a text, is a part of the real message

What fire suppression system can be used in computer rooms that will not damage computers and is safe for humans?

B.) FM200

Which of the following questions is less likely to help in assessing physical access controls? A.) Does management regularly review the list of persons with physical access to sensitive facilities? B.) Is the operating system configured to prevent circumvention of the security software and application controls? C.) Are keys or other access devices needed to enter the computer room and media library? D.) Are visitors to sensitive areas signed in and escorted?

B.) Is the operating system configured to prevent circumvention of the security software and application controls?

A weak key of an encryption algorithm has which of the following properties?

B.) It facilitates attacks against the algorithm

The primary purpose for using one-way encryption of user passwords within a system is which of the following?

B.) It prevents an unauthorized person from reading or modifying the password list

What level of assurance for a digital certificate only requires an e-mail address?

B.) Level 1

Which of the following was developed in order to protect against fraud in electronic fund transfers (EFT)?

B.) Message Authentication Code (MAC)

What uses a key of the same length as the message?

B.) One-time pad

Which of the following best describes the Secure Electronic Transaction (SET) protocol?

B.) Originated by VISA and MasterCard as an Internet credit card protocol using digital signatures

Which of the following mail standards relies on a "Web of Trust"?

B.) Pretty Good Privacy (PGP)

Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?

B.) Preventive/Administrative Pairing

Technical controls such as encryption and access control can be built into the operating system, be software applications, or can be supplemental hardware/software units. Such controls, also known as logical controls, represent which pairing?

B.) Preventive/Technical Pairing

Which of the following is not a one-way algorithm? A.) MD2 B.) RC2 C.) SHA-1 D.) DSA

B.) RC2

Which of the following is not an encryption algorithm? A.) Skipjack B.) SHA-1 C.) Twofish D.) DEA

B.) SHA-1

What can be defined as a momentary low voltage?

B.) Sag

Which of the following best provides e-mail message authenticity and confidentiality?

B.) Signing the message using the sender's private key and encrypting the message using the receiver's public key

Which of the following can best be defined as a key distribution protocol that uses hybrid encryption to convey session keys that are used to encrypt data in IP packets?

B.) Simple Key-Management for Internet Protocols (SKIP)

Which of the following would best define the "Wap Gap" security issue?

B.) The fact that WTLS transmissions have to be decrypted at the carrier's WAP gateway to be re-encrypted with SSL for use over wired networks.

In a Public Key Infrastructure, how are public keys published?

B.) Through digital certificates

Which of the following layers is not used by the Rijndael algorithm? A.) Non-linear layer B.) Transposition layer C.) Key addition layer D.) The linear mixing layer

B.) Transposition layer

When two operators review and approve the work of each other, this is known as?

B.) Two-man control

Under what conditions would use of a "Class C" hand-held fire extinguisher be preferable to use of a "Class A" hand-held fire extinguisher?

B.) When the fire involves electrical equipment

Which of the following is not an example of an operation control? A.) backup and recovery B.) audit trails C.) contingency planning D.) operations procedures

B.) audit trails

Which of the following is not an example of an operational control?

B.) audit trails

A prolonged power outage is a:

B.) blackout

The most prevalent cause of computer center fires is which of the following?

B.) electrical distribution systems

What is NOT true with pre shared key authentication within IKE/IPsec protocol: A.) pre shared key authentication is normally based on simple passwords B.) needs a PKI to work C.) Only one preshared key for all VPN connections is needed D.) Costly key management on large user groups

B.) needs a PKI to work

Devices that supply power when the commercial utility power system fails are called which of the following?

B.) uninterruptible power supplies

Which one of the following can be identified when exceptions occur using operations security detective controls?

C. Authorized operations people performing unauthorized functions.

The repeated use of the algorithm to encipher a message consisting of many blocks is called

C. Cipher block chaining

As a type of access control, which of the following asks for restoring controls?

C. Corrective

As a type of access control, which of the following asks for identifying occurrences?

C. Detective

Sensor is:

C. Detective, Physical

As a type of access control, which of the following asks for discouraging occurrence?

C. Deterrent

What is the basis for the Rivest-Shamir-Adelman (RSA) algorithm scheme?

C. Factorability

What is the company benefit, in terms of risk, for people taking a vacation of a specified minimum length?

C. Increases potential for discovering frauds.

What set of principles is the basis for information systems controls?

C. Need to know, identification, and authenticity

Which of the following user items can be shared?

C. None of the choices.

A security control should

C. Not rely on the security of its mechanism.

Disaster Recovery Plan emergency produces is a plan of action that commences immediately to prevent or minimize property damage and to:

C. Prevent loss of life.

Public key cryptography provides integrity verification through the use of public key signature and?

C. Private key signature

The main categories of access control do NOT include: A. Administrative Access Control B. Logical Access Control C. Random Access Control D. Physical Access Control

C. Random Access Control

What principle requires that for particular sets of transactions, no single individual be allowed to execute all transactions within the set?

C. Separation of duties

Employee involuntary termination processing should include

C. The surrender of any company identification.

Which one of the following, if embedded within the ciphertext, will decrease the likelihood of a message being replayed?

C. Timestamp

Separation of duties is valuable in deterring:

C. fraud

Which of the following is not a property of the Rijndael block cipher algorithm? A.) Resistance against all known attacks B.) Design simplicity C.) 512 bits maximum key size D.) Code compactness on a wide variety of platforms

C.) 512 bits maximum key size

How many bits is the effective length of the key of the Data Encryption Standard Algorithm?

C.) 56

What fencing height is likely to stop a determined intruder?

C.) 8' high and above with strands of barbed wire

Which of the following are functions that are compatible in a properly segregated environment?

C.) Access authorization and database administration

According to the ISC2, what should be the fire rating for the walls of an information processing facility?

C.) All walls must have a two-hour minimum fire rating

Which of the following is a detective control?

C.) Audit trails

What is used to bind a document to it's creation at a particular time?

C.) Digital Timestamp

One-way hash provides:

C.) Integrity

Which of the following is true about a "dry pipe" sprinkler system?

C.) It minimizes chances of accidental discharge of water

What security procedure forces an operator into collusion with an operator of a different category to have access to unauthorized data?

C.) Limiting the specific accesses of operations personnel

Which of the following statements pertaining to block ciphers is incorrect? A.) It operates on fixed-size blocks of plaintext B.) It is more suitable for software than hardware implementations C.) Plain text is encrypted with a public key and decrypted with a private key D.) Block ciphers can be operated as a stream

C.) Plain text is encrypted with a public key and decrypted with a private key

Which of the following statements pertaining to block ciphers is incorrect? A.) it operates on fixed-size blocks of plaintext B.) it is more suitable for software than hardware implementation C.) Plain text is encrypted with a public key and decrypted with a private key D.) Block ciphers can be operated as a stream

C.) Plain text is encrypted with a public key and decrypted with a private key

What category of water sprinkler system is currently the most recommended water system for a computer room?

C.) Pre-action sprinkler system

Which of the following algorithms does NOT provide hashing?

C.) RC4

Which of the following is a symmetric encryption algorithm?

C.) RC5

Which of the following encryption algorithms does not deal with discrete logarithms?

C.) RSA

Electronic signatures can prevent messages from being:

C.) Repudiated

Which Application Layer security protocol requires two pair of asymmetric keys and two digital certificates?

C.) SET

Which protocol makes use of an electronic wallet on a customer's PC and sends encrypted credit card information to merchant's Web server, which digitally signs it and sends it on to its processing bank?

C.) SET

Which of the following is not a form of detective administrative control? A.) Rotation of duties B.) Required vacations C.) Separation of duties D.) Security reviews and audits

C.) Separation of duties

Which of the following is not a known type of Message Authentication Code (MAC)? A.) Hash function-based MAC B.) Block cipher-based MAC C.) Signature-based MAC D.) Stream cipher-based MAC

C.) Signature-based MAC

Which of the following offers confidentiality to an e-mail message?

C.) The sender encrypting it with it's receiver's public key

Which of the following floors would be most appropriate to locate information processing facilities in a 6-stories building?

C.) Third floor

What is the main objective of proper separation of duties?

C.) To ensure that no single individual can compromise a system

What are two types of ciphers?

C.) Transposition and Substitution

Under what conditions would the use of a Class C fire extinguisher be preferable to a Class

C.) When the fire involves electrical equipment

Which of the following standards concerns digital certificates?

C.) X.509

The following are fire detector types EXCEPT: A.) smoke activated B.) flame actuated C.) acoustical-seismic detection system D.) heat activated

C.) acoustical-seismic detection system

Which of the following is true about a "dry pipe" sprinkler system?

C.) it minimizes chances of accidental discharge of water

Controls are implemented to:

C.) mitigate risk and reduce the potential for loss

Which of the following items should not be retained in an E-mail directory?

C.) permanent records

A prolonged high voltage is a:

C.) surge

Which of the following is not a physical control for physical security? A.) lighting B.) fences C.) training D.) facility construction materials

C.) training

How do Preventive Technical Controls protect system integrity and availability?

D. By limiting the number of users and/or processes.

________ Technical Controls warn of technical Access Control violations.

D. Detective

Motion detector is a feature of:

D. Detective Physical Controls.

Which one of the following actions should be taken FIRST after a fire has been detected?

D. Evacuate all personnel

Which set of principal tasks constitutes configuration management?

D. Identification, control, status accounting, and auditing of changes.

The MAIN reason for developing closed-circuit television (CCTV) as part of your physical security program is to

D. Increase guard visibility.

You have very strict Physical Access controls. At the same time you have loose Logical Access Controls. What is true about this setting?

D. It may not secure your environment.

Which one of the following is an asymmetric algorithm? A. Data Encryption Algorithm. B. Data Encryption Standard C. Enigma D. Knapsack

D. Knapsack

A two factor authentication method is considered a:

D. Logical control

Which of the following is not a detective technical control? A. Intrusion detection system B. Violation reports C. Honeypot D. None of the choices.

D. None of the choices.

What is the PRIMARY concern during a disaster?

D. Personnel safety.

___________________ are the technical ways of restricting who or what can access system resources.

D. Preventive Technical Controls

Preventive Technical Controls cannot:

D. Protect users from being monitored.

Lock picking is classified under which one of the following lock mechanism attacks?

D. Shimming

Separation of duty can be:

D. Static or dynamic

How much more secure is 56 bit encryption opposed to 40 bit encryption?

D.) 65,536 times

What key size is used by the Clipper Chip?

D.) 80 bits

Configuration Management controls what?

D.) Auditing and controlling any changes to the Trusted Computing Base

Which of the following is not a EPA-approved replacement for Halon?

D.) Bromine

Cryptography does not help in:

D.) Detecting fraudulent disclosure

Which of the following measures would be the BEST deterrent to the theft of corporate information from a laptop which was left in a hotel room?

D.) Encrypt the data on the hard drive

Which of the following elements is not included in a Public Key Infrastructure (PKI)? A.) Timestamping B.) Lightweight Directory Access Protocol (LDAP) C.) Certificate revocation D.) Internet Key Exchange (IKE)

D.) Internet Key Exchange (IKE)

Compared to RSA, which of the following is true of elliptic curse cryptography?

D.) It is believed to require shorter keys for equivalent security

Which of the following statements is true about data encryption as a method of protecting data?

D.) It requires careful key Management

The RSA Algorithm uses which mathematical concept as the basis of its encryption?

D.) Large prime numbers

Which of the following is defined as a key establishment protocol based on the Diffie-Hellman algorithm proposed for IPsec but superseded by IKE?

D.) OAKLEY

Which of the following provides coordinated procedures for minimizing loss of life or injury and protecting property damage in response to a physical threat?

D.) Occupant emergency plan

Controls like guards and general steps to maintain building security, securing of server rooms or laptops, the protection of cables, and the backing up of files are some of the examples of:

D.) Physical controls

Which of the following risk will most likely affect confidentiality, integrity and availability?

D.) Physical theft

The Physical Security domain addresses three areas that can be utilized to physically protect an enterprise's resources and sensitive information. Which of the following is not one of these areas?

D.) Risks

Which of the following are functions that are compatible in a properly segregated environment?

D.) Systems development and systems maintenance

Which of the following is not concerned with configuration management? A.) Hardware B.) Software C.) Documentation D.) They all are concerned with configuration management

D.) They all are concerned with configuration management

Which of the following statements related to a private key cryptosystem is FALSE? A.) The encryption key should be secure B.) Data Encryption Standard (DES) is a typical private key cryptosystem C.) The key used for decryption is known to the sender D.) Two different keys are used for the encryption and decryption

D.) Two different keys are used for the encryption and decryption

Electrical systems are the lifeblood of computer operations. The continued supply of clean, steady power is required to maintain the proper personnel environment as well as to sustain data operations. Which of the following is not an element that can threaten power systems? A.) Noise B.) Humidity C.) Brownouts D.) UPS

D.) UPS

Which of the following is NOT a type of motion detector?

D.) audio detector

A timely review of system access audit records would be an example of which of the basic security functions?

D.) detection

A momentary power outage is a:

D.) fault

Examples of types of physical access controls include all except which of the following? A.) badges B.) locks C.) guards D.) passwords

D.) passwords

Which of the following is the most costly countermeasures to reducing physical security risks?

D.) personnel

Simple Key Management for Internet Protocols (SKIP) is similar to Secure Sockets Layer (SSL), except that it requires no prior communication in order to establish or exchange keys on a:

D.) session-by-session basis

Which issue when selecting a facility site deals with the surrounding terrain, building markings and signs, and high or low population in the area?

D.) visibility


Conjuntos de estudio relacionados

Purdue CS 307 Midterm Study Guide

View Set

North Africa and Middle East Study Guide

View Set

MedSurg-Chapter 24- Chronic Pulmonary Disease

View Set

Physical Anthropology Quiz & Exploration HW Questions

View Set

✖️Multiplication Facts 6x6 to 9x9

View Set

Structure and Function of Key Organelles (Mitochondria, Chloroplast, Cell Membrane)

View Set

E.1.3 Analyze various sentence structures

View Set

What did you learn?? Organ transplant

View Set

Vision and the Structure of the Eye (Psychology 8)

View Set

Chapter 19 Practice Test Questions

View Set