CISSP PRACTICE TESTS Chapter 3 ▪Security Engineering (Domain 3)
26. How many bits of keying material does the Data Encryption Standard use for encrypting informatiom? A. 56 bits B. 64 bits C. 128 bits D. 256 bits
A. 56 bits
42. Adam recently configured permissions on an NTFS filesystem to describe the access that different users may have to a file by listing each user individually. What did Adam create? A. An access control list B. An access control entry C. Role-based access control D. Mandatory access control
A. An access control list
75. Grace would like to implement application control technology in her organization. Users often need to install new applications for research and testing purposes, and she does not want to interfere with that process. At the same time, she would like to block the use of known malicious software. What type of application control would be appropriate in this situation? A. Blacklisting B. Greylisting C. Whitelisting D. Bluelisting
A. Blacklisting
78. Raj is selecting an encryption algorithm for use in his organization and would like to be able to vary the strength of the encryption with the sensitivity of the information. Which one of the following algorithms allows the use of different key strengths? A. Blowfish B. DES C. Skipjack D. IDEA
A. Blowfish Blow fish allows the user to select any key length between 43 and 448 bits
3. Ralph is designing a physical security infrastructure for a new computing facility that will remain largely unstaffed. He plans to implement motion detectors in the facility but would also like to include a secondary verification control for physical presence. Which one of the following would best meet his needs? A. CCTV B. IPS C. Turnstiles D. Faraday cages
A. CCTV
55. What type of fire extinguisher is useful only against common combustibles? A. Class A B. Class B C. Class C D. Class D
A. Class A Class A fire extinguishers are useful only against common combustible materials. They use water or soda acid as their suppressant. Class B extinguishers are for liquid fires such as grease, gasoline, oil, etc Class C are for live electrical equipment, which require the use of electrically non-conductive extinguishing agents Class D are for combustible metals such as magnesium, titanium, sodium, etc.
87. In Transport Layer Security, what type of key is used to encrypt the actual content of communications between a web server and a client? A. Ephemeral session key B. Client's public key C. Service's public key D. Server's private key
A. Ephemeral session key In TLS both the server and the client first communicate using an ephemeral symmetric session key. They exchange this key using asymmetric cryptography, but all encrypted content is protected using symmetric cryptography. A cryptographic key is called ephemeral if it is generated for each execution of a key establishment process. In some cases ephemeral keys are used more than once, within a single session (e.g., in broadcast applications) where the sender generates only one ephemeral key pair per message and the private key is combined separately with each recipient's public key. Contrast with a static key
7. Harry who like to access a document owned by Sally and stored on a file server. Applying the subject/object model to this scenario, who or what is the subject of the resource request? A. Harry B. Sally C. Server D. Document
A. Harry
76. Warren is designing a physical intrusion detection system for his data center and wants to include technology that issues an alert if the communications lines for the alarm system are unexpectedly cut. What technology would meet this requirement? A. Heartbeat sensor B. Emanation security C. Motion detector D. Faraday cage
A. Heartbeat sensor
2.Referring to the figure shown below, what is the earliest stageof a fire where it is possible to use detection technology to identify it? TEMPERATURE/TIME Stage 1: Incipient▪ Stage 2: Smoke ▪Stage 3: Flame ▪Stage 4: Heat A. Incipient B. Smoke C. Flame D. Heat
A. Incipient
82. The Bell- LaPadula and Biba models implement state machines in a fashion that uses what specific state machine model? A. Information flow B. Noninterference C. Cascading D. Freedback
A. Information flow
39. Alan is reviewing a system that has been assigned the EAL1 evaluation assurance level under the Common Criteria. What is the degree of assurance that he may have about the system? A. It has been functionally tested B. It has been structurally tested. C. It has been formally verified, designed, and tested. D. It has been methodically designed, tested, and reviewed.
A. It has been functionally tested. EAL1 is the lowest level of assurance under the Common Criteria
61. Sherry conducted an inventory of the cryptographic technologies in use within her organization and found the following algorithms and protocols in use. Which one of these technologies should she replace because it is no longer considered secure? A. MD5 B. 3DES C. PGP D. WPA2
A. MD5 MD5 hashing algorithm has known collisions and as of 2005 is no longer considered secure for use in modern environments. Triple DES (3DES or TDES), officially the Triple Data Encryption Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. WPA2 Wi-Fi Protected Access 2, WPA2 is the security method added to WPA for wireless networks that provides stronger data protection and network access control. It provides enterprise and consumer Wi-Fi users with a high level of assurance that only authorized users can access their wireless networks.
56. Gary is concerned about applying consistent security settings to the many mobile devices used throughout his organization. What technology would best assit with his challenge? A. MDM B. IPS C. IDS D. SIEM
A. MDM Mobile device Management products provide a consistent, centralized interface for applying security configurations settings to mobile devices.
11. What type of security vulnerability are developers most likely to introduce into code when they seek to facilitate their own access, for testing purposes, to software they developed? A. Maintenance hook B. Cross-site scripting C. SQL injection D. Buffer overflow
A. Maintenance hook
33. Referring to the figure shown below, what is the name of the security control indicated by the arrow? A. Mantrap B. Turnstile C. Intrusion prevention system D. Portal
A. Mantrap
71. In what type of attack does the attacker replace the legitimate BIOS on a computer with a malicious alternative that allows them to take control of the system? A. Phlashing B. Phreaking C. Phishing D. Phrogging
A. Phlashing Phlashing is a permanent denial of service (DoS) attack that exploits a vulnerability in network-based firmware updates. Such an attack is currently theoretical but if carried out could render the target device inoperable. Phreaking, a method used in service theft, is a type of hacking that steals service from a provider, or uses the service while assigning cost to another person. Encryption is not commonly used in SIP, which administers authentication over VoIP calls, so user credentials are exposed to theft. Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers Phrogging a social engineering attack.
34. Which one of the following does not describe a standard physical security requirements for wiring closets? A. Place only in areas monitored by security guards. B. Do not store flammable items in the closet. C. Use sensors on doors to log entries. D. Perform regular inspections of the closet.
A. Place only in areas monitored by security guards.
80. Howard is choosing a cryptographic algorithm for his organization and he would like to choose an algorithm that supports the creation of digital signatures. Which one of the following algorithms would meet his requirement? A. RSA B. DES C. AES D. Blowfish E. IDEA
A. RSA Digital signatures are possible only when using an asymmetric encryption algorithm. RSA (Rivest-Shamir-Adleman) It is an asymmetric cryptographic algorithm. DES no longer used block symmetric algorithm. The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Its short key length of 56 bits makes it too insecure for applications. AES is a subset of the Rijndael block cipher Blowfish is a symmetric block cipher that can be used as a drop-in replacement for DES or IDEA. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for both domestic and exportable use. Blowfish was designed in 1993 by Bruce Schneier as a fast, free alternative to existing encryption algorithms. IDEA (International Data Encryption Algorithm) is an encryption algorithm. It is a symmetric block cipher which takes 64 bit as a input, 28-bit key and performs 8 identical rounds for encryption in which 6 different subkeys are used and four keys are used for output transformation.
38. In what state does a processor's scheduler place a process when it is prepared to execute but the CPU is not currently available? A. Ready B. Running C. Waiting D. Stopped
A. Ready The Ready state is used when a process is prepared to execute but the CPU is not available. The Ruing state is used when a process is executing on the CPU. The Waiting state is used when a process is blocked waiting for an external event. The Stopped state is used when a process terminates.
49. In the ring protection model shown below, what ring contains the operating system's kernel? RING O ○ ; RING 1 ° ; RING 2 ° ; RING 3 ° A. Ring O B. Ring 1 C. Ring 2 D. Ring 3
A. Ring O
5.Fran's company is considering purchasing a web-based email service from a vendor and eliminating its own email serve environment as a cost-saving measure. What type of cloud computing environment is Fran's company considering? A. SaaS B. IaaS C. CaaS D. PaaS
A. SaaS
40. Which one of the following components is used to assign classifications to objects in a mandatory access control system? A. Security label B. Security token C. Security descriptor D. Security capability
A. Security label
97. Todd wants to add a certificate to a certificate revocation list. What element of the certificate goes on the list? A. Serial number B. Public key C. Digital signature D. Private key
A. Serial number
98. Alison is examining a digital certificate presented to her by her bank's website. Which one of the following requirements is not necessary for her to trust the digital certificate? A. She knows that the server belongs to the bank. B. She trusts the certificate authority. C. She verifies that the certificate is not listed on a CRL. D. She verifies the digital signature on the certificate.
A. She knows that the server belongs to the bank. The point of the digital certificate is to prove to Alison that the server belongs to the bank, so she does not need to have this trust in advance.
58. Rhonda is considering the use of new identification cards for physical access control in her organization. She comes across a military system that uses the card shown below. What type of card is this? A. Smart card B. Proximity card C. Magnetic stripe card D. Phase three card
A. Smart card
30. Which one of the following is not one of the basic requirements for cryptographic hash function? A. The function must work on fixed-length input. B. The functiion must be relatively easy to compute for any input. C. The function must be one way. D. The function must be collision free.
A. The function must work on fixed-length input
21. Which one of the following is not an attribute of a hashing algorithm? A. They require a cryptographic key. B. They are irreversible. C. It is very difficult to find two messages with the same hash value. D. They take variable-length input.
A. They require a cryptographic key.
44. Which one of the following terms is not used to describe a privileged mode of system operation? A. User mode B. Kernel mode C. Supervisory mode D. System mode
A. User mode
65. What standard governs the creation and validation of digital certificates for use in a public key infrastructure? A. X.509 B. TLS C. SSL D. 802.1X
A. X.509
37. What is the minimum number of independent parties necessary to implement the Fair Cryptosystems approach to key escrow? A. 1 B. 2 C. 3 D. 4
B. 2 In the fair Cryptosystem approach to key escrow, the secret keys used in communications are divided into tow or more pieces, each of which is given to an independent third party
15. Marcy would like to continue using some old DES encryption equipment to avoid throwing it away. She understands that running DES multiple times improves the security of the algorithm. What is the minimum number of times she must run DES on the same data to achieve security that is cryptographically strong by modern standards? A. 2 B. 3 C. 4 D. 12
B. 3
4. Harry would like to retrieve a lost encryption key from a database that uses m of n control with m = 4 and n = 8. What is the minimum number of escrow agents required to retrieve the key? A. 2 B. 4 C. 8 D. 12
B. 4
96. Object-oriented programming languages use a black box approach to development, where users of an object do not necessarily need to know the object's implementation details. What term is used to describe this concept? A. Layering B. Abstraction C. Data hiding D. Process isolation
B. Abstraction Abstraction uses a black box approach to hide the implementation details of an object from the users of that object.
51. Which one of the following is an example of a code, not a cipher? A. Data Encryption Standard B. "One if by land; two if by sea" C. Shifting letters by there D. Word scramble
B. "One if by land; two if by sea"
95. What term is used to describe the formal declaration by a designated approving authority (DAA) that an IT system is approved to operate in a specific environment? A. Certification B. Accreditation C. Evaluation D. Approval
B. Accreditation Accreditation is the formal approval by the DAA that an It system may operate in a described risk environment.
18. Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority. Which one of the following keys would Bob not possess in this scenario? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
B. Alice's private key
19. Alice would also like to digitally sign the message that she sends to Bob. What key should she use to create the digital signature? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
B. Alice's private key
92. Tommy is planning to implement a power conditing UPS for a rack of servers in his data center. Which one of the following conditions will the UPS be unable to protect against if it persists for more than a few minutes? A. Fault B. Blackout C. Sag D. Noise
B. Blackout
28. Florian and Tobias would like to begin communicating using a symmetric cryptoosystem but they have no prearranged secret and are not able to meet in person to exchange keys. What algorithm can they use to securely exchange the secret key? A. IDEA B. Diffie-Hellman C. RSA D. MD5
B. Diffie-Hellman
62. What action can you take to prevent accidental data disclosure due to wear leveling on an SSD device before reusing the drive? A. Reformatting B. Disk encryption C. Degaussing D. Physical destruction
B. Disk encryption does protect against wear leveling on an SSD Disk fromating does not effectively remove data from any device. Degaussing in only effective on magnetic media. Physically destroying the drive would not permit reuse.
23. Susan would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability? A. AH B. ESP C. IKE D. ISAKMP
B. ESP The Encapsulating Security Payload (ESP) protocol provides confidentiality and integrity for packet contents. It encrypts packet payloads and provides limited authentication and protection against replay attacks.
88. Beth would like to include technology in a secure area of her data center to protect against unwanted electromagnetic emanations. What technology would assist her with this goal? A. Heartbeat sensor B. Faraday cage C. Pigglybacking D. WPA2
B. Faraday cage
91. A software company developed two system that share information. System A provides information to the input of System B, which then reciprocates by providing information back to System A as input. What type of composition theory best describes this practice? A. Cascading B. Feedback C. Hookup D. Elementary
B. Feedback The feedback model of a composition theory occurs when one system provided input for a second system and then the second system provides input for the first system. This is a specialized case of cascading model.
6. Bob is a security administrator with the federal government and wishes to choose a digital signature approach that is an approved part of the federal Digital Signature Standard under FIPS 186-4. Which one of the following encryption algorithms is not an acceptable choice for use in digital signature? A. DSA B. HAVAL C. RSA D. ECDSA
B. HAVAL The Digital Signature Standard for FIPS 186-4 approves three encryption algorithms for use in digital signatures 1) Digital Signature Algorithm (DSA) 2) Rivest, Shamir, Adleman (RSA) 3) Elliptic Curve DSA (ECDSA) HAVAL is a has function, has functions are part of the digital signature process but do no provide encryption.
89. In a virtualized computing environment, what component is responsible for enforcing separation between guest machines? A. Guest operation system B. Hypervisor C. Kernel D. Protection manger
B. Hypervisor
53. Process_________________ ensures that any behavior will affect only the memory and resources associated with a process. A. Restriction B. Isolation C. Limitation D. Parameters
B. Isolation When a process is confined within certain access bounds, that process runs in isolation. Isolation protects he operating environment, the operating system kernel, and other process running on the system.
32. What cryptographic principle stands behind the idea that cryptographic algorithms should be open to public inspection? A. Security through obscurity B. Kerchoff principle C. Defense in deth D. Heisenburg principle
B. Kerchoff principle
54. Harold is assessing the susceptibility of his environment to hardware failures and would like to identify the expected lifetime of a piece of hardware. What measure should he use for this? A. MTTR B. MTTF C. RTO D. MTO
B. MTTF
41. What type of software program exposes the code to anyone who wishes to inspect it? A. Close source B. Open-source C. Fixed source D. Unrestricted source
B. Open-source
90. Rick is an application developer who works primarily in Python. He recently decided to evaluate a new service where he provides his Python code to a vendor who then executes it on their server environments. What type of cloud computing environment is this service? A. SaaS B. PaaS C. IaaS D. CaaS
B. PaaS Cloud computing systems where the customer only provides application code for execution on an vendor-supplied computing platform are examples of platform as a service (PaaS) computing
13. Tom is responsible for maintaining the security of systems used to control industrial process located within a power plant. What term is used to describe these systems? A. POWER B. SCADA C.HAVAL D. COBOL
B. SCADA
20. What name is given to the random value added to password in an attempt to defeat rainbow table attacks? A. Hash B. Salt C. Extender D. Rebar
B. Salt
12. Sally is blocked from reading the file due to the Biba integrity model. Sally has a Secret security clearance and the file has a Confidential classification. What principle of the Biba model is being enforced? in book. A. Simple Security Property B. Simple Integrity Property C. *-Security Property D. *-Integrity Property
B. Simple Integrity Property
79. Referring to the fire triangle shown below, which one of the following suppression materials attacks a fire by removing the fuel source? A. Water B. Soda acid C. Carbon dioxide D. Halon
B. Soda acid Soda Acid and other dry powder fire extinguishers work to remove the fuel supply Water suppresses temperature. Halon and carbon dioxide remove the oxygen supply.
47. Gary intercepts a communication between two individuals and suspects that they are exchanging secret messages. The content of the communication appears to be the image shown below. What type of technique may the individuals use to hide messages inside this image? A. Visual cryptography B. Steganography C. Cryptographic hashing D. Transport layer security
B. Steganography
60. In the diagram shown below of security boundaries within a computer system, What component's name has been replaced with XXX? ••••••••• User Space•••••••••• [Process] [Process] [Process] __________________________________________ •••••••••[Referece Monitor]•••••••• ••••••••••••••••••XXX•••••••••• •••••••••••••••••Kernel•••••••• A. Kernel B. TCB C.Security perimeter D. User execution
B. TCB
64. A hacker recently violated the integrity of data in Jame's company by modifying a file using a precise timing attack. The attacker waited until James verified the integrity of a file's contents using a hash value and then modified the file between the time that James verified the integrity and read the contents of the file. What type of attack took place? A. Social engineeing B. TOCTOU C.Data diddling D. Parameter checking
B. TOCTOU
14. Sonia recently removed an encrypted hard drive from a laptop and moved it to a new device because of a hardware failure. She is having difficulty accessing encrypted content on the drive despite the fact that she knows the user's password. What hardware security feature is likely causing this problem? A. TCB B. TPM C. NIACAP D. RSA
B. TPM The Trusted Platform Module (TPM) is the hardware security technique that stores an encryption key on the chip of the motherboard and prevents someone form accessing an encrypted drive by installing it in another computer.
69. In a software as a Service cloud computing environment, who is normally responsible for ensuring that appropriate firewall controls are in place? A. Customer's security team B. Vendor C. Customer's networking team D. Customer's infrastructure management team
B. Vendor In a software as a service environment, the customer has no access to any underlying infrastructure, so firewall mangment is a vendor responsibility under the cloud computing shared responsibility model.
77. John and Gary are negotiating a business transaction and John must demonstrate to Gary that he has access to a system. He engages in an electronic version of the "magic door" scenario shown below. A. Split-knowledge proof B. Zero-knowledge proof C. Logical proof D. Mathematical proof
B. Zero-knowledge proof
27. In the figure below, Harry's request to write to the data file is blocked. Harry has a Secret security clearance and the data has a Confidential classification. What principle of the Bell-LaPadula model blocked this request? •••••••Write Request•••••••• (Harry)-------------------->[Data File] A. Simple Security Property B. Simple Integrity Property C. *-Security Property D. *-Discretionary Security Property
C. *-Security Property
94. Chris is designing a cryptographic system for use within his company. The company has 1,000 employees, and they plan to use an asymmetric encryption system. How many total keys will they need? A. 500 B. 1,000 C. 2,000 D. 4,950
C. 2,000 The number of keys required to connect N parties using symmetric cryptography is given by the formula: (N * (N-1)) / 2. I like to write it (N²-N)/2 because seeing the square helps me remember it's the formula for symmetric algorithms. Asymmetric is simply 2N
31. How many possible keys exist for a cipher that uses a key containing 5 bits? A. 10 B. 16 C. 32 D. 64
C. 32
67. John Widgets strictly limits access to total sales volume information, classifying it as a competitive secret. However, shipping clerks have unrestricted access to order records to facilitate transaction completion. A shipping clerk recently pulled all of the individual sales records for a quarter and totaled them up to determine the total sales volume. What type of attack occurred? A. Social engineering B. Inference C. Aggregation D. Data diddling
C. Aggregation
36. Which one of the following security controls is least often required in Bring Your Own Device (BYOD) environments? A. Remote wiping B. Passcodes C. Application control D. Device encryption
C. Application control
16 Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority. 16. If Alice wishes to send Bob an encrypted message, what key does she use to encrypt the message? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
C. Bob's public key
84. What type of motion detector senses changes in the electromagnetic fields in monitored areas? A. Infrared B. Wave pattern C. Capacitance D. Photoelectric
C. Capacitance Capacitance motion detectors monitor the electromagnetic field in a monitored areas sensing disturbances that correspond to motion.
9 Helen is a software engineer and is developing code that she would like to restrict to running within an isolated sandbox for security purposes. What software development technique is Helen using? A. Bounds B. Input validation C. Confinement D. TCB
C. Confinement The use of a sandbox is an example of confinement, where the system restricts the access of a particular process to limit its availability to affect other processes running on the same system.
70. Alice has read permissions on an object and she would like Bob to have those same rights. Which one of the rules in the Take-Grant protection model would allow her to complete this operation? A. Create rule B. Remove rule C. Grant rule D. Take rule
C. Grant rule
100. Which one of the following would be a reasonable application for the use of self-signed digital certificates? A. E-commerce website B. Banking application C. Internal scheduling application D. Customer portal
C. Internal scheduling application Self-signed digital certificates should be used only for internal facing applications where the user base trust the internally generated digital certificate.
63. Tom is a cryptanalysis and is working on breaking a cryptographic algorithm's secret key. He has a copy of an intercepted message that is encrypted and he also has a copy of the decrypted version of that message. He wants to use both the encrypted message and its decrypted plaintext to retrieve the secret key for use in decrypting other messages. What type of attack is Tom engaging in? A. Chosen ciphertext B. Chosen plaintext C. Known plaintext D. Brute force
C. Known plaintext in an known plaintext attack the attacker has a copy of the encrypted message along with the plaintext message used to generate that ciphertext.
46. Kyle is being granted access to a military computer system that uses System High mode. What is not true about Kyle's security clearance requirements? A. Kyle must have a clearance for the highest level of classification processed by the system, regardless of his access. B. Kyle must have access approval for all information processed by the system. C. Kyle must have a valid need to know for all information processed by the system. D. Kyle must have a valid security clearance.
C. Kyle must have a valid need to know for all information processed by the system. For systems running in System High Mode, the user must have a valid security clearance for all information processed by the system, access approval for all information processed by the system, and a valid need to know for some, but not necessarily all of the information processed by the system.
57. Alice sent a message to Bob. Bob would like to demonstrate to Charlie that the message he recieved definitely came from Alice. What goal of cryptography is Bob attempting to achieve? A. Authentication B. Confidentiality C. Nonrepudiation D. Integrity
C. Nonrepudiation
81. Laura is responsible for securing her company's web-based applications and wishes to conduct an education program for developers on common web application security vulnerabilities. Where can she turn for a concise listing of the most common web application issues? A. CVE B. NSA C. OWASP D. CSA
C. OWASP
29. Under the Common Criteria, what. element describes the security requirements for a products? A. TCSEC B. ITSEC C. PP D. ST
C. PP Protection Profiles (PPs) specify the security requirements and protections that must be in place for a product to be accepted under the Common Criteria
43. Betty is concerned about the use of buffer overflow attacks against a custom application developed for use in her organization. What security control would provide the stronger defense against these attacks? A. Firewall B. Intrusion detection system C. Parameter checking D. Vulnerability scanning
C. Parameter checking
48. Which one of the following terms accurately describes the Caesar cipher? A. Transposition cipher B. Block cipher C. Shift cipher D. Strong cipher
C. Shift cipher The Caesar cipher is a shit cipher that works on a steam of test and is also a substitution cipher. It is not a block or transposition cipher.
8. Michael is responsible for forensic investigations and investigating a medium severity security incident that involved the defacement of a corporate website. The web server in question ran on a virtualization platform, and the markrting team would like to get the website up and running as quickly as possible. What would be the most reasonable next step for Michael to take? A. Keep the website offline until the investigation is complete. B. Take the virtualization platform offline as evidence. C. Take a snapshot of the compromised system and use that for the investigation. D. Ignore the incident and focus on quickly restoring the website.
C. Take a snapshot of the compromised system and use that for the investigation.
73. Alan intercepts an encrypted message and wants to determine what type of algorithm was used to create the message. He first performs a frequency analysis and notes that the frequency of letters in the message closely matches the distribution of letters in the English language. What type of cipher was most likely used to create this message? A. Substitution cipher B. AES C. Transposition cipher D. 3DES
C. Transposition cipher The use of a substitution cipher, a category that includes AES and 3DES, would change the frequency distribution so that it does not mirror the English language.
99. Which one of the following is an example of a covert timing channel when used to exfiltrate information from an organization? A. Sending an electronic mail message B. Posting a file on a peer-to-peer file sharing service C. Typing with the rhythm of Morse code D. Writing data to a shared memory space
C. Typing with the rythm of Morse code
52. Which one of the following systems assurance processes provides an independent third-party evaluation of a system's controls that may be trusted by many different organizations? A. Certification B. Definition C. Verification D. Accreditation
C. Verification Verification process is similar to the certification process in that tit validates security controls. Verification may go a step further by involving a third-party testing service and compiling results that may be trusted by many different organizations. Accreditation is that act of management formally accepting and evaluation system, not evaluating the system itself.
25. What logical operation is described by the truth table below? Input 1 [0] [0]= [0] Input 2 [0] [1]= [1] Input 3 [1] [1]= [0] A. OR B. AND C. XOR D. NOR
C. XOR
35. In the figure shown below, Sally is blocked from writing to the data file by the Biba integrity model. Sally has a Secret security clearance and the file is classified Top Secret. What principle is preventing her from writing to the file? •••••••Write Request•••••••• (Sally)--------------------->[Data fie] A. Simple Security Property B. Simple Integrity Property C. *-Security Property D. *-Integrity Property
D. *-Integrity Property
93. Which one of the following humidity values is within the acceptable range for a data center operations? A. 0% B. 10% C. 25% D. 40%
D. 40% Data humidity should be between 40 and 60%
24. Which one of the following cryptographic goals protects against the risks posted when a device is lost or stolen? A. Nonrepudiation B. Authentication C. Integrity D. Confidentiality
D .Confidentiality
10. What concept describes the degree of confidence that an organization has that its controls satisfy security requirements? A. Trust B. Credentialing C. Verification D. Assurance
D. Assurance Assurance is the degree of confidence that an organization has that its security controls are correctly implemented. Assurance must be continually monitored and re-verified
17. Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority. When Bob receives the encrypted message from Alice, what key does he use to decrypt the message? A. Alice's public key B. Alice's private key C. Bob's public key D. Bob's private key
D. Bob's private key
83. The ________________ of a process consist (s) of the limits set on the memory addresses and resources that the process may access. A. Perimeter B. Confinement limits C. Metes D. Bounds
D. Bounds
1. Matthew is the security administrator for a consulting firm and must enforce access controls that restrict users' access based upon their previous activity. For example, once a consultant accesses data belonging to Acme Cola, a consulting client, they may no longer access data belonging to any of Acme's competitors. What security model best fits Matthew's needs? A. Clarke-Wilson B. Biba C. Bell-LaPadula D. Brewer-Nash
D. Brewer-Nash
85. Which one of the following fire suppression systems uses a suppressant that is no longer manufactured due to environmental concerns? A. FM-200 B. Argon C. Inergen D. Halon
D. Halon has been banned because it depletes the ozone layer.
86. Which one of the following statements is correct about the Biba model of access control? A. It addresses confidentiality and integrity. B. It addresses integrity and availability. C. It prevents covert channel attacks. D. It focuses on protecting objects from external threats.
D. It focuses on protecting objects from external threats. The Biba model focuses only on protecting integrity and does not provide protection against confidentiality or availability threats. It also does not provide protection gains cover channel attacks. The Biba model focuses on external threats and assumes that internal threats are addressed programmatically.
74. The Double DES (2DES) encryption algorithm was never used as a viable alternative to the original DES algorithm. What attack is 2DES vulnerable to that does not exist for the DES of 3DES approach? A. Chosen ciphertext B. Brute force C. Man in the middle D. Meet in the middle
D. Meet in the middle
45. James is working with a Department of Defense system that is authorized to simultaneously handle information classified at the Secret and Top Secret levels. What type of system is he using? A. Single state B. Unclassified C. Compartmented D. Multistate
D. Multistate
72. Which one of the following computing models allows the execution of multiple concurrent tasks within a single process? A. Multitasking B. Multiprocessing C. Multiprogramming D. Multithreading
D. Multithreading Multithreading permits multiple tasks to execute concurrently within a single process. These tasks are know as threads and may be alternated between without switching processes.
22. What type of fire suppression system fills with water when the initial stages of a fire are detected and then requires a sprinkler head heat activation before dispensing water? A. Wet pipe B. Dry pipe C. Deluge D. Preaction
D. Preaction Preaction fire suppression system activates in two steps (stages). The pipes fill with water once the early signs of a fire are detected. The system does not dispense water until heat sensors on the sprinkler heads trigger the second stage.
59. Gordon is concerned about the possibility that hackers may be able to use the Van Eck radiation phenomenon to remotely read the contents of computer monitors in his facility. What technology would protect against this type of attack? A. TCSEC B. SCSI C. GHOST D. TEMPEST
D. TEMPEST The TEMPEST program creates technology that is not susceptible to Van Eck phreaking attacks because it reduces or suppresses natural electromagnetic emanations.
50. In an Infrastructure as a Service (IaaS) environment where a vendor supplies a customer with access to storage services, who is normally responsible for removing sensitive data from drives that are taken out of service? A. Customer's security team B. Customer's storage team C. Customer's vendor management team D. Vendor
D. Vendor in an infrastructure as service environment, security duties follow a shared responsibility mode Since the vendor is responsible for managing the storage hardware, the vendor would retain responsibility for destroying or wiping drives as they are taken out of service. moreover, it is still the customer's responsibility to validate that the vendor's sanitization procedures meet ether requirements prior to utilizing the vendors' storage service.
68. What physical security control broadcasts false emanations constantly to mask the presence of true electromagnetic emanations from computing equipment? A. Faraday cage B. Copper-infused windows C. Shielded cabling D. White noise
D. White noise
66. What is the minimum fence height that makes a fence difficult to climb easily, deterring most (casual) intruders? A. 3 feet B. 4 feet C. 5 feet D. 6 feet
D.6 feet 6 feet is for a casual intruder 8 feet is designed to deter a determined intruder and be topped with three strands of barbed wire.