CISSP Simple-learn Sample Test 2
_______ can execute in the network browser and may contain malicious code. 1. Macro virus 2. Hostile applet 3. Plug-in worm 4. Cookie.
Hostile applet can execute in the network browser and may contain malicious code. The types of downloadable programs are also known as mobile code.
What is the most critical characteristic of a biometric identifying system? 1. Perceived intrusiveness 2. Storage Requirement 3. Accuracy 4. Reliability
3. Accuracy
Which wireless technology operates in the 5Ghz frequency range? 1. IEEE 802.11a 2. IEEE 802.11b 3. IEEE 802.11g 4. Bluetooth
1. 802.11a operates in the 5 Ghz band
One of the most significant differences between the Software Development Life Cycle and the System Life Cycle is that the Software Development Life Cycle does not include one of the following phases? Identify it. 1. Decommissioning / Disposal 2. Startup / Requirements 3. Development / Construction 4. Operational testing
1. Decommissioning / Disposal The SDLC commonly ends approximately at the time of system implementation. The SLC continues through to the decommissioning or start of a new SDLC with a major modification of the system.
Which is NOT the benefit of job rotation? 1. Helps to get a promotion 2. Trained backup in case of emergency 3. Protect against fraud 4. Cross-training to employee
1. Helps to get a promotion Rotation of duties will protect you against fraud; provide cross-training to your employees, as well as assure trained backup in case of emergencies. It will not help directly to get a promotion.
The two parts of integrity are data integrity and: 1. System integrity 2. Fault tolerance 3. Change control 4. Transaction integrity.
1. System Integrity The integrity of system operations and reliability of processes. フォールトトレランス:ヤバいことになったら、どうする?を想定した備え
Two operators must review and approve the work of each other. This concept is better known as? 1. Two-man control 2. Dual Control 3. Double control 4. Segregation control.
1. Two-man control. In the concept of two-man control, two operators review and approve the work of each other. The purpose of two-man control is to provide accountability and to minimize fraud in highly sensitive or high-risk transactions. The concept of dual control means that both operators are needed to complete a sensitive task."
Does operation security require the implementation of physical security to control which of the following? 1. Unauthorized personnel access 2. Incoming hardware 3. Contingency conditions 4. Evacuation procedures.
1. Unauthorized personnel access Operations security requires the implementation of physical security to control the unauthorized personnel access.
All of the following activities are examples of active attacks EXCEPT which one? 1. Sending a packet into the network with a spoofed source address. 2. Using a network analyzer to intercept and read FTP data 3. ARP cache poisoning 4. RIP route poisoning.
2. Using a network analyzer to intercept and read FTP data is a passive attack. Passive: 受動態
BCP Awareness should be extended to : 1. Operational Staff 2. All personnel 3. All persons who may be on-site 4. BCP team
2. All personnel All personnel should be aware of their responsibilities during a disaster. The level of awareness they require will depend on their responsibility. A BCP will often require the involvement of people that are not on-site. すべての職員は災害時の責任を知っておくべきです。 彼らが必要とする意識のレベルは彼らの責任に依存します。 BCPはしばしば現場にいない人々の関与を必要とするでしょう。
One of the main risks associated with VOIP may be: 1. The user of non-standard protocols 2. Denial of service attack 3. Loss of data 4. Noise and interference.
2. Denial of service attack The use of the network for voice communications will also render the voice network subject to denial of service attacks.
In Mandatory Access Control the need-to-know element is provided by the: 1. Operating system 2. Information Owner 3. Security Administrator 4. System Administrator
2. Information Owner In a mandatory access control system, the system provides access control based on the labels, however the information owner provides the 'need to know' element of access control. Mandatory Access Control システムでは、システムはラベルに基づいてアクセス制御を提供しますが、information ownerはアクセス制御の「need to know」要素を提供します。
A user must have a business requirement to view data before attempting to do so is an example of which principle? 1. Least Privilege 2. Need to Know 3. Rotation of duties 4. Separation of duties.
2. Need to Know. Need to know means that the user must have a need (requirement) to access a specific object before doing so. NEED-TO-KNOW とは、 そうする前に、ユーザーが特定のオブジェクトにアクセスする必要性(要件)を持っている必要があるということです。
A screen saver that opens an encrypted tunnel to a website under malicious control with the purpose of allowing attackers access to the infected machine is an example of which of the following versions of malware? 1. Logic Bomb 2. Trojan horse 3. Virtual private network 4. Spyware
2. Trojan horse Since the attack hides under the guise of a screen saver, this is most likely a Trojan horse.
What is the most important consideration when designing a firewall architecture? 1. Identify the boundaries between security domains. 2. Understand the specific security needs of the business 3. Identify all of the points of ingress and egress for the network. 4. Understand the level of filtering that is required for the organization.
2. Understand the specific security needs of the business is the best option as it encompasses all the other options as well.
Internet Protocol Security (IPSEC) provides which of the following security features? 1. Certificate integrity 2. Deta destination authentication 3. Connectionless integrity 4. Elimination of session hi-jacking
3. Connectionless integrity RFC 2401 addresses connectionless integrity. It also addresses limited traffic flow confidentiality, data originating address authentication, protection against replay attacks, and confidentiality
The category of controls related to Intrusion Detection Systems (IDS) can be classified as: 1. Preventive (予防策) 2. Compensating (補償) 3. Deterrent (抑止力) 4. Corrective(是正)
3. Deterrent (抑止力) While an IDS is primarily considered to be a detective control, the very knowledge of the presence of an IDS may prove to be a deterrent to improper activity. If a person suspects that hisr activity could be monitored, he may be more prudent in their actions. IDSは主に[Detective]であると考えられていますが、IDSの存在に関するまさにその知識が不適切な活動の[DETERRENT]となることがあります。 彼の活動を監視することができると人が疑うならば、彼は彼らの行動においてもっと慎重であるかもしれません。
All of the following are reasons to develop a DRP except: 1. Comply with the government of industry regulation 2. Satisfy contractual requirements 3. Ensure payroll processing 4. Enforce due care.
3. Ensure payroll processing A DRP may not be needed for payroll processing; the company could decide to outsource this activity in a disaster. A DRP focuses on the recovery of technical facilities and networks, which is not the same as the BCP. DRP= Disaster Recovery Plan BCP=Bizz Continuity Plan
A group of application developers wishes to encrypt sensitive data when it is stored on a shared server. What would be the BEST option to address their needs? 1. Provide a set of secure algorithms for the application. 2. Provide an evaluated hardware cryptosystem that can be used to encrypt bulk data efficiently. 3. Provide an industry-standard software-based cryptosystem that can be accessed through a series of documented Application Programming interface (APIs). 4. Recommended that all users be authenticated using a unique digital certificate.
3. Provide an industry-standard software-based cryptosystem that can be accessed through a series of documented Application Programming interface (APIs). 一連の文書化されたApplication Programming Interface(API)を介してアクセスできる業界標準のソフトウェアベースの暗号化システムを提供する。 It is best to use a standard and approved algorithm that is also interoperable through documented APIs. When a security specialist is recommending a product for use in applications it is usually best to suggest a standard product over an in-house developed or untried product. APIとはソフトウェアの機能を共有すること アプリケーション同士で連携することが可能 「API」=「機能+仕様書」 プログラムや機能に対するお仕事依頼用の窓口
A security architect working for a large financial institution has been asked to evaluate a variety of cryptographic algorithms that are being considered as candidates for a proprietary Electronic Funds Transfer (EFT) application. 1. Recommended asymmetric key cryptographic algorithm to provide confidentiality, integrity, and authenticity protections. 2. Recommended that all transactions are digitally signed before they are transmitted over an unsafe network. 3. Recommended a hybrid solution that combines symmetric and asymmetric cryptography as well as hash functions 4. Recommended a hybrid solution that asymmetric cryptography and hash function.
3. Recommended a hybrid solution that combines symmetric and asymmetric cryptography as well as hash functions It is probable that in this type of scenario, a hybrid solution would be recommended for the key distribution of asymmetric algorithms, the integrity of hash functions, and the speed of symmetric algorithms. この種のシナリオでは、非対称アルゴリズムの鍵配布、ハッシュ関数の完全性、および対称アルゴリズムの速度に対してハイブリッドソリューションが推奨される可能性があります。
Which is the process of having a third party store an archive of computer software? 1.Mutual and agreement 2. Key escrow 3. Software escrow 4. Software outsourcing.
3. Software escrow describes the process of having a third party store an archive of computer software. ソフトウェア・エスクロウとは、ライセンサー・ライセンシーが、ソフトウェア取引を開始するにあたって、そのソースコードや技術情報等を第三者(エスクロウ・エージェント)に預託しておき、ライセンサーが倒産等した場合の保護を図る制度です。
Employee involuntary termination processing should include; 1. A list of all passwords used by the individual 2. A report on outstanding project 3. The surrender of any company identification 4. Signing a non-disclosure agreement.
3. The surrender of any company identification. Before the employee is released, all organization-specific identification, access, or security badges as well as cards, keys, and access tokens should be collected.
Which of the following is a third-generation programing language? 1. Assembly 2. C 3. Oracle 4. ColdFusion
3GL such as FORTRAN, COBOL, BASIC, Pascal and C. So, 2. C, Basic are third generation languages.
Applications can NOT use which of the following methods to detect system attacks? 1. Known Signature Scanning 2. Activity Monitoring 3. Change Detection 4. Differential Linear Analysis
4. Differential Linear Analysis Differential Linear Analysis is a cryptographic attack. All of the others are used by anti-virus and integrity checking programs. Differential Linear Analysis:微分線形解析
The basic requirements of access control mechanisms include all of the following EXCEPT : 1. Scalability 2. Security 3. Transparency 4. Equality
4. Equality is not a factor since many users may operate at different levels of access depending on their clearance or job role. 多くのユーザーは、許可または職種に応じてさまざまなレベルのアクセスで操作する可能性があるため、平等性は問題になりません。 へえ、ってことは、Transparencyは含まれてるの? Access Controlが筒抜け?笑
For planning and controlling activities and resources in a system project, which of the following methodologies is more appropriate? 1. Gantt charts 2. PERT: Program evaluation review technique. 3. Critical path methodology 4. Function point analysis
A Gantt chart is a popular type of bar chart showing the interrelationships of how projects, schedules, and other time-related systems progress over time. so, the answer is 1. Gantt. ええでもがんとってTOOLであって方法論じゃねえだろ、と。
In order to provide reliable service for traffic sent continuously over a packet-switched network, the administrator may require the implementation of: 1. SVC: Switched Virtual Circuits. 2. CS: Circuit switching 3. PVC: Permanent Virtual Circuits. 4. BC: Broadband communication.
A PVC would be best for this application.
Which backup has the worst recovery point objective? 1. Database shadow 2. Raid-5 3. Electronic vault with journaling 4. Full
A full backup is often hours old and the recovery of data to the last full backup would result in the loss of data. The other alternatives listed may have almost no loss of data. フルバックアップは数時間前に行われることが多く、最後のフルバックアップにデータを復元するとデータが失われる可能性があります。 記載されている他の方法では、データがほとんど失われることはありません。
What is a socket pair? 1. Source IP, Destination IP 2. Source Port, Destination Port 3. Source IP, Destination IP, Source Port, Destination Port 4. None of the choice.
A socket pair is a connection between two nodes: source port, source IP, destination port, and destination IP. The answer is; 3. Source IP, Destination IP, Source Port, Destination Port
What is the MOST significant advantage that the Advanced Encryption Standard (AES) offers over the Data Encryption Standard (DES)? 1. Large key space due to large key size 2. More efficient operation when used in general computing devices. 3. Smaller key sizes with greater strength per bit than DES 4. More block cipher modes are supported.
AES(Advanced Encryption Standard)がDES(データ暗号化規格)に対して提供する最も重要な利点は何ですか? The answer is, 1. Large key space due to large key size 大きい鍵サイズによる大きい鍵スペース A primary drawback of DES was the length of the key. AES allows for larger keys as well as multiple forms of operations: variable key length, a variable number of rounds, variable block size, etc. DESの主な欠点は鍵の長さでした。 AESでは、可変キー長、可変ラウンド数、可変ブロックサイズなど、さまざまな形式の操作と同様に、より大きなキーを使用できます。
Which of the following database attacks describes an attack where the perpetrator uses information gained through authorized activity to reach conclusions relating to un-authorized data? 1. Unauthorized access attack 2. Bypass attack 3. SQL attack 4. Inference attack
An inference attack occurs when a user is able to infer or deduce information at a higher level of security through accessing the data that they were allowed to see. Inference attack(推論攻撃)はユーザーが閲覧を許可されたデータにアクセスすることによって、より高いレベルのセキュリティで情報を推測または推測できるときに発生します。
Strategy to satisfy recovery time objective should account for the relocation of personnel and backup material, loading applications and data, and: 1. Configuration telecommunications 2. Rebuilding data to recovery point objective, configuring telecommunications 3. Rebuilding data to recovery point objective, configuring telecommunications and enabling critical users. 4. Rebuilding data to recovery point objective, configuring telecommunications, and enabling payroll.
Answer is 3. - Rebuilding data to recovery point objective, - Configuring telecommunications - Enabling critical users. This is a complete strategy for the recovery of critical business operations.
Accreditation and Certification deal with similar security issues. Which of the following statements is true about Certification and Accreditation? 1. Accreditation is the technical analysis of a system to ensure that specific security requirements are met. 2. Certification is the technical analysis of a system to ensure that specific security requirements are met. 3. Accreditation is the sign off by the IT staff that the system under test meets manufactures security specifications. 4. Certification is the sign off by the IT staff that the system under test meets manufactures security specifications.
Certification is the technical review of the system in order to provide a certification recommendation to the Designated Approving Authority or accreditor. 認証は、指定承認機関または認定者に認証勧告を提供するためのシステムの技術的な見直しです。 The answer is; 2. Certification is the technical analysis of a system to ensure that specific security requirements are met. 2.認証は、特定のセキュリティ要件が満たされていることを確認するためのシステムの技術分析です。
In order for a cryptographic algorithm to be considered strong, Claude Shannon wrote that an algorithm must exhibit high degrees of confusion and _______. 1. Dispersion (分散) 2. Substitution (代用) 3. Transposition (転置) 4. Diffusion (拡散)
Claude Shannonは暗号アルゴリズムが強力であると見なされるためには、アルゴリズムが高度の混乱と_______が必要と言ってる。 The answer is Dffusion (拡散) Confusion refers to making the relationship between the key and the ciphertext as complex and as involved as possible. Diffusion refers to the property that redundancy in the statistics of the plaintext is "dissipated" in the statistics of the ciphertext. CONFUSION:混乱とは、鍵と暗号文との関係をできるだけ複雑で関連性のあるものにすることです。 DIFFUSION:拡散とは、平文の統計情報の冗長性が暗号文の統計情報の「散逸」しているという性質のことです。
In fingerprint-scanning system to raise the False Accept Rate (FAR) and lower the False Rejection Rate (FRR) which of the following technique is implemented? 1. Decrease the amount of minutiae that is verified 2. Increase the amount of minutiae that is verified 3. Lengthen the enrollment time 4. Lower the throughput time
Decreasing the amount of minutiae will lower the accuracy of the system, which will lower false rejects but raise false accepts. The answer is 1. Decrease the amount of minutiae that is verified. 指紋スキャンシステムにおいて、誤受入率(FAR)を上げて誤拒否率(FRR)を下げるには、次のうちどれが実装されていますか。 1.検証される細部の量を減らす 細部の量を減らすとシステムの精度が低下し、それによって誤拒否が減少しますが、誤認が増加します。
For network protocols that use Diffie-Hellman key agreement, what is the MOST significant characteristic of Diffie-Hellman groups? 1. They describe the range of prime numbers that will be used to generate symmetric keys. 2. Some groups are more suitable for the generation of large keys required in recent symmetric key cryptographic algorithms 3. Some groups require greater processing power to use. 4. Some groups provide greater protection against man in the middle attacks.
Diffie-Hellman鍵合意を使用するネットワークプロトコルの場合、Diffie-Hellmanグループの最も重要な特徴は何ですか? 1.それらは対称鍵を生成するために使用される素数の範囲を記述します。 2.最近の対称鍵暗号アルゴリズムで必要とされる大きな鍵の生成に適したグループがあります。 3.一部のグループでは、使用するのにより高い処理能力が必要です。 4.一部のグループでは、中間者攻撃に対する保護が強化されています。 The answer is; 2. Some groups are more suitable for the generation of large keys required in recent symmetric key cryptographic algorithms Diffie-Hellman groups define the range of prime numbers (in bits) that can be used to securely generate larger symmetric keys for algorithms like AES. While earlier DH groups were suitable for DES and other systems with small keys, a recent RFC has documented DH groups for keys of 128 bits or higher when used in Internet Key Exchange within IPsec communications Diffie-Hellmanグループは、AESのようなアルゴリズムのためにより大きな対称鍵を安全に生成するために使用できる素数の範囲(ビット単位)を定義します。 初期のDHグループはDESやその他の小さい鍵を持つシステムに適していましたが、最近のRFCではIPsec通信内のインターネット鍵交換で使用される場合の128ビット以上の鍵のDHグループを文書化しました
______ makes an immediate copy of a changed file or transaction and sends it to a remote location where the original backup is stored. 1. Archival storage management (ASM) 2. Electronic vaulting 3. Hierarchical storage management 4. Data compression
Electronic vaulting makes an immediate copy of a changed file or transaction and sends it to a remote location where the original backup is stored. The answer is, 2. Electronic vaulting. Electronic Vaulting: ネットワーク越しに本番稼働しているディスクの差分データをDRサイトのディスクに送って本番と同じディスクイメージを構成しておくような仕組み。 ASMは、Oracleデータベース・ファイルのボリューム・マネージャ兼ファイル・システム 階層型データストレージ管理:Hierarchical storage management, HSM)とは、高速/高価なストレージ媒体と低速/安価な媒体の間でデータを自動的に移動させるデータストレージ技術
Which of the following tool will help to determine whether attackers have altered system files of executable? 1. File integrity Checker 2. Vulnerability Analysis System 3. Honey Pots 4. Padded Cell.
File Integrity Checkers are most often used to determine whether attackers have altered system files or executable's, they can also help determine whether vendor-supplied bug patches or other desired changes have been applied to system binaries. So, the answer is, 1. File integrity Checker. FIC provides granular monitoring of changes to specified disk files. The padded cell is a simulated environment that offers fake data to retain an intruder's interest, similar to a honey pot.
For most in-depth analysis which kind of test should be recommended? 1. Zero-knowledge 2. Partial knowledge 3. Full Knowledge 4. Vulnerability
Full knowledge assessment is necessary because it is the only one that will allow for the most in-depth analysis with the least amount of risk to the network. The answer is 3. Full-Knowledge.
Which of the following is not a security concern with Internet Control Management Protocol (ICMP)? 1. ICMP redirect 2. ICMP cache poisoning 3. Traceroute 4. DoS
ICMP cache poisoning does not apply to ICMP - but Smurf attacks (a form or DOS), the exploitation of ICMP through traceroute and redirect are all concerns related to ICMP.
Which of the following VPN technologies provides security at the Network Layer Level? 1. IPsec 2. L2TP 3. PPTP 4. SSL
IPSec provides security at Network Layer level. L2TP, PPP is at Data Link layer. PPTP is at Session Layer. SSL is at Session and Transport Layer
By far, the largest security exposure in application system development relates to: 1. Maintenance and debugging hook 2. Deliberate compromise 3. Change control 4. Errors and lack of training.
Maintenance hook - instructions within a program's code that enable the developer or maintainer to enter the program without having to go through the usual access control and authentication processes. They should be removed from the code before being released for production; otherwise, they can cause serious security risks The Answer is 1. Maintenance and debugging hook. つまりは、BACKDOORのことね。なんだよ。なんでこうわざと虚仮威しのややっこしい言い方をするのかね。バカが見栄はってるだけって感じなんだが。
Which is not a disadvantage of Single Sign-on (SSO)? 1. It can be single point of attack 2. Improved user productivity. 3. It is difficult to retrofit 4. None of the choice.
NOT a DIS-advanage, means advantage. WTF. so, 2. Improved user productivity.
Object Request Brokers (ORBs) act like search engines and can be used to locate objects. ORBs fall in which category? 1. Firmware 2. Software 3. Middleware 4. None of the choice
Object Request Brokers (ORBs) is; 3. Middleware
Program change controls must ensure that all changes are 1. Audited to verify insert 2. Tested to ensure correctness 3. Implemented into a production system 4. Within established performance criteria
Once the change is approved, it should be entered into a change log and the log should be updated as the process continues toward completion. It should be tested and presented. The change must be fully tested to uncover any unforeseen results. The answer is 2. Tested to ensure correctness. あれ、でも、TESTは、変更管理には含まれていない筈なんだけど。。わけわかりませんぶん。 ああ、AUDITは必要ないってことだろ、と。
How is polyinstantiation used to secure a multilevel database? 1. It prevents low-level database users from inferring the existence of higher-level data. 2. It confirms that all constrained data items within the system conform to integrity specifications 3. It ensures that all mechanism in a system is responsible for the database security policy 4. Two operations at the same layer will conflict if they operate on the same data item and at least one of them is an update.
Polyinstantiation is the development of a detailed version of an object from another object using different values in the new object. In the database information security, this term is concerned with the same primary key for different relations at different classification levels stored in the same database. ポリインスタンス化とは、新しいオブジェクトのさまざまな値を使用して、別のオブジェクトから詳細バージョンのオブジェクトを作成することです。 データベース情報セキュリティでは、この用語は、同じデータベースに格納されているさまざまな分類レベルでのさまざまな関係に対する同じ主キーに関係しています。 The answer is 1. It prevents low-level database users from inferring the existence of higher-level data. これにより、低レベルのデータベースユーザーが高レベルのデータの存在を推測できなくなります。
Which vulnerability allows an attacker with limited access to be able to access additional resources? 1. DoS 2. Worm 3. Privilege escalation 4. Trojan Horse
Privilege escalation vulnerability allows an attacker to access additional resources. 権限昇格の脆弱性により、攻撃者は追加のリソースにアクセスすることができます。 The answer is 3. Privilege escalation.
Which of the following is a part of the initial phase of the system development life cycle? 1. Cost-benefit analysis 2. System design review 3. Executive project review 4. Project status summary.
Project management is an important part of product development and security management is an important part of project management. The answer is; 3. Executive project review EXECTIVE の意味が判らず。
Which of the following is the correct account policy, you should follow? 1. All active accounts must have a password 2. All active accounts must have a long and complex phrase. 3. All inactive accounts must have a password 4. All of the choices.
The Answer is 1. All active accounts must have a password. All active accounts must have a password. Unless you are using an application or service designed to be accessed without the need of a proper ID and password. Such service must however be monitored by other means.
Which of the following statement correctly describes "scavenging" in the context of computer security? 1. Searching user list for find a name 2. Searching through storage to acquire information. 3. Searching through data fro information content 4. Searching through log files for trusted path information
Scavening is Searching through data fro information content. Scavenging is a form of dumpster diving performed electronically. Online scavenging searches for useful information in the remnants of data after the processes or tasks are completed. The answer is, 3. Searching through data fro information content
In the event of a new service such as Yahoo Instant Messaging or Skype appears on the network, for generating an alert to the administrator the IDS would use which detection method? 1. Attack signature detection 2. Statistical anomaly detection 3. Model based detection 4. Non on the above.
Statistical anomaly detection will notice and alert if a new service appears on the network.
Access control is implemented by several media types. These include: Administrative, Technical, and: 1. Preventive 2. Deterrent 3. Physical 4. Discretionary Preventive(予防策) Deterrent(抑止力) Discretionary(裁量)
The Answer is, 3. Physical This is the third type of access control. The others are categories of controls that describe control approaches. Access control is, Administrative, Technical, and Physical.
What is not a BC Coordinator task? 1. Write the entire plan 2. Integrate various plan elements 3. Provide reporting status 4. Write exercise scripts
The BC Coordinator is responsible for project management and coordination, but is not normally expected to write the entire plan, which is a collaborative effort of many representatives. Not a BC Coordinator's task is, 1. Write the entire plan BCコーディネーターはプロジェクトの管理と調整を担当しますが、通常計画全体を書くことは期待されていません。 これは多くの代表者の共同作業です。
In non-discretionary access control the definition of access rules are closely managed by the: 1. Data owner 2. User that creates the file 3. Security administrator 4. Operating system
The access control decision is managed primarily by the operating system and removed from the direct decision of the information owner. The answer is 4. Operating system アクセス制御の決定は主にオペレーティングシステムによって管理され、情報所有者の直接の決定からは除外されます。
Which of the following acts as client in a RADIUS architecture? 1. A network access server 2. The End-user 3. The authentication server 4. None of the choice.
The answer is 1. A network access server A network access server (NAS) operates as a client of RADIUS. The client is responsible for passing user information to designated RADIUS servers, and then acting on their response.
What is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.? 1. Honey Pots 2. Vulnerability Analysis system 3. File integrity Checker 4. Padded cell.
The answer is 1. Honer Pots. Honey pots are decoy systems that are designed to lure a potential attacker away from critical systems. It is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems..
Software generated passwords have what drawbacks? 1. Passwords are not easy to remember 2. Passwords are too secure 3. Passwords are unbreakable 4. None of the choice.
The answer is 1. Passwords are not easy to remember. These are passwords generated by a software package or some operating systems. These password generators are good at producing unique and hard to guess passwords, however you must ensure that they are not so hard that people can't remember them. If you force your users to write their passwords down then you are defeating the purpose of having strong password management.
Identification and authentication are the keystones of most access control systems. Identification establishes: 1. User accountability for the actions on the system 2. Top management accountability for the actions on the system 3. EDP department accountability for the actions on the system 4. Authentication for actions on the system.
The answer is 1. User accountability for the actions on the system Identification describes a method of ensuring that a subject (user, program, or process) is the entity it claims to be.
For identification of unique physical attribute to be used in biometric identification systems, the two basic needs to be answered in the beginning are? 1. What was the sex of a person and his age? 2. What part of the body to be used and how to accomplish identification to be viable. 3. What was the age of a person and his income level 4. What was the tone of the voice of a person and his habits.
The answer is 2. What part of body to be used and how to accomplish identification to be viable. These questions need to be answered for finding the unique biometric feature.
Which of the following methods requires a user to identify and present credentials only once? 1. SEC 2. IPsec 3. SSO 4. SSL
The answer is 3. SSO. Single-sign-ON. This is a method for a users to identify and present credentials only once to a system. Information needed for future system access to resources is forwarded by the initial system..
Memory only cards work based on 1. Something you have. 2. Something you know. 3. Something you know and something you have 4. None of the choices.
The answer is 3. Something you know and something you have. These cards can offer two-factor authentication, the card itself (something you have) and the PIN (something you know)
Protection against which of the following is the primary concern of Operations Security? 1. Object reuse 2. Facility disaster 3. Compromising emanations 4. Asset threats
The answer is 4. Asset threats. Protection from assets threats is of prime concern.
In a relational database, which of the following is true concerning a primary key? 1. A primary key must contain a common identifier associated with all entries into a table. 2. The primary key must contain a non-null value in order to uniquely identify the tuple. 3. A primary key can be identified by their unique number-number-letter format. 4. The use of primary keys is only required in-network database management systems and does not apply to a relational database.
The answer is, 2. The primary key must contain a non-null value in order to uniquely identify the tuple. In compliance with the rules of entity integrity, the primary key must be unique and not null. チュープルを一意に識別するために、プライマリキーに null以外の値を含める必要があります。 エンティティの整合性の規則に従って、主キーは一意であり、nullではない必要があります。 日本語でもわけわからんねn
The Business Impact Analysis identifies critical business systems based on the impact a loss of such system would have on the overall business environment. This business impact is measured using all of the following, except which one? 1. Maximum Tolerable Downtime (MTD) 2. Regulatory Requirements 3. The reputation of the organization 4. Critical system Means Time Between Failure (MTBF)
The answer is, 4. Critical system Means Time Between Failure. MTBF is a factor in the reliability of equipment but not in the calculation of BIA. MTBF:平均故障間隔とは、機械システムや情報システムなどにおける信頼性(Reliability)をあらわす指標となる数値。 これは、BIA(ビジネス影響分析)には含まれない。
Which of the following will help in avoiding mishandling of media or information? 1. Labeling 2. Token 3. Ticket 4. SLL
The answer is, 1. Labeling. In order to avoid mishandling of media or information, proper labeling must be used. All tape, floppy disks, and other computer storage media containing sensitive information must be externally marked with the appropriate sensitivity classification. やらさられてます。
Any action that prevents authorized users from executing programs is called 1. Malware 2. Spam 3. Denial of service 4. Cross-site scripting
The answer is, 3. Denial of service Malware may cause a denial of service, but c is more correct. DoS攻撃とは、 本来の仕事ができないくらい忙しくしてやるぜ攻撃のこと。 クロスサイトスクリプティング (XSS)とは、 悪い人がホームページにイタズラする →そのイタズラされたホームページを訪問者が見る →被害に遭う、な流れの攻撃のこと。 あるいは、それが可能になっている状態。
According to the principle of accountability, what action should be traceable to a specific user? 1. Material 2. Intangible 3. Tangible 4. Significant
The answer is, 4. Significant It is a principle by which any significant action should be traceable to a specific user. 重要な行動を特定のユーザーにトレーサブルにするのが原則。
An evacuation drill is scheduled and an employee reports to work with a leg cast. As a BC Coordinator, what action should you take? 1. Direct the employee to follow evacuation procedures 2. Direct the employee to stay at his or her desk 3. Direct the employee to take the elevator earlier and wait at the assembly point 4. Direct the employee to stay at his or her desk and direct the supervisor to report the employee reported to the assembly area.
The answer is; 1. Direct the employee to follow evacuation procedures But, the evacuation procedures must include provisions for the evacuation of "disabled personnel". The employee should follow those steps in order to test the plan properly. (Leg cast = 松葉杖) 避難手順には、障害者の避難に関する規定を含める必要があります。 計画を正しくテストするために、従業員はこれらの手順に従う必要があります。
For what application would Electronic Code Book (ECB) mode be MOST desirable? 1. When multiple subkeys are going to be used. 2. When more efficient operation is a high priority. 3. When the plaintext to be encrypted is very small. 4. When other block cipher modes are unavailable.
The answer is; 3. When the plaintext to be encrypted is very small. ECB is suitable only for short messages. ECBはもっとも単純な暗号利用モード。メッセージはブロックに分割され、それぞれのブロックは独立して暗号化される。ECBモードの欠点は、同じ鍵を用いた場合ある平文ブロックを暗号化した結果の暗号文ブロックが常に同じとなることで、このためデータのパターンを隠蔽することができない。 メッセージの機密性の保持には向かず、暗号化プロトコルにおける使用は推奨されない。 同じ入力に対して常に同じ出力を返すことから反射攻撃に対しても脆弱。 ECBはショートメッセージにのみ適しています。 暗号利用モードで一般的ななのは、CBC:Cipher Block Chaining.
Using operations security detective controls, when exceptions occur which one of the following can be identified? 1. Unauthorized peoples seeing the confidential reports. 2. Unauthorized peoples destroying confidential reports. 3. Authorized operations people performing unauthorized function. 4. Authorized operations people not responding to important console messages.
The answer is; 3. Authorized operations people performing unauthorized function. Detective controls are used to detect an error once it has occurred. Unlike preventative controls, these controls operate after the fact and can be used to track an unauthorized transaction for prosecution, or to lessen an error's impact on the system by identifying it quickly.
Which of the following can be termed as a potential disadvantage of content-dependent protection of information? 1. It increases processing overhead 2. It requires additional password entry 3. It exposes the system to data locking 4. It limits the user's individual address space.
The answer is; 1. It increases processing overhead The content of the database fields dictates which user can see specific information within the database tables. Decisions will have to be made about the content, therefore increasing processing overhead
Which one of the following is a good defense against worms? 1. The differentiating system along the lines exploited by the attack. 2. Placing limits on sharing, writing, and executing the program. 3. Keeping data objects, small, simple, and obvious as their intent. 4. Limiting connectivity by means of well-managed access controls.
The answer is; 2. Placing limits on sharing, writing, and executing the program. Although the worm is not technically malicious, opening the attachment allows the file to copy itself to the user's PC Windows folder and then send the .pif based program to any e-mail address stored in the hard drive.
A procedure that backs up all files that have been modified since the last full backup, is better known as? 1. In incremental backup 2. A father/son backup 3. A differential backup 4. A Full backup.
The answer is; 3. A differential backup Differential backup - A procedure that backs up all files that have been modified since the last full backup. It does not remove the archive attribute. というわけで、ひっかけ点としては、 Since the last FULL backup であれば、Differential Since the last backup であれば、Incremental になる、と。 差分バックアップとは,一度フル・バックアップを実行した後,そのフル・バックアップ以降に変更のあったすべてのファイルなどを記録する手法である。 最新のバックアップ・データにリストアする場合は,フル・バックアップのデータと,最後に差分バックアップを実行したデータの2つを利用する。 増分バックアップは,直前のバックアップ(FULL OR INC OR DIFF)との相違部分のみを記録する手法である。最新のバックアップ・データにリストアするためには,フル・バックアップのデータと,そのフル・バックアップ以降に実施されたすべての増分バックアップのデータを使う必要がある。 バックアップ時間を短縮したいのであれば増分バックアップが有効である。しかし増分バックアップはリストア時間が長くなる。特にテープでバックアップしている場合はリストアに複数のテープが必要になるためトラブルの確率が高くなるという弱点がある。
RC4 and RC5: 1. Are related symmetric key cryptographic algorithms although RC5 was designed to accommodate larger key sizes. 2. Both employ repeated substitution and permutation transformations on each plaintext block 3. Are unrelated symmetric key cryptographic algorithms although they ware created by the same individual 4. Address the need for message integrity controls that resist intentional changes.
The answer is; 3. Are unrelated symmetric key cryptographic algorithms although they ware created by the same individual of RSA. Both RC 4 (stream-based cipher) and RC 5 (block-based cipher) were written by Ron Rivest. RC4 does not use transposition and is not used for message integrity. RC 4(ストリームベース暗号)とRC 5(ブロックベース暗号)はどちらもRon Rivestによって書かれました。 RC4は転置を使用せず、メッセージの整合性にも使用されません。 RC4とはWLANにおける暗号化のやり方のひとつ。WEPやSSLで使われてた共通鍵暗号方式。 「RC5」は、共通鍵ブロック暗号である。
The design phase in a system development life cycle includes all of the following EXCEPT: 1. Determining sufficient security control 2. Conducting a detailed design review 3. Developing and operations and maintenance manual 4. Developing a validation, verification, and testing plan.
The answer is; 3. Developing and operations and maintenance manual is not included SDLC. Systems Development Life Cycle: Conceptual Definition; Functional Requirements Determination Protection Specifications Development; Design Review; Code Review Walk-Through; System Test Review; Certification and Accreditation Maintenance.
Which of the following statements clearly defines how could Java applets pose a security threat? 1. Their transport can interrupt the secure distribution of World Wide Web pages over the internet by removing SSL and S-HTTP 2. Java interpreters do not provide the ability to limit system access that an applet could have on a client system 3. Executables from the internet may attempt an intentional attack when they are downloaded on a client system. 4. Java does not check the bytecode at runtime or provide other safety mechanisms for program isolation from the client system.
The answer is; 3. Executables from the internet may attempt an intentional attack when they are downloaded on a client system. Programmers have figured out how to write applets that enable the code to access hard drives and resources that are supposed to be protected by the Java security scheme. This code can be malicious in nature and cause destruction and mayhem to the user and their system.
When considering the IT Development Life-Cycle, security should be: 1. Mostly considered during the initiation phase 2. Mostly considered during the development phase 3. Treated as an integral part of the overall system design. 4. Add once the design is completed.
The answer is; 3. Treated as an integral part of the overall system design. To develop a secure software security should be treated as an integral part of overall system design
SQL commands do not include which of the following? 1. Select, update 2. Grant, Revoke 3. Delete, Insert 4. Add, Replace.
The answer is; 4. Add, Replace is not a SQL command. SQL Data Manipulation Language, that use command like, SELECT, INSERT, UPDATE, DELETE. and SQL Data Relational Language, use command, GRANT, REVOKE.
When deploying a network in an environment that is heavily populated with Radio Frequency (RF) energy, which transmission media would offer the highest level of protection? 1. UTP 2. STP 3. Microwave 4. Single-mode Fiber Optics
The answer is; 4. Single-mode Fiber Optics Using 3. Shielded twisted pair would be the next best solution. Fiber optic cabling is not susceptible to interference from RF energy. Single mode or multi-mode is inconsequential for this question.
All of the following statements are incorrect about two-factor authentication, except? 1. It uses the RSA public-key-signature based algorithm on integers with large prime factors. 2. It requires two measurements of hand geometry 3. It does not use single sign-on technology 4. it relies on two independent proofs of identity.
The correct statements of two-factor authentication is, 4. Two independent proofs of identity one for each factor.
For a long dictionary attack to succeed, which of the following condition is not required? 1. The attacker must have access to the target system 2. The attacker must have read access to the password file 3. The attacker must have write access to the password file 4. The attacker must know the password encryption mechanism and key variables.
The program encrypts the combination of characters and compares them to the encrypted entries in the password file. If a match is found, the program has uncovered a password. The answer is; 3. The attacker must have write access to the password file ええ辞書攻撃って辞書に載っている単語と片っ端から照らし合わせる奴でしょ? なら1どれも必要なくね? 説明読んでも意味わかりません。
When a security consultant is contracted by an organization to conduct a penetration test, which of the following is a list of activities the tester might engage in during the information gathering stage? 1. Identify domains and addresses blocks belonging to the organization. 2. Port scan and vulnerability mapping 3. Password cracking and social engineering 4. Source sifting the organization's web-site, and shut down audit logs.
The tester will start by gathering information about the target. This may also include a port scan from answer B, but the vulnerability mapping will come later. Thus, the answer is; 1. Identify domains and addresses blocks belonging to the organization. 組織に属するドメインとアドレスブロックを識別。
For what interruption is a near-site backup reasonable? 1. Accidental erasure 2. Fire 3. Virus 4. Earthquake
The use of a near site backup is valid in case of a fire at a data center that may have damaged both the production and on-site backups. Accidental erasure and a virus may be addressed through on-site backups, however an earthquake is usually a regional disaster and a near site backup would not usually be considered appropriate. The answer is 2. Fire 本番バックアップとオンサイトバックアップの両方が損傷している可能性があるデータセンターでの火災の場合は、ニアサイトバックアップの使用が有効です。 偶発的な消去やウィルスは、現場でのバックアップによって対処されるかもしれませんが、地震は通常地域の災害であり、現場でのバックアップは通常適切であるとは考えられません。
Advantages of using pass-phrase include which of the following? 1. Difficult to crack using brute force 2. Offers numerous characters 3. Easier to remember 4. All of the choices.
The use of pass-phrases is a good way of having very strong passwords. A passphrase is easier to remember, it offers numerous characters, and it is almost impossible to crack using brute force with today's processing power. The answer is All of the choices. パスフレーズとは、利用者の認証などに用いる秘密の文字列の一種で、パスワードよりも長いもの。人間が覚えやすいように、いくつかの単語を空白で区切った句(フレーズ)を設定することが多いためこのように呼ばれる。
Which of the following is a list of active attacks against Wireless Local Area Networks (WLAN)? 1. Masquerade, Replay, Message Modification, DoS 2. Masquerade, Traffic Analysis, Message Modification, DoS 3. Masquerade, Traffic Analysis, Replay, Message Modification. 4. Eavesdropping Replay, Message Modification, DoS.
These are all of WLAN attack. However, the question asking ACTIVE attack. Since eavesdropping and Traffic analysis is passive attacks, 1. Masquerade, Replay, Message Modification, DoS should be the answer.
Which of the following is typically used to help two parties agree on a session key without exchanging secret information that may be used by an attacker that is eavesdropping on the communications channel? 1. Initialization Vectors (IVs) 2. Exclusive-Or (XOR) operations 3. Rivest-Shamir-Adleman (RSA) 4. Diffie-Hellman
This is a primary use of Diffie-Hellman.
Packet-switched networks were initially designed to handle traditional computer data. Which of the following makes a packet-switched network undesirable for voice communications? 1. Packet-switched networks introduce a constant delay that exceeds the acceptable limits necessary to ensure jitter-free voice. 2. The overhead necessary to provide the connection orientation capabilities of a packet-switched network adversely affects the connectionless requirements of voice traffic. 3. packet-switched networks are susceptible to loss of data and voice communication is intolerant of any loss. 4. Data traversing a packet-switched network may follow numerous paths to the destination introducing random delay.
This leads to jitter and problems with the quality of voice communications. The answer is; 4. Data traversing a packet-switched network may follow numerous paths to the destination introducing random delay. パケット交換ネットワークを通過するデータは、ランダムな遅延を導入する宛先への多数の経路をたどることがある。
When using a callback device which of the following is the most secure network access control procedure? 1. The user enters a user-ID and PIN, and the device calls back the telephone number that corresponds to the user-ID. 2. The user enters a user-ID and PIN, and the device calls back the telephone number entered. 3. 1. The user enters the telephone number, and the device verifies that the number exists in its database before calling back. 3. The user enters the telephone number, and the device responds with a challenge.
Usually a request for a username and password takes place and the NAS may hang up the call in order to call the user back at a predefined phone number. This is a security activity that is used to try and ensure only authenticated users are given access to the network and it reverses the long distance charges back to the company. The answer is 1. The user enters a user-ID and PIN, and the device calls back the telephone number that corresponds to the user-ID.
Identity management involves different types of data about principles that must be managed. These include all EXCEPT: 1. Personal 2. Legal 3. Access control permissions 4. Educational
What not included in Identity management is, 4. Educational. Identity management systems contain data about individuals that may include personal, legal (personally identifiable and sometimes payroll information) and access control data, however they do not contain educational data. アイデンティティ管理システムには、個人情報、法的情報(個人を特定できる情報、給与情報など)、およびアクセス制御データを含む個人に関するデータが含まれていますが、教育データは含まれていません。
When processes carry out their tasks on a shared resource in an incorrect order, it is known as? 1. Undefined condition 2. Race condition 3. State condition 4. None of the choice
When processes carry out their tasks on a shared resource in an incorrect order it is known as "race condition" プロセスが共有リソースに対して誤った順序でタスクを実行すると、RACE CONDITION と呼ばれます。
Which of the following statements pertaining to VPN protocol standards is false? 1. L2TP is a combination of PPTP and L2F 2. L2T and PPTP were designed for single point-to-point client to server communication. 3. L2TP operates at the Network Layer 4. PPTP uses native PPP authentication and encryption services.
Wrong statement is, 3. L2TP operates at Data Link layer, not at the Network Layer. PPTP and L2TP are Layer 2 tunneling protocols; both encapsulate the payload in a Point-to-Point Protocol (PPP) frame to be sent across an intermediate network.
Under which of the following situations would a trash can fire be considered a disaster? 1. The fire alarms went off and the building had to be evacuated. 2. The fire spread beyond the trashcan and the fire department had to be called 3. The Trashcan contained company sensitive documents 4. The fire caused critical business systems to be disabled for longer than Maximum Tolerable Downtime (MTD).
ゴミ箱が燃えたぐらいでも災害になるのはどんな場合? A disaster is declared when an incident impacts the business in such a way as to threaten critical business processing. This is usually identified by the MTC or RTO. 重大なビジネス処理を脅かすような方法でインシデントがビジネスに影響を与えた場合、災害が宣言されます。 これは通常MTCまたはRTOによって識別されます。 THE ANSER is; 4. The fire caused critical business systems to be disabled for longer than Maximum Tolerable Downtime (MTD).
Database design models have changed over the years. Which of the following models places the data in tables where the rows represent records and the columns represent attributes? 1. Hierarchical Database Management System 2. Relational Database Management System 3. Network Database Management System 4. Divergent Database Management System.
データベース設計モデルは長年にわたって変化してきました。 次のモデルのうち、行がレコードを表し、列が属性を表すテーブルにデータを配置するモデルはどれですか。 2. Relational Database Management System. A RDBMS is the commonly used database model with all data arranged into tables or relations. RDBMSは、すべてのデータをテーブルまたは関係に配置した、一般的に使用されているデータベースモデルです。
A packet-filtering device can make an accept/reject decision-based on all of the following information EXCEPT which one? 1. Protocol 17 (UDP) 2. Port 80 (HTTP) 3. Active Mode FTP 4. FTP get request
パケットフィルタリングで検出できないものは? 4. FTP get request An FTP Get request is part of the FTP header. A packet filter cannot look inside the FTP header to make its decision.
An algorithm that is used to generate cryptographic keys from user input such as passwords is referred to as: 1. A Key Distribution Center (KDC) 2. A Key Agreement Protocol 3. A Related-Key Function (RKF) 4. A Key Derivation Function (KDF)
パスワードなどのユーザー入力から暗号鍵を生成するために使用されるアルゴリズムは? The answer is, 4. A Key Derivation Function (KDF) KDF:鍵導出関数とは、パスワード、パスフレーズなどといった秘密の値を、あたかも「マスターキー」のごとく用い、pseudorandom function(PRF)を使って鍵を導出する関数である。
After completion of a Business Impact Analysis, recovery strategies must be developed. The primary concern of these recovery strategies is: 1. Meeting the pre-determined time frame 2. Assessing the impact of system failure to the business. 3. Determining the cost-benefit analysis of a system safeguard. 4. Defining applicable cost recovery routines.
ビジネス影響分析の完了後の回復戦略で一番大切なことは? 1. Meeting the pre-determined time frame=所定の時間枠を満たすこと The recovery strategy must meet the MTD and RTO identified in the BIA.
Why might a symmetric stream cipher be preferred over a symmetric block cipher? 1. Stream ciphers are always faster when used in software implementations. 2. When patent protection is a strong consideration 3. When the cryptosystem is intended for multimedia and real-time communication. 4. When stronger random number generation is a requirement.
ブロック暗号が一定サイズのブロック単位に処理を行うのに対して、ストリーム暗号は1バイトとか1ビット等細かい単位で処理を行う The Answer is, 3. When the cryptosystem is intended for multimedia and real-time communication. らしい。 ストリーム暗号は、ビット単位で暗号しますが、ブロック暗号は、ある程度の塊(ブロック)で暗号処理をします。だから、ブロック暗号です。 代表例は以下です。 ・ブロック暗号:DES、3DES、AES ・ストリーム暗号:RC4
A database that uses pre-defined groupings of data that can only be accessed based upon a user's authorization level, uses which of the following access control models? 1. Role-Based Access Control 2. Mandatory Access Control 3. View-Access Control 4. Front-end Delineated Access Control
ユーザーの承認レベルに基づいてのみアクセスできる定義済みのデータのグループを使用するデータベースで、次のアクセス制御モデルのどれを使用しますか。 3. View-Access Control The database management system would return a view—or logical subset—of the data in the database depending on the view specified by the calling application. When the application is written, the application would have a 'bind' to the appropriate view. ビューアクセス制御 データベース管理システムは、呼び出し側アプリケーションによって指定されたビューに応じて、データベース内のデータのビュー(または論理サブセット)を返します。 アプリケーションが作成されると、アプリケーションは適切なビューに「バインド」されます。
Information systems controls are based on which of the following set of principles? 1. Authentication, audit trails, and awareness briefings 2. Individual accountability, auditing, and separation of duties 3. Need to know, identification, and authenticity 4. Audit trails, limited tenure, and awareness briefings.
情報システムの管理は、次の原則のどれに基づいていますか。 1.認証、監査証跡、および意識ブリーフィング 2. 個人の説明責任、監査、および職務の分離 3. 知っている必要がある、身元確認、および信憑性 4. 監査証跡、限られた任期、および意識ブリーフィング。 The Answer is 3. Need to know, identification, and authenticity Information security controls are based on need to know, identification, and authenticity.
In a properly segregated environment which of the following are functions that are compatible? 1. Security administration and quality assurance 2. Security administration and data entry 3. Security administration and application programming 4. Application programming and data entry
適切に分離された環境では、次のうちどれが互換性のある機能ですか? Security Administration and Quality Assurance are the most similar tasks セキュリティ管理と品質保証は最も類似したタスクです。 compatible= 互換性