CISSP Practice Test Flashcards
What is the correct definition of penetration testing?
test procedure performed by security professionals with management approval
Based on the Federal Privacy Act of 1974, which type of permission must be obtained by a government agency to disclose private information that the agency collected?
- written permission
You are researching computer crimes. All of the following are categories of this type of crime, EXCEPT:
- computer-targeted crime
- computer-commerce crime
- computer-incidental crime
- computer-assisted crime
- computer-commerce crime
You have developed the information security policy for your organization. Which step should precede the adoption of this policy?
- obtaining management approval
Which security threat often uses tracking cookies to collect and report on a user’s activities?
- spyware
Which statement is true of symmetric cryptography?
- Symmetric cryptography is faster than asymmetric cryptography
Your company must comply with a cybersecurity certification body’s requirements. Management has requested that you perform a test prior to applying for this certification. Which type of test should you perform?
- Perform an internal assessment or audit using personnel from within the company.
You are the security administrator for your organization. A user in the IT department informs you that a print server was recently the victim of a teardrop attack. Which statement correctly defines the attack that has occurred?
- It involves the use of malformed fragmented packets and causes the target system to either freeze or crash
What information is true of an information processing facility?
- Doors and frames should have the same fire rating
Which type of virus is specifically designed to infect programs as they are loaded into memory?
- Resident virus
Which type of channel is used when one process writes data to a hard drive and another process reads it?
- covert storage channel
You are designing employee termination process guidelines. Which activity is NOT included in the employee termination process?
- signing a non-disclosure agreement
A security technician reports to you that a file server is experiencing unscheduled initial program loads (IPLs). Which statement BEST explains this problem?
- The system is rebooting
Your company has implemented a host-based intrusion detection system (HIDS). You have recently become concerned with your problems when these systems are implemented. What is a major problem when deploying this type of system?
- It must be deployed on each computer that needs it
What does sending data across an insecure network, such as the Internet, primarily affect?
- confidentiality and integrity
During which step of incident response does root cause analysis occur?
- review
What is used in evolutionary computing?
- genetic algorithms
Which statement is true of a multilevel security mode?
- The multilevel security mode involves the use of sensitivity labels
Which statement is NOT true regarding multicast transmissions?
- A message has one source and destination address
Which statement is true of the dedicated security mode?
- All users have the clearance and formal approval required to access all of the data
Which security principle identifies sensitive data and ensures that unauthorized entities cannot access it?
- confidentiality
Which access control model uses the star (*) integrity axiom and the simple integrity axiom?
- Biba model
What is a physical barrier that acts as the first line of defense against an intruder?
- a fence
Given two messages, M1 and M2, what is the LEAST likely outcome when using the same one-way hash function, H, to encrypt the messages?
- H(M1) = H(M2)
Which type of malicious code is hidden inside an otherwise benign program when the program is written
- Trojan horse
Your network allows remote users to connect over the Internet. Recently, hackers have attempted to breach your network. Management has decided to implement an authentication method that checks both ends of a connection. Which authentication method should you implement?
- mutual authentication
The business continuity team is interviewing users to gather information about business units and their functions. Which part of the business continuity plan includes this analysis?
- business impact analysis (BIA)
An organization wants to implement the access control model that is the easiest to administer. Which access control model should they use?
- RBAC
You have been asked to implement network monitoring that detects any changes or deviations in network traffic. Which type of monitoring are you implementing?
- anomaly-based
Which notebook is most preferred during the course of investigation in legal record keeping?
- bound notebook
Your organization has a fault-tolerant, clustered database that maintains sales records. Which transactional technique is used in this environment?
Online transaction processing (OLTP) is used in this environment. OLTP is a transactional technique used when a fault-tolerant, clustered database exists. OLTP balances transactional requests and distributes them among the different servers based on transaction load. OLTP uses a two-phase commit to ensure that all the databases in the cluster contain the same data.
Which statement correctly defines dynamic data exchange (DDE)?
- DDE allows multiple applications to share and exchange the same set of data
At which OSI layer does an active hub function?
- Physical
Which statement is NOT a characteristic of a network-based intrusion detection system (NIDS)?
- NIDS analyzes encrypted information
Which statement is true of the information flow model?
- The information flow model allows the flow of information within the same security level
During which step of the NIST SP 800-137 are the decisions on risk response made?
- Respond to findings
Your organization has decided to implement a network-based intrusion detection system (NIDS). What is the primary advantage of using this type of sytem?
- low maintenance
Which of the following is not part of the Penetration Test?
- Implementation of Controls
Which attack is NOT directed ONLY at virtual machines?
- MITM
A customer has requested a computer with a Clipper Chip. What is a Clipper Chip?
- It is an encryption chip
You are the security administrator for an organization. Management decides that all communication on the network should be encrypted using the data encryption standard (DES) algorithm. Which statement is true of this algorithm?
- A Triple DES (3DES) algorithm uses 48 rounds of computation
Which statement is true of covert channels?
- A covert channel is not controlled by a security mechanism
Your company is establishing new employment candidate screening processes. Which of the following should be included?
a) check all references
b) verify all education
c) review military records and experience
d) perform a background check
- all of the options
Which type of application serves as a core for the business operations of an organization?
- a critical application
Which attack sends unsolicited messages over a Bluetooth connection?
- blue jacking
Which is true of administrative law?
- Administrative law emphasizes the performance and conduct of organizations
Which entity must certify the public key pair of a root CA?
- the root CA
Your company decides that a new software product must be purchased to help the marketing staff manage campaigns and the resources used. During which phase of the software acquisition process do you document the software requirements?
- Planning phase
You are the incident investigator for your organization. You need to create two images of a file server’s hard drive. The incident investigation procedures state that you need to ensure that the new media is properly purged.
What should you do to meet this requirement?
- Ensure that the new media does not contain any residual data
Which processes control the flow of information in the lattice-based access control (LBAC) model?
- least upper and greatest lower bound operators
Which security principle in the Bell-LaPadula model prevents the security level of subjects and objects from being changed once they have been created?
- tranquility principle
Which type of virus includes protective code that prevents outside examination of critical elements?
- armored virus
A user inherits a permission based on his group membership. Which type of right has been implemented?
- implicit right
Which WLAN technology supports maximum of 11 Mbps data transmission?
- 802.11b
You DO NOT want to protect the file contents from being viewed; however, you want to be able to determine whether the contents of the file were altered during transit.
Which protective measure should you use?
- a digital signature
What is an integrated circuit with internal logic that is programmable?
- a PLD
Which of the following is not based on the Feistel cipher?
- Diffie-Hellman
Which statement is true of a data haven?
- a data haven either has no laws or poorly enforced laws for information protection