CISSP3

CISSP3

1 / 40

A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device. Which of the following is MOST effective to mitigate future infections?

Develop a written organizational policy prohibiting unauthorized USB devices

Train users on the dangers of transferring data in USB devices

Implement centralized technical control of USB port connections

Encrypt removable USB devices containing data at rest

2 / 40

Which of the following are important criteria when designing procedures and acceptance criteria for acquired software?

Code quality, security, and origin

Architecture, hardware, and firmware

Data quality, provenance, and scaling

Distributed, agile, and bench testing

3 / 40

A security compliance manager of a large enterprise wants to reduce the time it takes to perform network, system, and application security compliance audits while increasing quality and effectiveness of the results.
What should be implemented to BEST achieve the desired results?

Configuration Management Database (CMDB)

Source code repository

Configuration Management Plan (CMP)

System performance monitoring application

4 / 40

As part of the security assessment plan, the security professional has been asked to use a negative testing strategy on a new website. Which of the following actions would be performed?

Use a web scanner to scan for vulnerabilities within the website.

Perform a code review to ensure that the database references are properly addressed.

Establish a secure connection to the web server to validate that only the approved ports are open.

Enter only numbers in the web form and verify that the website prompts the user to enter a valid input.

5 / 40

From a security perspective, which of the following assumptions MUST be made about input to an application?

It is tested

It is logged

It is verified

It is untrusted

6 / 40

Which one of the following considerations has the LEAST impact when considering transmission security?

Network availability

Node locations

Network bandwidth

Data integrity

7 / 40

In a High Availability (HA) environment, what is the PRIMARY goal of working with a virtual router address as the gateway to a network?

The second of two routers can periodically check in to make sure that the first router is operational.

The second of two routers can better absorb a Denial of Service (DoS) attack knowing the first router is present.

The first of two routers fails and is reinstalled, while the second handles the traffic flawlessly.

The first of two routers can better handle specific traffic, while the second handles the rest of the traffic seamlessly.

8 / 40

Who would be the BEST person to approve an organizations information security policy?

Chief Information Officer (CIO)

Chief Information Security Officer (CISO)

Chief internal auditor

Chief Executive Officer (CEO)

9 / 40

Which of the following alarm systems is recommended to detect intrusions through windows in a high- noise, occupied environment?

Acoustic sensor

Motion sensor

Shock sensor

Photoelectric sensor

10 / 40

Proven application security principles include which of the following?

Minimizing attack surface area

Hardening the network perimeter

Accepting infrastructure security controls

Developing independent modules

11 / 40

Which of the following is MOST appropriate for protecting confidentially of data stored on a hard drive?

Triple Data Encryption Standard (3DES)

Advanced Encryption Standard (AES)

Message Digest 5 (MD5)

Secure Hash Algorithm 2(SHA-2)

12 / 40

A company seizes a mobile device suspected of being used in committing fraud. What would be the BEST method used by a forensic examiner to isolate the powered-on device from the network and preserve the evidence?

Put the device in airplane mode

Suspend the account with the telecommunication provider

Remove the SIM card

Turn the device off

13 / 40

Why is planning in Disaster Recovery (DR) an interactive process?

It details off-site storage plans

It identifies omissions in the plan

It defines the objectives of the plan

It forms part of the awareness process

14 / 40

A chemical plan wants to upgrade the Industrial Control System (ICS) to transmit data using Ethernet instead of RS422. The project manager wants to simplify administration and maintenance by utilizing the office network infrastructure and staff to implement this upgrade.
Which of the following is the GREATEST impact on security for the network?

The network administrators have no knowledge of ICS

The ICS is now accessible from the office network

The ICS does not support the office password policy

RS422 is more reliable than Ethernet

15 / 40

What does electronic vaulting accomplish?

It protects critical files.

It ensures the fault tolerance of Redundant Array of Independent Disks (RAID) systems

It stripes all database records

It automates the Disaster Recovery Process (DRP)

16 / 40

Which of the following is the MOST important part of an awareness and training plan to prepare employees for emergency situations?

Having emergency contacts established for the general employee population to get information

Conducting business continuity and disaster recovery training for those who have a direct role in the recovery

Designing business continuity and disaster recovery training programs for different audiences

Publishing a corporate business continuity and disaster recovery plan on the corporate website

17 / 40

When determining who can accept the risk associated with a vulnerability, which of the following is MOST important?

Countermeasure effectiveness

Type of potential loss

Incident likelihood

Information ownership

18 / 40

Transport Layer Security (TLS) provides which of the following capabilities for a remote access server?

Transport layer handshake compression

Application layer negotiation

Peer identity authentication

Digital certificate revocation

19 / 40

Which factors MUST be considered when classifying information and supporting assets for risk management, legal discovery, and compliance?

System owner roles and responsibilities, data handling standards, storage and secure development lifecycle requirements

Data stewardship roles, data handling and storage standards, data lifecycle requirements

Compliance office roles and responsibilities, classified material handling standards, storage system lifecycle requirements

System authorization roles and responsibilities, cloud computing standards, lifecycle requirements

20 / 40

Digital certificates used in Transport Layer Security (TLS) support which of the following?

Information input validation

Non-repudiation controls and data encryption

Multi-Factor Authentication (MFA)

Server identity and data confidentially

21 / 40

What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?

To ensure Information Technology (IT) staff knows and performs roles assigned to each of them

To validate backup sites’ effectiveness

To find out what does not work and fix it

To create a high level DRP awareness among Information Technology (IT) staff

22 / 40

Which of the following would an attacker BEST be able to accomplish through the use of Remote Access Tools (RAT)?

Reduce the probability of identification

Detect further compromise of the target

Destabilize the operation of the host

Maintain and expand control

23 / 40

Access to which of the following is required to validate web session management?

Log timestamp

Live session traffic

Session state variables

Test scripts

24 / 40

Which of the following is the MOST effective method to mitigate Cross-Site Scripting (XSS) attacks?

Use Software as a Service (SaaS)

Whitelist input validation

Require client certificates

Validate data output

25 / 40

Which of the following is a benefit in implementing an enterprise Identity and Access Management (IAM) solution?

Password requirements are simplified.

Risk associated with orphan accounts is reduced.

Segregation of duties is automatically enforced.

Data confidentiality is increased.

26 / 40

A Security Operations Center (SOC) receives an incident response notification on a server with an active intruder who has planted a backdoor. Initial notifications are sent and communications are established.
What MUST be considered or evaluated before performing the next step?

Notifying law enforcement is crucial before hashing the contents of the server hard drive

Identifying who executed the incident is more important than how the incident happened

Removing the server from the network may prevent catching the intruder

Copying the contents of the hard drive to another storage device may damage the evidence

27 / 40

In the Software Development Life Cycle (SDLC), maintaining accurate hardware and software inventories is a critical part of

systems integration.

risk management.

quality assurance.

change management.

28 / 40

Which of the following is the BEST method to reduce the effectiveness of phishing attacks?

User awareness

Two-factor authentication

Anti-phishing software

Periodic vulnerability scan

29 / 40

How should an organization determine the priority of its remediation efforts after a vulnerability assessment has been conducted?

Use an impact-based approach.

Use a risk-based approach.

Use a criticality-based approach.

Use a threat-based approach.

30 / 40

Reciprocal backup site agreements are considered to be

a better alternative than the use of warm sites.

difficult to test for complex systems.

easy to implement for similar types of organizations.

easy to test and implement for complex systems.

31 / 40

When designing a vulnerability test, which one of the following is likely to give the BEST indication of what components currently operate on the network?

Topology diagrams

Mapping tools

Asset register

Ping testing

32 / 40

In order to assure authenticity, which of the following are required?

Confidentiality and authentication

Confidentiality and integrity

Authentication and non-repudiation

Integrity and non-repudiation

33 / 40

An application developer is deciding on the amount of idle session time that the application allows before a timeout. The BEST reason for determining the session timeout requirement is

organization policy.

industry best practices.

industry laws and regulations.

management feedback.

34 / 40

A database administrator is asked by a high-ranking member of management to perform specific changes to the accounting system database. The administrator is specifically instructed to not track or evidence the change in a ticket. Which of the following is the BEST course of action?

Ignore the request and do not perform the change.

Perform the change as requested, and rely on the next audit to detect and report the situation.

Perform the change, but create a change ticket regardless to ensure there is complete traceability.

Inform the audit committee or internal audit directly using the corporate whistleblower process.

35 / 40

What is the BEST way to encrypt web application communications?

Secure Hash Algorithm 1 (SHA-1)

Secure Sockets Layer (SSL)

Cipher Block Chaining Message Authentication Code (CBC-MAC)

Transport Layer Security (TLS)

36 / 40

Which Radio Frequency Interference (RFI) phenomenon associated with bundled cable runs can create information leakage?

Transference

Covert channel

Bleeding

Cross-talk

37 / 40

Which of the following approaches is the MOST effective way to dispose of data on multiple hard drives?

Delete every file on each drive.

Destroy the partition table for each drive using the command line.

Degauss each drive individually.

Perform multiple passes on each drive using approved formatting methods.

38 / 40

What balance MUST be considered when web application developers determine how informative application error messages should be constructed?

Risk versus benefit

Availability versus auditability

Confidentiality versus integrity

Performance versus user satisfaction

39 / 40

The restoration priorities of a Disaster Recovery Plan (DRP) are based on which of the following documents?

Service Level Agreement (SLA)

Business Continuity Plan (BCP)

Business Impact Analysis (BIA)

Crisis management plan

40 / 40

What does the Maximum Tolerable Downtime (MTD) determine?

The estimated period of time a business critical database can remain down before customers are affected.

The fixed length of time a company can endure a disaster without any Disaster Recovery (DR) planning

The estimated period of time a business can remain interrupted beyond which it risks never recovering

The fixed length of time in a DR process before redundant systems are engaged

Your score is

0%

Leave a Reply Cancel reply