CISSP5

CISSP5

1 / 40

What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own ban account?

Data fiddling

Data diddling

Data hiding

Data masking

2 / 40

Which Orange book security rating introduces security labels?

C2

B1

B2

B3

3 / 40

Which of the following best describes the purpose of debugging programs?

To generate random data that can be used to test programs before implementing them

To ensure that program coding flaws are detected and corrected.

To protect, during the programming phase, valid changes from being overwritten by other changes.

To compare source code versions before transferring to the test environment.

4 / 40

The act of requiring two of the three factors to be used in the authentication process refers to?

Two-Factor Authentication

One-Factor Authentication

Bi-Factor Authentication

Double Authentication

5 / 40

Intellectual property rights are PRIMARY concerned with which of the following?

Owner’s ability to realize financial gain

Owner’s ability to maintain copyright

Right of the owner to enjoy their creation

Right of the owner to control delivery method

6 / 40

Which of the following actions will reduce risk to a laptop before traveling to a high risk area?

Examine the device for physical tampering

Implement more stringent baseline configurations

Purge or re-image the hard disk drive

Change access codes

7 / 40

A company whose Information Technology (IT) services are being delivered from a Tier 4 data center, is preparing a companywide Business Continuity Planning (BCP). Which of the following failures should the IT manager be concerned with?

Application

Storage

Power

Network

8 / 40

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

determine the risk of a business interruption occurring

determine the technological dependence of the business processes

Identify the operational impacts of a business interruption

Identify the financial impacts of a business interruption

9 / 40

In a data classification scheme, the data is owned by the

system security managers

business managers

Information Technology (IT) managers

end users

10 / 40

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

Implementation Phase

Initialization Phase

Cancellation Phase

Issued Phase

11 / 40

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

Link layer

Physical layer

Session layer

Application layer

12 / 40

Which of the following BEST describes an access control method utilizing cryptographic keys derived from a smart card private key that is embedded within mobile devices?

Derived credential

Temporary security credential

Mobile device credentialing service

Digest authentication

13 / 40

Users require access rights that allow them to view the average salary of groups of employees. Which control would prevent the users from obtaining an individual employee’s salary?

Limit access to predefined queries

Segregate the database into a small number of partitions each with a separate security level

Implement Role Based Access Control (RBAC)

Reduce the number of people who have access to the system for statistical purposes

14 / 40

What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

Audit logs

Role-Based Access Control (RBAC)

Two-factor authentication

Application of least privilege

15 / 40

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

Absence of a Business Intelligence (BI) solution

Inadequate cost modeling

Improper deployment of the Service-Oriented Architecture (SOA)

Insufficient Service Level Agreement (SLA)

16 / 40

Which of the following types of business continuity tests includes assessment of resilience to internal and external risks without endangering live operations?

Walkthrough

Simulation

Parallel

White box

17 / 40

Which of the following is the FIRST step in the incident response process?

Determine the cause of the incident

Disconnect the system involved from the network

Isolate and contain the system involved

Investigate all symptoms to confirm the incident

18 / 40

To prevent inadvertent disclosure of restricted information, which of the following would be the LEAST effective process for eliminating data prior to the media being discarded?

Multiple-pass overwriting

Degaussing

High-level formatting

Physical destruction

19 / 40

An internal Service Level Agreement (SLA) covering security is signed by senior managers and is in place. When should compliance to the SLA be reviewed to ensure that a good security posture is being delivered?

As part of the SLA renewal process

Prior to a planned security audit

Immediately after a security breach

At regularly scheduled meetings

20 / 40

What is the ultimate objective of information classification?

To assign responsibility for mitigating the risk to vulnerable systems

To ensure that information assets receive an appropriate level of protection

To recognize that the value of any item of information may change over time

To recognize the optimal number of classification categories and the benefits to be gained from their use

21 / 40

The BEST way to check for good security programming practices, as well as auditing for possible backdoors, is to conduct

log auditing.

code reviews.

impact assessments.

static analysis.

22 / 40

Which of the following BEST represents the principle of open design?

Disassembly, analysis, or reverse engineering will reveal the security functionality of the computer system.

Algorithms must be protected to ensure the security and interoperability of the designed system.

A knowledgeable user should have limited privileges on the system to prevent their ability to compromise security capabilities.

The security of a mechanism should not depend on the secrecy of its design or implementation.

23 / 40

Which of the following would be the FIRST step to take when implementing a patch management program?

Perform automatic deployment of patches.

Monitor for vulnerabilities and threats.

Prioritize vulnerability remediation.

Create a system inventory.

24 / 40

Which of the following is a method used to prevent Structured Query Language (SQL) injection attacks?

Data compression

Data classification

Data warehousing

Data validation

25 / 40

Which one of the following considerations has the LEAST impact when considering transmission security?

Network availability

Data integrity

Network bandwidth

Node locations

26 / 40

Which of the following is the MAIN reason that system re-certification and re-accreditation are needed?

To assist data owners in making future sensitivity and criticality determinations

To assure the software development team that all security issues have been addressed

To verify that security protection remains acceptable to the organizational security policy

To help the security team accept or reject new systems for implementation and production

27 / 40

When implementing controls in a heterogeneous end-point network for an organization, it is critical that

hosts are able to establish network communications.

users can make modifications to their security software configurations.

common software security components be implemented across all hosts.

firewalls running on each host are fully customizable by the user.

28 / 40

Which one of the following is a fundamental objective in handling an incident?

To restore control of the affected systems

To confiscate the suspect’s computers

To prosecute the attacker

To perform full backups of the system

29 / 40

A security professional has just completed their organization’s Business Impact Analysis (BIA). Following Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) best practices, what would be the professional’s NEXT step?

Identify and select recovery strategies.

Present the findings to management for funding.

Select members for the organization’s recovery teams.

Prepare a plan to test the organization’s ability to recover its operations.

30 / 40

What is the term commonly used to refer to a technique of authenticating one machine to another by forging packets from a trusted source?

Man-in-the-Middle (MITM) attack

Smurfing

Session redirect

Spoofing

31 / 40

Which of the following methods protects Personally Identifiable Information (PII) by use of a full replacement of the data element?

Transparent Database Encryption (TDE)

Column level database encryption

Volume encryption

Data tokenization

32 / 40

What should be the INITIAL response to Intrusion Detection System/Intrusion Prevention System (IDS/IPS) alerts?

Ensure that the Incident Response Plan is available and current.

Determine the traffic’s initial source and block the appropriate port.

Disable or disconnect suspected target and source systems.

Verify the threat and determine the scope of the attack.

33 / 40

Which of the following does Temporal Key Integrity Protocol (TKIP) support?

Multicast and broadcast messages

Coordination of IEEE 802.11 protocols

Wired Equivalent Privacy (WEP) systems

Synchronization of multiple devices

34 / 40

The BEST method of demonstrating a company’s security level to potential customers is

a report from an external auditor.

responding to a customer’s security questionnaire.

a formal report from an internal auditor.

a site visit by a customer’s security team.

35 / 40

An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and a variety of passwords for that user are noted. Which of the following is MOST likely occurring?

A dictionary attack

A Denial of Service (DoS) attack

A spoofing attack

A backdoor installation

36 / 40

Which one of the following affects the classification of data?

Passage of time

Assigned security label

Multilevel Security (MLS) architecture

Minimum query size

37 / 40

In a basic SYN flood attack, what is the attacker attempting to achieve?

Exceed the threshold limit of the connection queue for a given service

Set the threshold to zero for a given service

Cause the buffer to overflow, allowing root access

Flush the register stack, allowing hijacking of the root account

38 / 40

Which of the following is the BEST solution to provide redundancy for telecommunications links?

Provide multiple links from the same telecommunications vendor.

Ensure that the telecommunications links connect to the network in one location.

Ensure that the telecommunications links connect to the network in multiple locations.

Provide multiple links from multiple telecommunications vendors.

39 / 40

Refer to the information below to answer the question.
In a Multilevel Security (MLS) system, the following sensitivity labels are used in increasing levels of sensitivity: restricted, confidential, secret, top secret. Table A lists the clearance levels for four users, while Table B lists the security classes of four different files.
Which of the following is true according to the star property (*property)?

User D can write to File 1

User B can write to File 1

User A can write to File 1

User C can write to File 1

40 / 40

Which of the following is the BEST way to determine if a particular system is able to identify malicious software without executing it?

Testing with a Botnet

Testing with an EICAR file

Executing a binary shellcode

Run multiple antivirus programs

Your score is

0%

Leave a Reply Cancel reply