CISSP5

CISSP5

1 / 40

At which of the following phases of a software development life cycle are security and access controls normally designed?

Coding

Product design

Software plans and requirements

Detailed design

2 / 40

What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own ban account?

Data fiddling

Data diddling

Data hiding

Data masking

3 / 40

Detection capabilities of Host-based ID systems are limited by the incompleteness of which of the following?

Audit log capabilities

Event capture capabilities

Event triage capabilities

Audit notification capabilities

4 / 40

An important principle of defense in depth is that achieving information security requires a balanced focus on which PRIMARY elements?

Development, testing, and deployment

Prevention, detection, and remediation

People, technology, and operations

Certification, accreditation, and monitoring

5 / 40

Which of the following types of technologies would be the MOST cost-effective method to provide a reactive control for protecting personnel in public areas?

Install mantraps at the building entrances

Enclose the personnel entry area with polycarbonate plastic

Supply a duress alarm for personnel exposed to the public

Hire a guard to protect the public area

6 / 40

All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that

determine the risk of a business interruption occurring

determine the technological dependence of the business processes

Identify the operational impacts of a business interruption

Identify the financial impacts of a business interruption

7 / 40

Which of the following BEST describes the responsibilities of a data owner?

Ensuring quality and validation through periodic audits for ongoing data integrity

Maintaining fundamental data availability, including data storage and archiving

Ensuring accessibility to appropriate users, maintaining appropriate levels of data security

Determining the impact the information has on the mission of the organization

8 / 40

What is the second phase of Public Key Infrastructure (PKI) key/certificate life-cycle management?

Implementation Phase

Initialization Phase

Cancellation Phase

Issued Phase

9 / 40

At what level of the Open System Interconnection (OSI) model is data at rest on a Storage Area Network (SAN) located?

Link layer

Physical layer

Session layer

Application layer

10 / 40

What is the BEST approach for controlling access to highly sensitive information when employees have the same level of security clearance?

Audit logs

Role-Based Access Control (RBAC)

Two-factor authentication

Application of least privilege

11 / 40

An organization is found lacking the ability to properly establish performance indicators for its Web hosting solution during an audit. What would be the MOST probable cause?

Absence of a Business Intelligence (BI) solution

Inadequate cost modeling

Improper deployment of the Service-Oriented Architecture (SOA)

Insufficient Service Level Agreement (SLA)

12 / 40

Which of the following is the FIRST step in the incident response process?

Determine the cause of the incident

Disconnect the system involved from the network

Isolate and contain the system involved

Investigate all symptoms to confirm the incident

13 / 40

A continuous information security monitoring program can BEST reduce risk through which of the following?

Collecting security events and correlating them to identify anomalies

Facilitating system-wide visibility into the activities of critical user accounts

Encompassing people, process, and technology

Logging both scheduled and unscheduled system changes

14 / 40

In a financial institution, who has the responsibility for assigning the classification to a piece of information?

Chief Financial Officer (CFO)

Chief Information Security Officer (CISO)

Originator or nominated owner of the information

Department head responsible for ensuring the protection of the information

15 / 40

Which of the following is considered best practice for preventing e-mail spoofing?

Spam filtering

Cryptographic signature

Uniform Resource Locator (URL) filtering

Reverse Domain Name Service (DNS) lookup

16 / 40

The overall goal of a penetration test is to determine a system’s

ability to withstand an attack.

capacity management.

error recovery capabilities.

reliability under stress.

17 / 40

Which of the following statements is TRUE for point-to-point microwave transmissions?

They are not subject to interception due to encryption.

Interception only depends on signal strength.

They are too highly multiplexed for meaningful interception.

They are subject to interception by an antenna within proximity.

18 / 40

Following the completion of a network security assessment, which of the following can BEST be demonstrated?

The effectiveness of controls can be accurately measured

A penetration test of the network will fail

The network is compliant to industry standards

All unpatched vulnerabilities have been identified

19 / 40

A disadvantage of an application filtering firewall is that it can lead to

a crash of the network as a result of user activities.

performance degradation due to the rules applied.

loss of packets on the network due to insufficient bandwidth.

Internet Protocol (IP) spoofing by hackers.

20 / 40

Which of the following is the FIRST step of a penetration test plan?

Analyzing a network diagram of the target network

Notifying the company’s customers

Obtaining the approval of the company’s management

Scheduling the penetration test during a period of least impact

21 / 40

Which of the following is the MAIN reason that system re-certification and re-accreditation are needed?

To assist data owners in making future sensitivity and criticality determinations

To assure the software development team that all security issues have been addressed

To verify that security protection remains acceptable to the organizational security policy

To help the security team accept or reject new systems for implementation and production

22 / 40

Which of the following is an effective method for avoiding magnetic media data remanence?

Degaussing

Encryption

Data Loss Prevention (DLP)

Authentication

23 / 40

Which of the following wraps the decryption key of a full disk encryption implementation and ties the hard disk drive to a particular device?

Trusted Platform Module (TPM)

Preboot eXecution Environment (PXE)

Key Distribution Center (KDC)

Simple Key-Management for Internet Protocol (SKIP)

24 / 40

Which of the following is an appropriate source for test data?

Production data that is secured and maintained only in the production environment.

Test data that has no similarities to production datA.

Test data that is mirrored and kept up-to-date with production datA.

Production data that has been sanitized before loading into a test environment.

25 / 40

What is the term commonly used to refer to a technique of authenticating one machine to another by forging packets from a trusted source?

Man-in-the-Middle (MITM) attack

Smurfing

Session redirect

Spoofing

26 / 40

Including a Trusted Platform Module (TPM) in the design of a computer system is an example of a technique to what?

Interface with the Public Key Infrastructure (PKI)

Improve the quality of security software

Prevent Denial of Service (DoS) attacks

Establish a secure initial state

27 / 40

Contingency plan exercises are intended to do which of the following?

Train personnel in roles and responsibilities

Validate service level agreements

Train maintenance personnel

Validate operation metrics

28 / 40

The BEST method of demonstrating a company’s security level to potential customers is

a report from an external auditor.

responding to a customer’s security questionnaire.

a formal report from an internal auditor.

a site visit by a customer’s security team.

29 / 40

An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and a variety of passwords for that user are noted. Which of the following is MOST likely occurring?

A dictionary attack

A Denial of Service (DoS) attack

A spoofing attack

A backdoor installation

30 / 40

Which of the following is a security limitation of File Transfer Protocol (FTP)?

Passive FTP is not compatible with web browsers.

Anonymous access is allowed.

FTP uses Transmission Control Protocol (TCP) ports 20 and 21.

Authentication is not encrypted.

31 / 40

The use of strong authentication, the encryption of Personally Identifiable Information (PII) on database servers, application security reviews, and the encryption of data transmitted across networks provide

data integrity.

defense in depth.

data availability.

non-repudiation.

32 / 40

A practice that permits the owner of a data object to grant other users access to that object would usually provide

Mandatory Access Control (MAC).

owner-administered control.

owner-dependent access control.

Discretionary Access Control (DAC).

33 / 40

What is an effective practice when returning electronic storage media to third parties for repair?

Ensuring the media is not labeled in any way that indicates the organization’s name.

Disassembling the media and removing parts that may contain sensitive datA.

Physically breaking parts of the media that may contain sensitive datA.

Establishing a contract with the third party regarding the secure handling of the mediA.

34 / 40

According to best practice, which of the following groups is the MOST effective in performing an information security compliance audit?

In-house security administrators

In-house Network Team

Disaster Recovery (DR) Team

External consultants

35 / 40

When implementing a secure wireless network, which of the following supports authentication and authorization for individual client endpoints?

Temporal Key Integrity Protocol (TKIP)

Wi-Fi Protected Access (WPA) Pre-Shared Key (PSK)

Wi-Fi Protected Access 2 (WPA2) Enterprise

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)

36 / 40

Which of the following actions MUST be taken if a vulnerability is discovered during the maintenance stage in a System Development Life Cycle (SDLC)?

Make changes following principle and design guidelines.

Stop the application until the vulnerability is fixed.

Report the vulnerability to product owner.

Monitor the application and review code.

37 / 40

A large university needs to enable student access to university resources from their homes. Which of the following provides the BEST option for low maintenance and ease of deployment?

Provide students with Internet Protocol Security (IPSec) Virtual Private Network (VPN) client software.

Use Secure Sockets Layer (SSL) VPN technology.

Use Secure Shell (SSH) with public/private keys.

Require students to purchase home router capable of VPN.

38 / 40

What is the BEST first step for determining if the appropriate security controls are in place for protecting data at rest?

Identify regulatory requirements

Conduct a risk assessment

Determine business drivers

Review the security baseline configuration

39 / 40

What is the PRIMARY reason for ethics awareness and related policy implementation?

It affects the workflow of an organization.

It affects the reputation of an organization.

It affects the retention rate of employees.

It affects the morale of the employees.

40 / 40

An organization’s data policy MUST include a data retention period which is based on

application dismissal.

business procedures.

digital certificates expiration.

regulatory compliance.

Your score is

0%

Leave a Reply Cancel reply