3rd Edition Abernathy CISSP Cert Guide 3e Questions bank - Exam Pack | CISSP Cert Guide 3e Abernathy by Robin Abernathy. DOCX document preview.
Question ID: CISSP-2018-RA-03-4-115
Question: You want to use MAC to help protect the hash values of several vital files. Which of the following is NOT a valid MAC mode?
A: HMAC
B: CBC-MAC
C: CMAC
D: ECB
Question ID: CISSP-2018-RA-03-4-116
Question: Your organization implements 3DES to protect the data over the network. The 3DES mode that is used encrypts each block of data three times, each time with a different key. Which 3DES mode is being used?
A: 3DES-EEE3
B: 3DES-EDE3
C: 3DES-EEE2
D: 3DES-EDE2
Question ID: CISSP-2018-RA-03-4-117
Question: Your organization implements 3DES to protect the data over the network. The 3DES mode that is used encrypts each block of data with the first key, decrypts each block with the second key, and encrypts each block with the third key. Which 3DES mode is being used?
A: 3DES-EEE3
B: 3DES-EDE3
C: 3DES-EEE2
D: 3DES-EDE2
Question ID: CISSP-2018-RA-03-4-118
Question: Your organization implements 3DES to protect the data over the network. The 3DES mode that is used encrypts each block of data with the first key, encrypts each block with the second key, and encrypts each block with the first key again. Which 3DES mode is being used?
A: 3DES-EEE3
B: 3DES-EDE3
C: 3DES-EEE2
D: 3DES-EDE2
Question ID: CISSP-2018-RA-03-4-119
Question: Your organization implements 3DES to protect the data over the network. The 3DES mode that is used encrypts each block of data with the first key, decrypts each block with the second key, and encrypts each block with the first key again. Which 3DES mode is being used?
A: 3DES-EEE3
B: 3DES-EDE3
C: 3DES-EEE2
D: 3DES-EDE2
Question ID: CISSP-2018-RA-03-4-120
Question: Which of the following is NOT a valid block size for the AES algorithm?
A: 64 bits
B: 128 bits
C: 192 bits
D: 256 bits
Question ID: CISSP-2018-RA-03-4-121
Question: Which of the following is a stream cipher?
A: 3DES
B: RC4
C: Skipjack
D: RC6
Question ID: CISSP-2018-RA-03-4-122
Question: Which of the following does NOT include any security mechanism?
A: S-HTTP
B: HTTPS
C: ActiveX
D: FTP
Question ID: CISSP-2018-RA-03-4-123
Question: Which of the following is an approach that relies on creating layers of physical barriers?
A: Natural Access Control
B: Natural Territorials Reinforcement
C: Concentric circle
D: Natural surveillance
Question ID: CISSP-2018-RA-03-4-124
Question: Which of the following operates by detecting temperature changes?
A: Heat activated sensor
B: Smoke activated sensor
C: Flame actuated sensor
D: Wet pipe extinguisher
Question ID: CISSP-2018-RA-03-4-125
Question: Which of the following is a programmable card used to deliver an access code to the device either by swiping the card or in some cases just being in the vicinity of the reader?
A: Combination lock
B: Tumbler lock
C: Warded lock
D: Cipher lock
E: PAD
F: Mantrap
G: Cable lock
Question ID: CISSP-2018-RA-03-4-126
Question: Which of the following is a momentary power outage?
A: Fault
B: Surge
C: Blackout
D: Brownout
Question ID: CISSP-2018-RA-03-4-127
Question: With which of the following does the key raise the lock metal piece to the correct height?
A: Combination lock
B: Tumbler lock
C: Warded lock
D: Cipher lock
E: PAD
F: Mantrap
G: Cable lock
Question ID: CISSP-2018-RA-03-4-128
Question: Which of the following is a prolonged reduction in voltage?
A: Fault
B: Surge
C: Blackout
D: Brownout
Question ID: CISSP-2018-RA-03-4-129
Question: Which of the following is a series of two doors with a small room between them?
A: Combination lock
B: Tumbler lock
C: Warded lock
D: Cipher lock
E: PAD
F: Mantrap
G: Cable lock
Question ID: CISSP-2018-RA-03-4-130
Question: Which of the following is a prolonged power increase?
A: Fault
B: Surge
C: Blackout
D: Brownout
Question ID: CISSP-2018-RA-03-4-131
Question: Which NIACAP accreditation type evaluates an application or system that is distributed to a number of different locations?
A: Type accreditation
B: System accreditation
C: Site accreditation
D: Mask accreditation
Question ID: CISSP-2018-RA-03-4-132
Question: Which NIACAP accreditation type evaluates an application or support system?
A: Type accreditation
B: System accreditation
C: Site accreditation
D: Mask accreditation
Question ID: CISSP-2018-RA-03-4-133
Question: Which of the following uses Evaluation Assurance Levels (EALs) to rate systems with each level representing a successively higher level of security testing and design in a system?
A: Common Criteria
B: ITSEC
C: Orange book
D: Rainbow series
Question ID: CISSP-2018-RA-03-4-134
Question: Which of the following can be used for evaluating vendor products or by vendors to design necessary functionality into new products?
A: TCSEC
B: ITSEC
C: DITSCAP
D: NIACAP
Question ID: CISSP-2018-RA-03-4-135
Question: Which of the following is not a system threat?
A: Electrical
B: Communications
C: Tornados
D: Utilities
Question ID: CISSP-2018-RA-03-4-136
Question: Which of the following is NOT an example of a system threat?
A: Electrical problems
B: Loss of email access
C: Floods
D: Loss of water supply
Question ID: CISSP-2018-RA-04-1-001
Question: Within the Open Systems Interconnection (OSI) reference model, when the identity of a remote communicating entity and the authenticity of the source of the data that are received are verified, which concept has been satisfied?
A: Authentication
B: Authorization
C: Accounting
D: Integrity
Question ID: CISSP-2018-RA-04-1-002
Question: Which two of the following are protocols used to carry authentication, authorization, and configuration information between a Network Access Server and a shared Authentication Server?
A: RADIUS
B: PPTP
C: IPsec
D: TACACS+
Question ID: CISSP-2018-RA-04-1-003
Question: The Internet is a Wide Area Network that was originally funded by which organization?
A: IEEE
B: IANA
C: DoD
D: ISO
Question ID: CISSP-2018-RA-04-1-004
Question: Which of the following computer crimes affects the concept of availability?
A: IP spoofing
B: Password sniffing
C: Data diddling
D: DoS
Question ID: CISSP-2018-RA-04-1-005
Question: Which of the following is a form of a DoS attack?
A: Session highjacking attack
B: Port scan
C: SYN ACK attack
D: IP address spoofing
Question ID: CISSP-2018-RA-04-1-006
Question: Which of the following provides the best defense against network transmission interception?
A: Twisted pair
B: Fiber optic
C: Coaxial
D: ThinNet
Question ID: CISSP-2018-RA-04-1-007
Question: Which of the following is designed to be attractive to hackers and lure them into spending time attacking them while information is gathered about the attack?
A: Proxy firewall
B: Honeypot
C: PBX
D: Screened subnet
Question ID: CISSP-2018-RA-04-1-008
Question: What protocol encapsulates the original packet?
A: MNP
B: TCP/IP
C: PPTP
D: PPP
Question ID: CISSP-2018-RA-04-1-009
Question: What data rate is possible both upstream and downstream by HDSL?
A: 1.544 Mbps
B: 256 Kbps
C: 512 Kbps
D: 20 Mbps
Question ID: CISSP-2018-RA-04-1-010
Question: Which of the following is one of the techniques used by hackers to hide their trail?
A: Session highjacking attack
B: Port scan
C: SYN ACK attack
D: IP address spoofing
Question ID: CISSP-2018-RA-04-1-079
Question: Which of the following establishes a session using a digital certificate and encrypts an entire session?
A: HTTPS
B: S-HTTP
C: SET
D: Cookies
Question ID: CISSP-2018-RA-04-1-080
Question: Which of the following encrypts only a single message?
A: HTTPS
B: S-HTTP
C: SET
D: Cookies
Question ID: CISSP-2018-RA-04-1-144
Question: Which of the following protocols provides encryption to protect the data as it is transmitted over the network?
A: HTTP
B: S-HTTP
C: FTP
D: TFTP
E: SFTP
F: Options a and b only
G: Options c, d, and e only
H: Options a and c only
I: Options b and e only
Question ID: CISSP-2018-RA-04-1-145
Question: Which protocol should you implement to protect data that is transmitted over a VPN?
A: SET
B: IPsec
C: S-HTTP
D: SFTP
Question ID: CISSP-2018-RA-04-1-146
Question: Which of the following was created to protect credit card transactions?
A: SSL
B: TLS
C: SET
D: SSH
Question ID: CISSP-2018-RA-04-1-147
Question: Which protocol protects the communication channel between two computers?
A: HTTPS
B: S-HTTP
C: HTTP
D: FTP
Question ID: CISSP-2018-RA-04-1-148
Question: You need to allow users to remotely access a server. Which protocol should you use?
A: SFTP
B: SSH
C: PGP
D: IPsec
Question ID: CISSP-2018-RA-04-1-149
Question: Which of the following is the MOST secure to use to connect to a remote server?
A: Telnet
B: rlogin
C: rexec
D: SSH
Question ID: CISSP-2018-RA-04-1-176
Question: Which of the following layers of the OSI model is responsible for the manner in which the data from the application layer is represented (or presented) to the application layer on the destination device?
A: Session layer
B: Transport layer
C: Network layer
D: Data link layer
E: Physical layer
F: Application layer
G: Presentation layer
Question ID: CISSP-2018-RA-04-1-177
Question: Which of the following devices operate at Layer 2 of the OSI mode?
A: Router
B: Repeater
C: Hub
D: Switch
E: Bridge
F: A and D
G: D and E
H: all of the above
Question ID: CISSP-2018-RA-04-1-178
Question: Which of the following layers of the TCP/IP model corresponds to the application, presentation, and session layers of the OSI model?
A: Host-to-host
B: Application
C: Internet
D: Network access
Question ID: CISSP-2018-RA-04-1-179
Question: Which of the following devices operate at Layer 4 of the OSI model?
A: Router
B: Repeater
C: Hub
D: Switch
E: Bridge
F: A and D
G: All the above
H: B and C
I: none of the above
Question ID: CISSP-2018-RA-04-1-180
Question: Which of the following layers of the OSI model makes a communication session between a service or application on the source device possible with the same service or application on the destination?
A: Session layer
B: Transport layer
C: Network layer
D: Data Link layer
E: Physical layer
F: Application layer
G: Presentation layer
Question ID: CISSP-2018-RA-04-1-181
Question: Which of the following layers of the TCP/IP model corresponds to the data Link and physical layers of the OSI model?
A: Host-to-host
B: Application
C: Internet
D: Network access
Question ID: CISSP-2018-RA-04-1-182
Question: Which of the following statements regarding IDSs are TRUE?
A: A network-based IDS is the most common IDS and monitors network traffic on a local network segment.
B: A traffic anomaly-based IDS has knowledge of the protocols that it will monitor.
C: A rule-based IDS is an expert system that uses a knowledge base, inference engine, and rule-based programming.
D: Statements a and b only
E: Statements b and c only
F: Statements a and c only
G: All the statements
Question ID: CISSP-2018-RA-04-1-183
Question: Which of the following statements regarding IDSs and IPSs are FALSE?
A: Implementing an IDS is more expensive than implementing an IPS.
B: Both IDSs and IPSs can be network-based or host-based.
C: Running an IPS is more of an overall performance load than running an IDS.
D: Statements a and b only
E: Statements b and c only
F: Statements a and c only
G: None of the statements
Question ID: CISSP-2018-RA-04-1-184
Question: Which of the following ensures that the computers on the network meet an organization's security policies?
A: IDS
B: IPS
C: VPN
D: IPSec
E: DMZ
F: NAC
Question ID: CISSP-2018-RA-04-1-185
Question: Which of the following attacks send unsolicited information?
A: Bluejacking
B: War driving
C: Bluesnarfing
D: Spamming
E: A and D
Question ID: CISSP-2018-RA-04-1-186
Question: Which of the following attacks uses a type of ping packet called an ICMP ECHO REQUEST?
A: Ping of Death
B: Smurf
C: Fraggle
D: ICMP redirect
Question ID: CISSP-2018-RA-04-1-187
Question: Which is the process of foisting a phishing attack on a specific person rather than a random set of people?
A: Spear Phishing
B: Bluejacking
C: Cybersquatting
D: Domain Grabbing
Question ID: CISSP-2018-RA-04-1-188
Question: Which of the following devices tests your network's security to see if it can be penetrated from outside the network?
A: Protocol analyzer
B: Password cracker
C: Network analyzer
D: Port scanner
E: Vulnerability test
F: Penetration tester
G: Network mapper
H: A and D
I: None of the above
Question ID: CISSP-2018-RA-04-1-189
Question: Which of the following attacks sends several oversized packets?
A: Ping of Death
B: Smurf
C: Fraggle
D: ICMP redirect
Question ID: CISSP-2018-RA-04-1-190
Question: Which of the following devices obtains the topology of your network?
A: Protocol analyzer
B: Password cracker
C: Network analyzer
D: Port scanner
E: Vulnerability test
F: Penetration tester
G: Network mapper
H: None of the above
I: A and D
Question ID: CISSP-2018-RA-04-2-001
Question: Which of the following attacks pings every address and port number combination?
A: Session highjacking attack
B: Port scan
C: SYN ACK attack
D: IP address spoofing
Question ID: CISSP-2018-RA-04-2-002
Question: Which behavior can be described as interference to cables from sources such as machinery nearby?
A: RFI
B: EMI
C: Crosstalk
D: Attenuation
Question ID: CISSP-2018-RA-04-2-003
Question: Which of the following is referred to as Fast Ethernet?
A: 100 Mbps
B: 1000 Mbps
C: 10000 Mbps
D: 100000 Mbps
Question ID: CISSP-2018-RA-04-2-004
Question: Which two of the following are examples of packet-switched services?
A: Frame Relay
B: ISDN
C: X.25
D: PSTN
Question ID: CISSP-2018-RA-04-2-005
Question: Which behavior occurs when the signals from the two wires (or more) interfere with one another and distort the transmission?
A: RFI
B: EMI
C: Crosstalk
D: Attenuation
Question ID: CISSP-2018-RA-04-2-006
Question: Which of the following has one interface connected to the untrusted network, one to the internal network, and another to a part of the network called a Demilitarized Zone (DMZ)?
A: Dual-homed firewall
B: Three-legged firewall
C: Bastion host
D: Kernel proxy firewall
Question ID: CISSP-2018-RA-04-2-007
Question: Which behavior can be described as interference to cables from nearby radio signals?
A: RFI
B: EMI
C: Crosstalk
D: Attenuation
Question ID: CISSP-2018-RA-04-2-008
Question: Which of the following is an example of a fifth-generation firewall?
A: Dual-homed firewall
B: Three-legged firewall
C: Bastion host
D: Kernel proxy firewall
Question ID: CISSP-2018-RA-04-2-009
Question: Which behavior can be described as the weakening of the signal as it travels down the cable?
A: RFI
B: EMI
C: Crosstalk
D: Attenuation
Question ID: CISSP-2018-RA-04-2-010
Question: In which of the following attacks does the hacker attempts to place himself in the middle of an active conversation between two computers?
A: Session highjacking attack
B: Port scan
C: SYN ACK attack
D: IP address spoofing
Question ID: CISSP-2018-RA-04-2-079
Question: Which of the following secures credit card transaction information over the Internet and was proposed by Visa and MasterCard?
A: HTTPS
B: S-HTTP
C: SET
D: Cookies
Question ID: CISSP-2018-RA-04-2-080
Question: Which of the following can be used by attackers to discover a large amount of information about a user?
A: HTTPS
B: S-HTTP
C: SET
D: Cookies
Question ID: CISSP-2018-RA-04-2-096
Question: What is a zombie?
A: A group of compromised computers that are used to carry out an attack using a bot
B: The illegitimate use of either licensed software or an application
C: Using either a transmitting or a recording device to monitor the conversations between two individuals or companies with or without the approval of either party
D: A computer on which an application is installed that will be used to attack another computer or network at a later date
Question ID: CISSP-2018-RA-04-2-176
Question: Which of the following layers of the OSI model adds information that identifies the transport protocol in use and the specific port number that identifies the required Layer 7 protocol?
A: Session layer
B: Transport layer
C: Network layer
D: Data link layer
E: Physical layer
F: Application layer
G: Presentation layer
Question ID: CISSP-2018-RA-04-2-177
Question: Which of the following devices operate at Layer 3 of the OSI model?
A: Router
B: Repeater
C: Hub
D: Switch
E: Bridge
F: A and D
G: All the above
H: D and E
I: B and C
Question ID: CISSP-2018-RA-04-2-178
Question: At which of the following layers of the OSI model is information required to route the packet added?
A: Session layer
B: Transport layer
C: Network layer
D: Data link layer
E: Physical layer
F: Application layer
G: Presentation layer
Question ID: CISSP-2018-RA-04-2-179
Question: Which of the following layers of the TCP/IP model corresponds to the Network layer of the OSI model?
A: Host-to-host
B: Application
C: Internet
D: Network access
Question ID: CISSP-2018-RA-04-2-180
Question: Which of the following layers of the OSI model is responsible for determining what the MAC addresses should be used at each hop and adds them to the packet?
A: Session layer
B: Transport layer
C: Network layer
D: Data link layer
E: Physical layer
F: Application layer
G: Presentation layer
Question ID: CISSP-2018-RA-04-2-181
Question: Which of the following layers of the TCP/IP model corresponds to the transport layer of the OSI model?
A: Host-to-host
B: Application
C: Internet
D: Network access
Question ID: CISSP-2018-RA-04-2-182
Question: Which of the following commands can be used to determine the current network connections of a computer?
A: netstat
B: ipconfig
C: tracert
D: traceroute
E: ipconfig /all
F: ping
G: None of the above
H: B and E
Question ID: CISSP-2018-RA-04-2-183
Question: Which firewall type examines each packet and permits or denies it passage based on many factors, including the state table?
A: Stateful firewall
B: Bastion host
C: Proxy firewall
D: Packet-filtering firewall
Question ID: CISSP-2018-RA-04-2-184
Question: On which type of device are ACLs deployed?
A: Router
B: Hub
C: Repeater
D: MAU
Question ID: CISSP-2018-RA-04-2-185
Question: Which of the following attacks sends unsolicited e-mail messages?
A: Bluejacking
B: War driving
C: Bluesnarfing
D: Spamming
E: A and D
Question ID: CISSP-2018-RA-04-2-186
Question: Which of the following devices could determine if there is an FTP server in the network?
A: Protocol analyzer
B: Password cracker
C: Network analyzer
D: Port scanner
E: Vulnerability test
F: Penetration tester
G: Network mapper
H: A and D
I: None of the above
Question ID: CISSP-2018-RA-04-2-187
Question: Which of the following attacks sends packets with the IP address of a trusted system?
A: Bluejacking
B: War driving
C: Bluesnarfing
D: Spoofing
E: A and D
Question ID: CISSP-2018-RA-04-2-188
Question: Which of the following devices makes use of dictionary or brute force attacks?
A: Protocol analyzer
B: Password cracker
C: Network analyzer
D: Port scanner
E: Vulnerability test
F: Penetration tester
G: Network mapper
H: None of the above
I: A and B
Question ID: CISSP-2018-RA-04-2-189
Question: Which of the following attacks discovers unprotected wireless network?
A: Bluejacking
B: War driving
C: Bluesnarfing
D: Spamming
E: A and D
Question ID: CISSP-2018-RA-04-2-190
Question: Which of the following devices could be used to determine if the network is susceptible to a known security flaw?
A: Protocol analyzer
B: Password cracker
C: Network analyzer
D: Port scanner
E: Vulnerability test
F: Penetration tester
G: Network mapper
H: A and B
I: None of the above
Question ID: CISSP-2018-RA-04-2-195
Question: Which of the following displays a computer's IP address, subnet mask, and default gateway, DNS server, MAC address and other information?
A: netstat
B: ipconfig
C: tracert
D: traceroute
E: ipconfig /all
F: ping
G: B and E
H: none of the above
Question ID: CISSP-2018-RA-04-2-196
Question: Which of the following is a network device that detects a network intrusion and prevents the network intrusion?
A: IDS
B: IPS
C: VPN
D: IPsec
E: DMZ
F: NAC
Question ID: CISSP-2018-RA-04-2-197
Question: Which of the following displays a computer's IP address, subnet mask, and default gateway?
A: netstat
B: ipconfig
C: tracert
D: traceroute
E: ipconfig /all
F: ping
G: B and E
H: None of the above
Question ID: CISSP-2018-RA-04-2-198
Question: Which of the following commands tests connectivity between two devices?
A: netstat
B: ipconfig
C: tracert
D: traceroute
E: ipconfig /all
F: ping
G: B and E
H: None of the above
Question ID: CISSP-2018-RA-04-2-199
Question: Which of the following is a network device that detects network intrusion attempts and either logs the intrusion or contacts the appropriate personnel?
A: IDS
B: IPS
C: VPN
D: IPsec
E: DMZ
F: NAC
Question ID: CISSP-2018-RA-04-2-202
Question: Which of the following is a section of a network that is isolated from the rest of the network with firewalls?
A: IDS
B: IPS
C: VPN
D: IPsec
E: DMZ
F: NAC
Question ID: CISSP-2018-RA-04-3-137
Question: Which of the following layers of the OSI model is responsible for turning the information into bits (ones and zeros) and sending it out on the medium?
A: Session layer
B: Transport layer
C: Network layer
D: Data link layer
E: Physical layer
F: Application layer
G: Presentation layer
Question ID: CISSP-2018-RA-04-3-138
Question: Which of the following devices operate at Layer 1 of the OSI model?
A: Router
B: Repeater
C: Hub
D: Switch
E: Bridge
F: A and D
G: D and E
H: B and C
I: all of the above
Question ID: CISSP-2018-RA-04-3-139
Question: Which firewall type hides a packet's true origin before sending it through another network?
A: Stateful firewall
B: Bastion host
C: Proxy firewall
D: Packet-filtering firewall
Question ID: CISSP-2018-RA-04-3-140
Question: Which of the following is a router command used to determine the route a packet takes across an IP network?
A: netstat
B: ipconfig
C: tracert
D: traceroute
E: ipconfig /all
F: ping
G: None of the above
H: B and E
Question ID: CISSP-2018-RA-04-3-141
Question: Which of the following is a private network that users can connect to over a public network?
A: IDS
B: IPS
C: VPN
D: IPsec
E: DMZ
F: NAC
Question ID: CISSP-2018-RA-04-3-142
Question: Which of the following attacks gains unauthorized access through a Bluetooth connection?
A: Bluejacking
B: War driving
C: Bluesnarfing
D: Spamming
E: A and D
Question ID: CISSP-2018-RA-04-3-143
Question: Which of the following devices could be used to establish a performance baseline?
A: Protocol analyzer
B: Password cracker
C: Network analyzer
D: Port scanner
E: Vulnerability test
F: Penetration tester
G: Network mapper
H: None of the above
I: A and B
Question ID: CISSP-2018-RA-04-3-144
Question: Which attack is aimed at wireless networks?
A: Race condition
B: Emanations capturing
C: TOC/TOU attack
D: Maintenance hooks
E: Buffer overflow
Question ID: CISSP-2018-RA-04-3-145
Question: Which of the following attacks can be mitigated by staying up to date with system patches and implementing ingress filtering?
A: Man-in-the-middle
B: Mail bombing
C: Ping-of-death
D: Wardialing
Question ID: CISSP-2018-RA-04-3-146
Question: Which of the following protocols will populate the protocol field of the IP header with a value of 2?
A: TCP
B: UDP
C: ICMP
D: IGMP
E: L2TP
Question ID: CISSP-2018-RA-04-3-147
Question: Which of the following breaks messages down into small units of data?
A: Circuit switching
B: Packet switching
C: Message switching
D: A and B
E: none of the above
Question ID: CISSP-2018-RA-04-3-152
Question: Which of the following centralizes authentication?
A: Extranet
B: Screen scraper
C: TACACS+
D: RADIUS
E: None of the above
F: C and D
Question ID: CISSP-2018-RA-04-3-153
Question: With which variant of DSL does the data travel in both directions at the same rate?
A: HDSL
B: ADSL
C: IDSL
D: SDSL
Question ID: CISSP-2018-RA-04-3-154
Question: Which variant of DSL offers speeds up to 1.544 Mbps over regular UTP cable?
A: HDSL
B: ADSL
C: IDSL
D: SDSL
Question ID: CISSP-2018-RA-04-3-155
Question: Which variant of DSL provides faster download speed than upload speed?
A: HDSL
B: ADSL
C: IDSL
D: SDSL
Question ID: CISSP-2018-RA-04-4-137
Question: Which of the following layers of the OSI model receives the raw data from the application in use and provides services, such as file transfer and message exchange to the application?
A: Session layer
B: Transport layer
C: Network layer
D: Data link layer
E: Physical layer
F: Application layer
G: Presentation layer
Question ID: CISSP-2018-RA-04-4-138
Question: Which of the following devices could be used to learn a password if it is transmitted in clear text?
A: Protocol analyzer
B: Password cracker
C: Network analyzer
D: Port scanner
E: Vulnerability test
F: Penetration tester
G: Network mapper
H: None of the above
I: A and B
Question ID: CISSP-2018-RA-04-4-139
Question: Which of the following is a Windows command used to determine the route a packet takes across an IP network?
A: netstat
B: ipconfig
C: tracert
D: traceroute
E: ipconfig /all
F: ping
G: B and E
H: None of the above
Question ID: CISSP-2018-RA-04-4-140
Question: Which utility is a network protocol analyzer?
A: Snort
B: Tripwire
C: Ethereal
D: Nessus
Question ID: CISSP-2018-RA-04-4-141
Question: Which of the following has occurred when a computer is flooded with unauthorized service requests?
A: Penetration testing
B: DoS
C: Honeypot
D: File integrity checker
Question ID: CISSP-2018-RA-04-4-142
Question: It is reported that an attack seems to have been sourced partially from several of the computers in your network. Of which attack is this a symptom?
A: SMTP relay
B: Zombies
C: Trojan horse
D: Virus
Question ID: CISSP-2018-RA-04-4-143
Question: When a system experiences a denial-of-service attack, how will the event likely be reported by the user?
A: Blue screen of death
B: Random reboot
C: System locks up
D: No network access
Question ID: CISSP-2018-RA-04-4-144
Question: Which countermeasure is responsible for placing various components in security zones?
A: Access Control Services
B: Integrity Services
C: Boundary Control Services
D: Cryptography Services
E: Auditing and Monitoring Services
Question ID: CISSP-2018-RA-04-4-145
Question: Which of the following is also known as "store and forward”?
A: Circuit switching
B: Packet switching
C: Message switching
D: A and B
E: None of the above
Question ID: CISSP-2018-RA-04-4-146
Question: Which of the following protocols will populate the protocol field of the IP header with a value of 1?
A: TCP
B: UDP
C: ICMP
D: IGMP
E: L2TP
Question ID: CISSP-2018-RA-04-4-147
Question: Which of the following protocols will populate the protocol field of the IP header with a value of 17?
A: TCP
B: UDP
C: ICMP
D: IGMP
E: L2TP
Question ID: CISSP-2018-RA-04-4-152
Question: Which biometric method records fingerprint information from every finger as well as hand geometry information?
A: Palm scan
B: Keystroke dynamics
C: Vascular scan
D: Signature dynamics
E: Retinal scan
F: Iris scan
Question ID: CISSP-2018-RA-04-4-153
Question: Which biometric method scans the eyes blood vessel pattern?
A: Palm scan
B: Keystroke dynamics
C: Vascular scan
D: Signature dynamics
E: Retinal scan
F: Iris scan
Question ID: CISSP-2018-RA-04-4-154
Question: Which of the following enables two or more companies to share information and resources?
A: Extranet
B: Screen scraper
C: TACACS+
D: RADIUS
E: VLAN
F: None of the above
G: C and D
Question ID: CISSP-2018-RA-04-4-155
Question: Which of the following allows networks to be segmented logically without physically rewiring the network?
A: Extranet
B: Screen scraper
C: TACACS+
D: RADIUS
E: VLAN
F: None of the above
G: C and D
Question ID: CISSP-2018-RA-05-1-050
Question: Which lighting type uses sodium in an excited state to produce light?
A: Fluorescent
B: Mercury vapor
C: Sodium vapor
D: Quartz lamps
Question ID: CISSP-2018-RA-05-1-051
Question: What is the term for a file in a MAC environment?
A: Object
B: Label
C: Subject
D: Privilege
Question ID: CISSP-2018-RA-05-1-052
Question: What is required for each subject and object in a MAC environment?
A: Object
B: Label
C: Subject
D: Privilege
Question ID: CISSP-2018-RA-05-1-053
Question: In which biometric system is the distance between facial features measured and recorded?
A: Iris scan
B: Retina scan
C: Eigenfeatures facial scan
D: Eigenfaces facial scan
Question ID: CISSP-2018-RA-05-1-054
Question: In which biometric system are measurements of facial components gathered and compared to a set of standard faces?
A: Iris scan
B: Retina scan
C: Eigenfeatures facial scan
D: Eigenfaces facial scan
Question ID: CISSP-2018-RA-05-1-055
Question: Which of the following is a characteristic factor for authentication?
A: Biometrics
B: Password
C: PIN
D: Smart card
Question ID: CISSP-2018-RA-05-1-056
Question: Which of the following is a knowledge factor for authentication?
A: Biometrics
B: Password
C: Token
D: Smart card
Question ID: CISSP-2018-RA-05-1-057
Question: What is the purpose of an account lockout policy?
A: It configures the number of unique new passwords that must be associated with a user account before an old password can be reused.
B: It configures the maximum number of days a password can be used before the user must change it.
C: It ensures that an account can no longer be used after a certain number of unsuccessful login attempts.
D: It configures the fewest number of characters that can make up a password for a user account.
Question ID: CISSP-2018-RA-05-1-058
Question: What is the purpose of a password length policy?
A: It configures the number of unique new passwords that must be associated with a user account before an old password can be reused.
B: It configures the maximum number of days a password can be used before the user must change it.
C: It ensures that an account can no longer be used after a certain number of unsuccessful login attempts.
D: It configures the fewest number of characters that can make up a password for a user account.
Question ID: CISSP-2018-RA-05-1-059
Question: Which type of password is the same for each login?
A: Static password
B: One-time password
C: Complex password
D: Cognitive password
Question ID: CISSP-2018-RA-05-1-060
Question: Which type of password is used only once to log in to the access control system?
A: Static password
B: One-time password
C: Complex password
D: Cognitive password
Question ID: CISSP-2018-RA-05-1-094
Question: What is TEMPEST?
A: A United States law established in 2001 to reduce restrictions on the searches of telephone, e-mail communications, medical, financial, and other records
B: A type of attack that involves attempting to exploit or corrupt an enemy's information to gain military or economic advantage
C: A United States government program that reduces electronic equipment emanations
D: The U.S. government entity responsible for dealing with federal computer security incidents that occur in civilian agencies
Question ID: CISSP-2018-RA-05-1-106
Question: Which of the following is part of the identity provisioning life cycle?
A: Creation
B: Modification
C: Monitoring
D: Revocation
E: Statements a, c, and d only
F: Statements a, b, and d only
G: All the statements
Question ID: CISSP-2018-RA-05-1-191
Question: What is the final step in access control?
A: Identification
B: Authorization
C: Authentication
D: Accountability
Question ID: CISSP-2018-RA-05-1-192
Question: Which statement regarding identification and authentication is FALSE?
A: Identification is the act of a user professing an identity to an access control system.
B: Authentication is the act of validating a user with a unique identifier by providing the appropriate credentials.
C: Authentication occurs before identification.
D: None of the statements
E: All the statements
Question ID: CISSP-2018-RA-05-1-193
Question: Which of the following is an example of using two-factor authentication?
A: Password and a pin
B: Smart card and a password
C: Hand geometry scan and an iris scan
D: Password and keystroke dynamics
E: Statements a and b only
F: Statements b and c only
G: Statements b and d only
H: All the statements
Question ID: CISSP-2018-RA-05-1-194
Question: Which of the following statements regarding biometric access controls are TRUE?
A: A Type I error represents the percentage of users who are falsely rejected.
B: A Type II error represents the percentage of users who are falsely accepted.
C: The Type II value is calculated using the CER and Type II error.
D: The smaller the CER value, the less accurate the system.
E: Statements a and b only
F: Statements c and d only
G: Statements a, b, and c only
Question ID: CISSP-2018-RA-05-1-195
Question: Which of the following factors should you consider when selecting an authentication method?
A: Asset value
B: Threat level to asset
C: Potential countermeasures
D: Cost of countermeasures
E: Statements a and b only
F: Statements c and d only
G: All the statements
Question ID: CISSP-2018-RA-05-1-196
Question: Which of the following is a type of event that should be monitored?
A: Application events
B: User events
C: System events
D: Network events
E: Statements c and d only
F: All the statements
G: None of the statements
Question ID: CISSP-2018-RA-05-1-197
Question: How can geolocation be used as part of authentication?
A: It provides what a person knows.
B: It provides what a person possesses.
C: It provides what a person is.
D: It provides where a person is.
Question ID: CISSP-2018-RA-05-1-198
Question: Which of the following is NOT an example of directory services standards?
A: LDAP
B: X.400
C: X.500
D: Active Directory
E: None of the above
Question ID: CISSP-2018-RA-05-1-199
Question: Which of the following is NOT part of the identity provisioning process?
A: Creating accounts
B: Installing applications
C: Modifying user attributes
D: Managing account settings
Question ID: CISSP-2018-RA-05-1-200
Question: Over the past few years, your organization has merged several department networks into a single company network. As a result, each department has different methods for identity provisioning. Your company establishes a companywide provisioning policy to which all departments must transition. You have been asked to implement a solution that will allow users to use one account to log in to all systems across the departments. Which technology should you implement?
A: DAC
B: SSO
C: RBAC
D: IDS
E: IPS
Question ID: CISSP-2018-RA-05-1-201
Question: You have been asked to design the identity management system for a new organization. You must implement appropriate policies to ensure that all access control needs are met. Which of the following issues should you consider?
A: Identity consistency
B: System usability
C: System reliability
D: System scalability
E: A and b only
F: C and d only
G: All the statements
Question ID: CISSP-2018-RA-05-1-202
Question: Which of the following is a protocol that secures IP communication over a private or public network?
A: IDS
B: IPS
C: VPN
D: IPsec
E: DMZ
F: NAC
Question ID: CISSP-2018-RA-05-1-203
Question: Which of the following statements regarding data access control models are FALSE?
A: MAC is dependent on security labels.
B: DAC controls are determined by the data owner.
C: RBAC uses roles to provide access to the data.
D: Statements a and b only
E: Statements a and c only
F: Statements b and c only
G: None of the statements
Question ID: CISSP-2018-RA-05-1-204
Question: It is discovered that unknown software is using other application programs to execute and infect a system. Of which attack is this a symptom?
A: SMTP relay
B: Zombies
C: Trojan horse
D: Virus
Question ID: CISSP-2018-RA-05-1-205
Question: A user resigns from your company. His manager requests that you delete his user account. However, the manager requests that you ensure that all the user’s files will be accessible. What should you do?
A: Disable the user’s account.
B: Delete the user’s account.
C: Rename the user’s account.
D: Monitor the user’s account.
Question ID: CISSP-2018-RA-05-2-051
Question: What is the term for a user in a MAC environment?
A: Object
B: Label
C: Subject
D: Privilege
Question ID: CISSP-2018-RA-05-2-052
Question: What is the term for a clearance in a MAC environment?
A: Object
B: Label
C: Subject
D: Privilege
Question ID: CISSP-2018-RA-05-2-053
Question: In which biometric system are the colored portion of the eye, including all rifts, coronas, and furrows measured?
A: Iris scan
B: Retina scan
C: Eigenfeatures facial scan
D: Eigenfaces facial scan
Question ID: CISSP-2018-RA-05-2-054
Question: In which biometric system is the blood vessel pattern scanned?
A: Iris scan
B: Retina scan
C: Eigenfeatures facial scan
D: Eigenfaces facial scan
Question ID: CISSP-2018-RA-05-2-055
Question: Which of the following is a knowledge factor for authentication?
A: Biometrics
B: Token
C: PIN
D: Smart card
Question ID: CISSP-2018-RA-05-2-056
Question: Which of the following is an ownership factor for authentication?
A: Biometrics
B: Password
C: PIN
D: Smart card
Question ID: CISSP-2018-RA-05-2-057
Question: What is the purpose of a password history policy?
A: It configures the number of unique new passwords that must be associated with a user account before an old password can be reused.
B: It configures the maximum number of days a password can be used before the user must change it.
C: It ensures that an account can no longer be used after a certain number of unsuccessful login attempts.
D: It configures the fewest number of characters that can make up a password for a user account.
Question ID: CISSP-2018-RA-05-2-058
Question: What is the purpose of a password age policy?
A: It configures the number of unique new passwords that must be associated with a user account before an old password can be reused.
B: It configures the maximum number of days a password can be used before the user must change it.
C: It ensures that an account can no longer be used after a certain number of unsuccessful login attempts.
D: It configures the fewest number of characters that can make up a password for a user account.
Question ID: CISSP-2018-RA-05-2-059
Question: Which type of password includes a mixture of uppercase and lowercase letters, numbers, and special characters?
A: Static password
B: One-time password
C: Complex password
D: Cognitive password
Question ID: CISSP-2018-RA-05-2-060
Question: Which type of password is a piece of information that can be used to verify an individual’s identity by answering questions?
A: Static password
B: One-time password
C: Complex password
D: Cognitive password
Question ID: CISSP-2018-RA-05-2-191
Question: Which of the following connects a network sender and receiver by a single path for the duration of a conversation?
A: Circuit switching
B: Packet switching
C: Message switching
D: A and B
E: None of the above
Question ID: CISSP-2018-RA-05-2-192
Question: Your organization has grown tremendously over the past couple of years. As a result, management has decided to move from a centralized identity management system to a decentralized identity management system. What is one disadvantage of this move?
A: Enterprisewide policies are much harder to enforce.
B: Local administrators cannot define user/resource requirements.
C: Local administrators cannot manage the identity management system.
D: Access control decisions are made by the local administrators.
Question ID: CISSP-2018-RA-05-2-193
Question: Your organization’s management has decided to move from a decentralized identity management system to a centralized identity management system. What is one advantage of this move?
A: Enterprisewide policies are much easier to enforce.
B: Local administrators can define user/resource requirements.
C: Local administrators can manage the identity management system.
D: Access control decisions are made by the local administrators.
Question ID: CISSP-2018-RA-05-2-194
Question: Your organization wants to use a directory system for identity management. You need to research the statements and provide management with the advantages and disadvantages of each option. Which statements should you research?
A: LDAP
B: AD
C: HTTP
D: Kerberos
E: Statements a and b only
F: Statements b and c only
G: Statements c and d only
H: Statements a, b, and d only
I: All the statements
Question ID: CISSP-2018-RA-05-2-200
Question: What is the primary concern when establishing a password complexity policy?
A: Password strength
B: Password age
C: Password length
D: Password history
Question ID: CISSP-2018-RA-05-2-201
Question: You need to require users to change their password every 60 days. What password policy should you implement?
A: Password complexity
B: Password age
C: Password length
D: Password history
Question ID: CISSP-2018-RA-05-2-203
Question: Which of the following statements regarding access control models are TRUE?
A: A database view is an example of a constrained user interface.
B: A time-of-day login limitation is an example of context-based access control.
C: A capability table lists the access rights that a particular subject has to objects.
D: An ACL lists all the access rights that subjects have to a particular object.
E: Statements a and b only
F: Statements c and d only
G: All the statements
Question ID: CISSP-2018-RA-05-2-204
Question: Which of the following attacks can be mitigated by using digital signatures and mutual authentication?
A: Man-in-the-middle
B: Mail bombing
C: Ping-of-death
D: Wardialing
Question ID: CISSP-2018-RA-05-2-205
Question: Your organization is implementing a new termination policy. As part of this policy, the user account of any employee who is terminated from employment must be disabled but retained for 30 days. During that 30-day period, the employee’s supervisor can request access and ownership transfer of any files and data. After 30 days, the account should be deleted. Which step in the identity life cycle does this new policy affect the MOST?
A: Provisioning
B: Monitoring
C: Modifying
D: Revoking
Question ID: CISSP-2018-RA-05-3-148
Question: You need to require users to use a minimum number of characters in a password. What password policy should you implement?
A: Password complexity
B: Password age
C: Password length
D: Password history
Question ID: CISSP-2018-RA-05-3-149
Question: You need to prevent users from reusing passwords over time. What password policy should you implement?
A: Password complexity
B: Password age
C: Password length
D: Password history
Question ID: CISSP-2018-RA-05-3-150
Question: You need to ensure that users implement passwords that include uppercase and lowercase letters, numbers, and special characters. What password policy should you implement?
A: Password complexity
B: Password age
C: Password length
D: Password history
Question ID: CISSP-2018-RA-05-3-151
Question: Which biometric method scans the colored portion of the eye?
A: Palm scan
B: Keystroke dynamics
C: Vascular scan
D: Signature dynamics
E: Retinal scan
F: Iris scan
Question ID: CISSP-2018-RA-05-3-156
Question: Which MAC access security mode employs a single classification level?
A: Dedicated
B: System High
C: Multilevel
D: Compartmented
Question ID: CISSP-2018-RA-05-3-157
Question: In which MAC access security mode do all users have the same security clearance but they do not all possess a need-to-know for all the information in the system?
A: Dedicated
B: System High
C: Multilevel
D: Compartmented
Question ID: CISSP-2018-RA-05-3-158
Question: In which MAC access security mode must all users possess the highest security clearance, but they must also have a valid need-to-know, a signed NDA and formal approval for all information to which they need access?
A: Dedicated
B: System High
C: Multilevel
D: Compartmented
Question ID: CISSP-2018-RA-05-3-159
Question: Which of the following attacks can be mitigated by keeping telephone numbers private and implementing tight access control?
A: Man-in-the-middle
B: Mail bombing
C: Ping-of-death
D: Wardialing
Question ID: CISSP-2018-RA-05-3-160
Question: Your organization has implemented a new security policy that requires that all user accounts that have been inactive for more than 60 days are disabled. If an account remains inactive for a year, the account should be deleted. You set up an auditing policy that will report inactive accounts to an administrator. Which step in the identity life cycle does this new policy affect the MOST?
A: Provisioning
B: Reviewing
C: Revoking
D: Disabling
Question ID: CISSP-2018-RA-05-3-161
Question: Your organization has implemented a new security policy that requires that all user accounts should consist of the user’s first name followed by the user’s last name, separated using a period, as in john.doe. This new policy also states that when creating a new user account, administrators should assign the new user account a temporary password that must be changed by the user at the first login. Which step in the identity life cycle does this new policy affect the MOST?
A: Provisioning
B: Reviewing
C: Revoking
D: Monitoring
Question ID: CISSP-2018-RA-05-3-162
Question: During which step of the identity life cycle does auditing occur?
A: Revocation
B: Provisioning
C: Review
D: Creation
Question ID: CISSP-2018-RA-05-4-148
Question: Which of the following protocols will populate the protocol field of the IP header with a value of 6?
A: TCP
B: UDP
C: ICMP
D: IGMP
E: L2TP
Question ID: CISSP-2018-RA-05-4-149
Question: Which biometric method scans the pattern of veins in the user’s hand or face?
A: Palm scan
B: Keystroke dynamics
C: Vascular scan
D: Signature dynamics
E: Retinal scan
F: Iris scan
Question ID: CISSP-2018-RA-05-4-150
Question: Which biometric method measures the typing pattern of a user?
A: Palm scan
B: Keystroke dynamics
C: Vascular scan
D: Signature dynamics
E: Retinal scan
F: Iris scan
Question ID: CISSP-2018-RA-05-4-151
Question: Which biometric method measures stroke speed, pen pressure, and acceleration and deceleration while the user writes?
A: Palm scan
B: Keystroke dynamics
C: Vascular scan
D: Signature dynamics
E: Retinal scan
F: Iris scan
Question ID: CISSP-2018-RA-05-4-156
Question: Which of the following is a program that records the activity on a computer's display?
A: Extranet
B: Screen scraper
C: VLAN
D: TACACS+
E: RADIUS
F: C and D
G: None of the above
Question ID: CISSP-2018-RA-05-4-157
Question: Which MAC access security mode allows two or more classification levels of information to be processed at the same time?
A: Dedicated
B: System High
C: Multilevel
D: Compartmented
Question ID: CISSP-2018-RA-05-4-158
Question: It is discovered that unknown software is using covert channels to perform malicious activities, including planting a back door. Of which attack is this a symptom?
A: SMTP relay
B: Zombies
C: Trojan horse
D: Virus
Question ID: CISSP-2018-RA-05-4-159
Question: Your organization has adopted the following user account policies: 1. All user accounts must be at least eight characters in length. 2. All user accounts can contain letters, numerals, and special characters. 3. Inactive user accounts should be disabled after 60 days of inactivity. 4. User accounts belonging to terminated employees should be disabled at time of termination. 5. Disabled user accounts should be deleted after one year of inactivity. You need to determine which step of the identity life cycle that each of these policies affect. Which statement is TRUE regarding these policies?
A: Policy 1 affects the provisioning step of the identity life cycle.
B: Policy 1 and 2 affect the provisioning step of the identity life cycle.
C: Policy 2 and 3 affects the review step of the identity life cycle.
D: Policy 3, 4, and 5 affect the revocation step of the identity life cycle.
Question ID: CISSP-2018-RA-05-4-160
Question: Your organization has adopted the following user account policies: 1. All user accounts must be at least 10 characters in length. 2. All user accounts should contain the user’s first initial followed by the user’s last name. 3. Inactive user accounts should be disabled after 90 days of inactivity. 4. User accounts belonging to terminated employees should be deleted at time of termination. 5. Disabled user accounts should be deleted after one year of inactivity. Which statement affects the review step of the identity life cycle?
A: Policy 1 only
B: Policy 1 and 2 only
C: Policy 2 and 3 only
D: Policy 3 only
E: Policy 4 and 5 only
F: All the policies
Question ID: CISSP-2018-RA-05-4-161
Question: Your organization has adopted the following user account policies: 1. All user accounts must be at least eight characters in length. 2. All user accounts should contain the user’s first name followed by the user’s last name initial. 3. Inactive user accounts should be disabled after 60 days of inactivity. 4. User accounts belonging to terminated employees should be deleted at time of termination. 5. Disabled user accounts should be deleted after 180 days of inactivity. Which statement affects the revocation step of the identity life cycle?
A: Policy 1 only
B: Policy 1 and 2 only
C: Policy 2 and 3 only
D: Policy 3 only
E: Policy 4 and 5 only
F: All the policies
Question ID: CISSP-2018-RA-05-4-162
Question: Which step in a penetration test includes ports scans?
A: Discovery
B: Exploitation
C: Enumeration
D: Report
E: Vulnerability mapping
Question ID: CISSP-2018-RA-06-1-098
Question: Which type of vulnerability assessment reviews standard practices and procedures that users follow?
A: personnel testing
B: physical testing
C: system testing
D: network testing
Question ID: CISSP-2018-RA-06-1-099
Question: Which type of penetration testing is also referred to as closed or black box testing?
A: partial knowledge test
B: zero knowledge test
C: full knowledge test
D: blind test
Question ID: CISSP-2018-RA-06-1-100
Question: According to SP 800-92, which of the following is part of general log management functions?
A: log clearing
B: log rotation
C: log parsing
D: log reporting
Question ID: CISSP-2018-RA-06-1-206
Question: Which of the following steps should be part of a vulnerability analysis?
A: Discuss the systems with the business owners and stakeholders.
B: Examine the controls that are in place for the systems.
C: Identify the vulnerabilities for the systems.
D: Perform a penetration test.
E: Statements a and b only
F: Statements b and c only
G: Statements a, b, and c only
H: All the statements
Question ID: CISSP-2018-RA-06-1-207
Question: Which of the following are alternative terms for penetration testing?
A: Ethical hacking
B: White box testing
C: Grey box testing
D: Black box testing
E: vulnerability assessment
F: Statements b, c, and d only
G: Statements a and e only
Question ID: CISSP-2018-RA-06-1-208
Question: Which of the following statements regarding external penetration testing are TRUE?
A: This type of penetration testing originates from outside the organization’s network.
B: External testing targets the servers and devices that are invisible to anyone outside the network.
C: DNS and Web servers are prime targets during an external test.
D: Statements a and b only
E: Statements a and c only
F: Statements b and c only
G: All the statements
Question ID: CISSP-2018-RA-06-1-209
Question: Which of the following statements regarding blind testing are FALSE?
A: The testing team uses publicly available information to gain information about the organization’s network.
B: Blind testing is less expensive than targeted testing.
C: Blind testing is less time-consuming than targeted testing.
D: The internal staff is aware that an attack is coming.
E: Statements a and d only
F: Statements b and c only
G: Statements c and d only
Question ID: CISSP-2018-RA-06-1-210
Question: Which of the following procedures is an example of an operational control?
A: Backup control
B: Database management system
C: Identification and authentication of employees
D: Software testing
E: Antivirus management
F: A, D, and E only
G: A and D only
H: B and E only
I: None of the above
Question ID: CISSP-2018-RA-06-2-099
Question: Which of the following is the primary concern of NIST SP 800-137?
A: risk management
B: physical security
C: information security continuous monitoring
D: access control
Question ID: CISSP-2018-RA-06-2-100
Question: As part of security assessment and testing, which of the following should be part of collecting security process data?
A: Key performance indicators
B: log reviews
C: interface testing
D: penetration testing
Question ID: CISSP-2018-RA-06-2-206
Question: Which of the following statements regarding double-blind testing is TRUE?
A: A double-blind test is not as close to a real-life attack as a blind attack is.
B: The internal staff is not aware that an attack will occur.
C: This test requires more effort for the testing team than for the internal staff.
D: Statements a and b only
E: Statements b and c only
F: Statements a and c only
G: All the statements
Question ID: CISSP-2018-RA-06-2-207
Question: Which of the following is another name for black box testing?
A: Full knowledge testing
B: Partial knowledge testing
C: Zero knowledge testing
D: Targeted testing
E: Statements a and d only
F: Statements b and d only
G: Statements c and d only
Question ID: CISSP-2018-RA-06-2-208
Question: What is the correct order for penetration testing steps?
A: Discovery, enumeration, vulnerability analysis, execution, document findings
B: Discovery, vulnerability analysis, enumeration, execution, document findings
C: Discovery, enumeration, execution, vulnerability analysis, document findings
D: Discovery, execution, enumeration, vulnerability analysis, document findings
Question ID: CISSP-2018-RA-06-2-209
Question: During which step of penetration testing are ping sweeps and dumpster diving attacks performed?
A: Discovery
B: Enumeration
C: Vulnerability analysis
D: Execution
E: Document findings
Question ID: CISSP-2018-RA-06-2-210
Question: Which countermeasure tracks the activities of the users and of the operations of the system processes?
A: Access Control Services
B: Integrity Services
C: Boundary Control Services
D: Cryptography Services
E: Auditing and Monitoring Services
Question ID: CISSP-2018-RA-06-3-163
Question: Which of the following is used to assess systems vulnerability?
A: Penetration testing
B: DoS
C: Honeypot
D: File integrity checker
Question ID: CISSP-2018-RA-06-3-164
Question: Which step in a penetration test makes an attempt to gain unauthorized access?
A: Discovery
B: Exploitation
C: Enumeration
D: Report
E: Vulnerability mapping
Question ID: CISSP-2018-RA-06-3-165
Question: Which of the following tests is carried out only on specific areas or systems?
A: Double-blind test
B: Blind test
C: Targeted test
D: Penetration test
Question ID: CISSP-2018-RA-06-3-166
Question: Which of the following vulnerability tests should be performed annually?
A: War-dialing
B: Network scanning
C: Virus scanning
D: Penetration testing
E: Integrity checking
F: War driving
G: A and D only
H: B and C only
Question ID: CISSP-2018-RA-06-3-167
Question: Which of the following tests evaluates how the team reacts to the attack?
A: Double-blind test
B: Blind test
C: Targeted test
D: Penetration test
Question ID: CISSP-2018-RA-06-3-168
Question: Which of the following vulnerability tests should be performed weekly?
A: Wardialing
B: Network scanning
C: Virus scanning
D: Penetration testing
E: Integrity checking
F: Wardriving
G: C and F only
H: B and C only
Question ID: CISSP-2018-RA-06-3-169
Question: Which of the following tests comprises a category of tests that includes the other three options?
A: Double-blind test
B: Blind test
C: Targeted test
D: Penetration test
Question ID: CISSP-2018-RA-06-3-170
Question: Which of the following vulnerability tests should be performed monthly?
A: Wardialing
B: Network scanning
C: Virus scanning
D: Penetration testing
E: Integrity checking
F: Wardriving
G: B, C and E only
H: D and E only
Question ID: CISSP-2018-RA-06-4-163
Question: In which of the following tests does the security team of the network being tested knows about the test?
A: Double-blind test
B: Blind test
C: Targeted test
D: Penetration test
Question ID: CISSP-2018-RA-06-4-164
Question: Which step in a penetration test proposes countermeasures?
A: Discovery
B: Exploitation
C: Enumeration
D: Report
E: Vulnerability mapping
Question ID: CISSP-2018-RA-06-4-165
Question: Which of the following vulnerability tests should be performed quarterly?
A: Wardialing
B: Network scanning
C: Virus scanning
D: Penetration testing
E: Integrity checking
F: Wardriving
G: B, C and E only
H: D and E only
Question ID: CISSP-2018-RA-06-4-166
Question: Which step in a penetration test identifies security gaps?
A: Discovery
B: Exploitation
C: Enumeration
D: Report
E: Vulnerability mapping
Question ID: CISSP-2018-RA-06-4-167
Question: Which of the following vulnerability tests should be performed bimonthly?
A: Wardialing
B: Network scanning
C: Virus scanning
D: Penetration testing
E: Integrity checking
F: Wardriving
G: Vulnerability scanning
H: C and E only
I: B and C only
Question ID: CISSP-2018-RA-06-4-168
Question: Which step in a penetration test obtains information about the target?
A: Discovery
B: Exploitation
C: Enumeration
D: Report
E: Vulnerability mapping
Question ID: CISSP-2018-RA-06-4-169
Question: Which of the following types of evidence should be collected fifth in an investigation of a computer crime?
A: Memory contents
B: Raw disk blocks
C: Swap files
D: File system information
E: Network processes
F: System processes
Question ID: CISSP-2018-RA-06-4-170
Question: In which phase of embedded device analysis are checksums utilized?
A: Preservation
B: Collection
C: Analysis
D: Presentation
Question ID: CISSP-2018-RA-07-1-030
Question: Which administrative control prescribes that all users take time off?
A: Separation of duties
B: Job rotation
C: Need to Know/Least Privilege
D: Mandatory vacations
Question ID: CISSP-2018-RA-07-1-031
Question: Which redundancy method is a proprietary implementation?
A: RAID 0
B: RAID 1
C: RAID 2
D: RAID 3
E: RAID 5
F: RAID 7
Question ID: CISSP-2018-RA-07-1-032
Question: Which of the following describes the average amount of time it takes to get a device fixed and back online?
A: SAN
B: NAS
C: HSM
D: MTBF
E: MTTR
Question ID: CISSP-2018-RA-07-1-033
Question: In which RAID method is data written across all drives like striping and then parity information is written to a single dedicated drive?
A: RAID 0
B: RAID 1
C: RAID 2
D: RAID 3
E: RAID 5
F: RAID 7
Question ID: CISSP-2018-RA-07-1-034
Question: Input validation is an example of which preventative measure?
A: Clipping levels
B: Unscheduled reboots
C: Deviations from standards
D: Trusted path
E: Input/Output control
Question ID: CISSP-2018-RA-07-1-035
Question: Which of the following is a storage network or device that uses the same network as the LAN?
A: SAN
B: NAS
C: HSM
D: MTBF
E: MTTR
Question ID: CISSP-2018-RA-07-1-036
Question: Which preventative measure is a communication channel between the user or the program through which he is working and the trusted computer base?
A: Clipping levels
B: Unscheduled reboots
C: Deviations from standards
D: Trusted path
E: Input/Output control
Question ID: CISSP-2018-RA-07-1-037
Question: Which of the following describes how often a component fails on average?
A: SAN
B: NAS
C: HSM
D: MTBF
E: MTTR
Question ID: CISSP-2018-RA-07-1-038
Question: In which RAID method is data written across all drives like striping and then parity information is also distributed across all drives?
A: RAID 0
B: RAID 1
C: RAID 2
D: RAID 3
E: RAID 5
F: RAID 7
Question ID: CISSP-2018-RA-07-1-039
Question: Which administrative control calls for the training of multiple users to perform the duties of a position?
A: Separation of duties
B: Job rotation
C: Need to Know/Least Privilege
D: Mandatory vacations
Question ID: CISSP-2018-RA-07-1-040
Question: Which lighting type uses a low pressure mercury-vapor gas-discharge lamp?
A: Fluorescent
B: Mercury vapor
C: Sodium vapor
D: Quartz lamps
Question ID: CISSP-2018-RA-07-1-041
Question: Which lock type has metal projections inside the lock with which the key will match and enable opening the lock?
A: Warded
B: Tumbler
C: Combination
D: Cable
Question ID: CISSP-2018-RA-07-1-042
Question: Which type of glass is used in residential areas and is easily broken?
A: Standard
B: Tempered
C: Acrylic
D: Laminated
Question ID: CISSP-2018-RA-07-1-046
Question: Which detection system operates by detecting a break in an electrical circuit?
A: Passive infrared
B: Electromechanical
C: Photometric
D: Acoustical
E: Wave Motion
F: Capacitance
Question ID: CISSP-2018-RA-07-1-049
Question: Which detection system uses strategically placed microphones?
A: Passive infrared
B: Electromechanical
C: Photometric
D: Acoustical
E: Wave Motion
F: Capacitance
Question ID: CISSP-2018-RA-07-1-085
Question: Your organization needs an alternative facility that will enable the organization to recover as quickly as possible. Management is willing to allocate substantial monetary resources for this. Which site should you implement?
A: Cold site
B: Warm site
C: Hot site
D: Tertiary site
Question ID: CISSP-2018-RA-07-1-086
Question: Your organization currently has an alternative facility. After a recent business impact analysis, management has decided that the organization needs to implement another alternative site in case the other alternative site is unavailable. Which site should you implement?
A: Cold site
B: Warm site
C: Hot site
D: Tertiary site
Question ID: CISSP-2018-RA-07-1-087
Question: In which type of BCP test does a representative of each department or functional area thoroughly review the BCP’s accuracy?
A: Structured walk-through test
B: Full-interruption test
C: Functional drill
D: Evacuation drill
Question ID: CISSP-2018-RA-07-1-088
Question: Which type of BCP test involves a hard switchover from the primary facility to the alternative facility?
A: Structured walk-through test
B: Full-interruption test
C: Functional drill
D: Evacuation drill
Question ID: CISSP-2018-RA-07-1-090
Question: What is the purpose of any business continuity exercise or test?
A: To comply with applicable laws and regulations
B: To report to management
C: To reduce costs
D: To identify strengths and weaknesses
Question ID: CISSP-2018-RA-07-1-093
Question: Which of the following is NOT a rule of evidence?
A: Be accurate.
B: Be complete.
C: Be redundant.
D: Be convincing.
Question ID: CISSP-2018-RA-07-1-095
Question: Which evidence does not require any other corroboration and cannot be contradicted by any other evidence?
A: Corroborative evidence
B: Opinion evidence
C: Conclusive evidence
D: Circumstantial evidence
Question ID: CISSP-2018-RA-07-1-096
Question: Which evidence provides inference of information from other intermediate relevant facts?
A: Corroborative evidence
B: Opinion evidence
C: Conclusive evidence
D: Circumstantial evidence
Question ID: CISSP-2018-RA-07-1-097
Question: When evidence is seized, which principle should be emphasized?
A: Chain of custody
B: Prudent man rule
C: Due care
D: Due diligence
Question ID: CISSP-2018-RA-07-1-211
Question: In which step of a forensic investigation is the full incident reconstructed and documented?
A: Identifying the evidence
B: Presenting findings
C: Examining evidence
D: Decision
E: Preserving and collecting evidence
Question ID: CISSP-2018-RA-07-1-212
Question: Which evidence type is usually the original evidence and not a copy?
A: Best evidence
B: Secondary evidence
C: Direct evidence
D: Conclusive evidence
Question ID: CISSP-2018-RA-07-1-213
Question: In which step of a forensic investigation is reviewing audit logs, monitoring systems, analyzing user complaints, and analyzing detection mechanisms undertaken?
A: Identifying the evidence
B: Presenting findings
C: Examining evidence
D: Decision
E: Preserving and collecting evidence
Question ID: CISSP-2018-RA-07-1-214
Question: In which step of a forensic investigation is the guilt or innocence of the accused party determined?
A: Identifying the evidence
B: Presenting findings
C: Examining evidence
D: Decision
E: Preserving and collecting evidence
Question ID: CISSP-2018-RA-07-1-215
Question: Which step of a forensic investigation involves making system images and implementing chain of custody documenting the evidence?
A: Identifying the evidence
B: Presenting findings
C: Examining evidence
D: Decision
E: Preserving and collecting evidence
Question ID: CISSP-2018-RA-07-1-216
Question: Which of the following is NOT usually a policy that is implemented when designing an audit log strategy?
A: All failed logins should be audited.
B: All successful logins should be audited.
C: Audit logs should be reviewed on a regular basis.
D: Deletion of audit logs should be a two-man control.
E: Statements a and b only
F: Statements c and d only
G: All the statements
Question ID: CISSP-2018-RA-07-1-217
Question: When configuring the audit mechanism, which of the following events is NOT considered a system-level event?
A: Logon attempts
B: Authentication attempts
C: User and client computer lockout
D: System performance
Question ID: CISSP-2018-RA-07-1-218
Question: When configuring the audit mechanism, which of the following events is NOT considered an application-level event?
A: Devices used
B: Files open and closed
C: Error messages
D: Security violations
Question ID: CISSP-2018-RA-07-1-219
Question: When configuring the audit mechanism, which of the following events is NOT considered a user-level event?
A: Authentication attempts
B: Commands run
C: Security violations
D: Administration tools usage
Question ID: CISSP-2018-RA-07-1-220
Question: You are designing your company’s security audit log strategy. You have enabled several system-level, application-level, and user-level events. One of the events that you will be monitoring is failed login attempts. You configure the audit mechanism to notify the administrator if more than three failed login attempts from the same user account occur within a 1-hour period. What is the term used for this threshold that you are using?
A: Clipping level
B: Transaction trail
C: Keystroke monitoring
D: Intrusion detection
Question ID: CISSP-2018-RA-07-1-221
Question: Which of the following is NOT a component of configuration management?
A: Control
B: Status accounting
C: Initiation
D: Auditing
Question ID: CISSP-2018-RA-07-1-222
Question: Which concept ensures that more than one person is capable of performing a task?
A: Job rotation
B: Separation of duties
C: Split knowledge
D: Dual control
Question ID: CISSP-2018-RA-07-1-223
Question: After a recent organizational security audit, the security analysts recommended that a new security policy be implemented that requires two people to be present to open the safe. This is an example of which concept?
A: Job rotation
B: Separation of duties
C: Split knowledge
D: Dual control
Question ID: CISSP-2018-RA-07-1-224
Question: Your organization has recently implemented a new encryption scheme for communication with a governmental agency. The encryption key is broken into parts and distributed to different personnel throughout the organization. Each of these parts is needed to re-assemble the key. This is an example of which concept?
A: Job rotation
B: Separation of duties
C: Split knowledge
D: Dual control
Question ID: CISSP-2018-RA-07-1-225
Question: At which stage of incident response is the source of the incident or attack determined?
A: Analysis
B: Investigation
C: Tracking
D: Post-mortem
E: Triage
F: Recovery
G: Containment
Question ID: CISSP-2018-RA-07-1-226
Question: At which stage of incident response are lessons learned recorded?
A: Analysis
B: Investigation
C: Tracking
D: Post-mortem
E: Triage
F: Recovery
G: Containment
Question ID: CISSP-2018-RA-07-1-227
Question: What is the last step in the change control process?
A: The change is requested.
B: The change is documented in the change log.
C: The change is reported to management or the change control board (CCB).
D: The change is tested and presented.
Question ID: CISSP-2018-RA-07-1-228
Question: Which statement is true of the change management process?
A: Multiple changes to a computer system should NOT be made at the same time.
B: Multiple changes to a computer system should be implemented at the same time.
C: The change should be implemented prior to testing.
D: The change should be reported to management or the change control board before testing.
Question ID: CISSP-2018-RA-07-1-229
Question: Which technique allows replacing a piece of hardware in a computer while the computer is still operating?
A: Clustering
B: Hot swapping
C: Mirroring
D: RAID
Question ID: CISSP-2018-RA-07-1-230
Question: Which technique combines two or more servers that provide the same service?
A: Clustering
B: Hot swapping
C: Mirroring
D: RAID
Question ID: CISSP-2018-RA-07-1-231
Question: Which technique copies the contents of one hard drive to another?
A: Clustering
B: Hot swapping
C: Mirroring
D: RAID
E: C and D
Question ID: CISSP-2018-RA-07-1-232
Question: Which of the following is a family of hard drive technologies that provides fault tolerance and/or performance improvement?
A: Clustering
B: Hot swapping
C: Mirroring
D: RAID
E: C and D
Question ID: CISSP-2018-RA-07-1-233
Question: Which of the following RAID types provides no fault tolerance?
A: RAID 0
B: RAID 1
C: RAID 2
D: RAID 3
E: RAID 5
F: C, D and E only
G: C and D only
H: A , D and E only
Question ID: CISSP-2018-RA-07-1-234
Question: Who sets the overall goals of business continuity and disaster recovery?
A: BCP coordinator
B: BCP committee
C: Senior management
D: IT department
Question ID: CISSP-2018-RA-07-1-235
Question: As part of maintaining the business continuity plan, which of the following guidelines should your organization implement?
A: Review the plan at least every 2 years.
B: Review the plan when any significant change occurs.
C: Implement version control of all plans.
D: Store copies of the plans both onsite and offsite
E: Statements a, b, and c
F: Statements b, c, and d
G: Statements a, c, and d
H: All the statements
Question ID: CISSP-2018-RA-07-2-030
Question: Which administrative control prescribes that users should be given access only to resources required to do their job?
A: Separation of duties
B: Job rotation
C: Need to Know/Least Privilege
D: Mandatory vacations
Question ID: CISSP-2018-RA-07-2-031
Question: Which RAID method does not provide fault tolerance?
A: RAID 0
B: RAID 1
C: RAID 2
D: RAID 3
E: RAID 5
F: RAID 7
Question ID: CISSP-2018-RA-07-2-032
Question: Which of the following is composed of high capacity storage devices that are connected by a high-speed private (separate from the LAN) network using storage specific switches?
A: SAN
B: NAS
C: HSM
D: MTBF
E: MTTR
Question ID: CISSP-2018-RA-07-2-033
Question: In which RAID method is the data striped across all drives at the bit level rather than the byte level?
A: RAID 0
B: RAID 1
C: RAID 2
D: RAID 3
E: RAID 5
F: RAID 7
Question ID: CISSP-2018-RA-07-2-034
Question: Which preventative measure causes a recording of activities to begin when a certain level of occurrences is exceeded?
A: Clipping levels
B: Unscheduled reboots
C: Deviations from standards
D: Trusted path
E: Input/Output control
Question ID: CISSP-2018-RA-07-2-035
Question: Which administrative control prescribes that sensitive operations be divided among multiple users?
A: Separation of duties
B: Job rotation
C: Need to Know/Least Privilege
D: Mandatory vacations
Question ID: CISSP-2018-RA-07-2-036
Question: Which of the following is typically a sign of hardware problems of some sort?
A: Clipping levels
B: Unscheduled reboots
C: Deviations from Standards
D: Trusted path
E: Input/Output control
Question ID: CISSP-2018-RA-07-2-037
Question: Which of the following provides a continuous online backup by using optical or tape “jukeboxes"?
A: SAN
B: NAS
C: HSM
D: MTBF
E: MTTR
Question ID: CISSP-2018-RA-07-2-038
Question: Which RAID method uses two disks and writes a copy of the data to both disks?
A: RAID 0
B: RAID 1
C: RAID 2
D: RAID 3
E: RAID 5
F: RAID 7
Question ID: CISSP-2018-RA-07-2-039
Question: Which administrative control refers to training of multiple users to perform the duties of a position to help prevent fraud?
A: Separation of duties
B: Job rotation
C: Need to Know/Least Privilege
D: Mandatory vacations
Question ID: CISSP-2018-RA-07-2-043
Question: Which lighting type uses an ultraviolet light source?
A: Fluorescent
B: Mercury vapor
C: Sodium vapor
D: Quartz lamps
Question ID: CISSP-2018-RA-07-2-044
Question: Which lock type is used to secure a laptop?
A: Warded
B: Tumbler
C: Combination
D: Cable
Question ID: CISSP-2018-RA-07-2-045
Question: Which type of glass is heated to give it extra strength?
A: Standard
B: Tempered
C: Acrylic
D: Laminated
Question ID: CISSP-2018-RA-07-2-046
Question: Which type of extinguisher has a sprinkler head that holds a thermal-fusible link that must melt before the water is released?
A: Wet pipe
B: Dry pipe
C: Preaction
D: Deluge
Question ID: CISSP-2018-RA-07-2-047
Question: Which of the following is a prolonged power outage?
A: Surge
B: Brownout
C: Fault
D: Blackout
Question ID: CISSP-2018-RA-07-2-048
Question: Which fire extinguisher type is used for electrical equipment?
A: Class A
B: Class B
C: Class C
D: Class D
E: Class K
Question ID: CISSP-2018-RA-07-2-049
Question: Which detection system operates by identifying changes in heat waves in an area?
A: Passive infrared
B: Electromechanical
C: Photometric
D: Acoustical
E: Wave motion
F: Capacitance
Question ID: CISSP-2018-RA-07-2-085
Question: Management has decided that your organization needs to implement an alternative site. However, it is unwilling to provide funds for computers or telecommunications equipment. Its primary concern is the cost of the site. Which site should you implement?
A: Cold site
B: Warm site
C: Hot site
D: Tertiary site
Question ID: CISSP-2018-RA-07-2-086
Question: Management has decided that your organization needs to implement an alternative site. Although it is willing to allocate some funds to provide an infrastructure for the site, it cannot allocate enough funds to place computers at the new facility. Which site should you implement?
A: Cold site
B: Warm site
C: Hot site
D: Tertiary site
Question ID: CISSP-2018-RA-07-2-087
Question: Which type of BCP test tests a single department to see whether the department’s DRP is complete?
A: Structured walk-through test
B: Full-interruption test
C: Functional drill
D: Evacuation drill
Question ID: CISSP-2018-RA-07-2-088
Question: In which type of BCP test does the personnel follow the exiting or shelter-in-place guidelines for a particular disaster type?
A: Structured walk-through test
B: Full-interruption test
C: Functional drill
D: Evacuation drill
Question ID: CISSP-2018-RA-07-2-089
Question: You are responsible for maintaining the business continuity plan. You must ensure that the plan is updated as needed. When would you to need to update the business continuity plan?
A: Immediately after a BCP test
B: After applying the latest service packs and patches to client computers
C: After a user receives a promotion to another position in the organization
D: When an emergency response facility is located closer to your organization’s location
Question ID: CISSP-2018-RA-07-2-090
Question: Which of the following events should NOT result in an update in the business continuity plan?
A: Following a major organizational restructure
B: After upgrading the network from 100 Mbps to 1 Gbps
C: After installing and deploying a new application
D: After deploying a new website
Question ID: CISSP-2018-RA-07-2-093
Question: What is enticement?
A: When the negligence of one organization negatively affects another organization
B: Rule of law dictates that senior management conduct their duties with the care that ordinary, prudent people would exercise under similar circumstances
C: When a system has apparent flaws that were deliberately made available for penetration and exploitation
D: When an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account
Question ID: CISSP-2018-RA-07-2-094
Question: Which evidence supports another piece of evidence?
A: Corroborative evidence
B: Opinion evidence
C: Conclusive evidence
D: Circumstantial evidence
Question ID: CISSP-2018-RA-07-2-095
Question: Which evidence is based on what the witness thinks, feels, or infers regarding the facts?
A: Corroborative evidence
B: Opinion evidence
C: Conclusive evidence
D: Circumstantial evidence
Question ID: CISSP-2018-RA-07-2-097
Question: Which term is used to indicate when and where a crime occurred?
A: Motive
B: Opportunity
C: Means
D: Exigent circumstances
Question ID: CISSP-2018-RA-07-2-098
Question: What is a data haven?
A: A company that compiles, stores, and sells personal information
B: The illegitimate use of either licensed software or an application
C: A country that does not legally protect data
D: When a system has apparent flaws that were deliberately made available for penetration and exploitation
Question ID: CISSP-2018-RA-07-2-211
Question: In which step of a forensic investigation does evidence need to be presented in court?
A: Identifying the evidence
B: Presenting findings
C: Examining evidence
D: Decision
E: Preserving and collecting evidence
Question ID: CISSP-2018-RA-07-2-212
Question: Which evidence type does not require any other corroboration?
A: Best evidence
B: Secondary evidence
C: Direct evidence
D: Conclusive evidence
Question ID: CISSP-2018-RA-07-2-213
Question: Which evidence type proves or disproves a fact through oral testimony?
A: Best evidence
B: Secondary evidence
C: Direct evidence
D: Conclusive evidence
Question ID: CISSP-2018-RA-07-2-214
Question: Which of the following types of evidence should be collected first in an investigation of a computer crime?
A: Memory contents
B: Raw disk blocks
C: Swap files
D: File system information
E: Network processes
F: System processes