(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests. Mike Chapple

Чтение книги онлайн.

СКАЧАТЬ style="font-size:15px;">      67 In a software as a service cloud computing environment, who is normally responsible for ensuring that appropriate firewall controls are in place to protect the application?Customer's security teamVendorCustomer's networking teamCustomer's infrastructure management team

      68 Alice has read permissions on an object, and she would like Bob to have those same rights. Which one of the rules in the Take-Grant protection model would allow her to complete this operation?Create ruleRemove ruleGrant ruleTake rule

      69 As part of his incident response process, Charles securely wipes the drive of a compromised machine and reinstalls the operating system (OS) from original media. Once he is done, he patches the machine fully and applies his organization's security templates before reconnecting the system to the network. Almost immediately after the system is returned to service, he discovers that it has reconnected to the same botnet it was part of before. Where should Charles look for the malware that is causing this behavior?The operating system partitionThe system BIOS or firmwareThe system memoryThe installation media

      70 Lauren implements ASLR to help prevent system compromises. What technique has she used to protect her system?EncryptionMandatory access controlMemory address randomizationDiscretionary access control

      71 Alan intercepts an encrypted message and wants to determine what type of algorithm was used to create the message. He first performs a frequency analysis and notes that the frequency of letters in the message closely matches the distribution of letters in the English language. What type of cipher was most likely used to create this message?Substitution cipherAESTransposition cipher3DES

      72 The Double DES (2DES) encryption algorithm was never used as a viable alternative to the original DES algorithm. What implementation attack is 2DES vulnerable to that does not exist for the DES or 3DES approach?Chosen ciphertextBrute forceMan-in-the-middleMeet-in-the-middle

      73 Grace would like to implement application control technology in her organization. Users often need to install new applications for research and testing purposes, and she does not want to interfere with that process. At the same time, she would like to block the use of known malicious software. What type of application control would be appropriate in this situation?BlacklistingGraylistingWhitelistingBluelisting

      74 Warren is designing a physical intrusion detection system for use in a sensitive media storage facility and wants to include technology that issues an alert if the communications lines for the alarm system are unexpectedly cut. What technology would meet this requirement?Heartbeat sensorEmanation securityMotion detectorFaraday cage

      75 John and Gary are negotiating a business transaction, and John must demonstrate to Gary that he has access to a system. He engages in an electronic version of the “magic door” scenario shown here. What technique is John using?Split-knowledge proofZero-knowledge proofLogical proofMathematical proof

      76 After scanning all of the systems on his wireless network, Mike notices that one system is identified as an iOS device running a massively out-of-date version of Apple's mobile operating system. When he investigates further, he discovers that the device is an original iPad and that it cannot be updated to a current secure version of the operating system. What would be the best option for handling this device?Retire or replace the device.Isolate the device on a dedicated wireless network.Install a firewall on the tablet.Reinstall the OS.

      77 Tonya believes that an attacker was able to eavesdrop on legitimate HTTPS communications between her users and remote web servers by engaging in a DNS poisoning attack. After conducting DNS poisoning, what technique would an attacker likely use to conduct this eavesdropping?Man-in-the-middleBrute-forceTimingMeet-in-the-middle

      78 Howard is choosing a cryptographic algorithm for his organization, and he would like to choose an algorithm that supports the creation of digital signatures. Which one of the following algorithms would meet his requirement?RSA3DESAESBlowfish

      79 Laura is responsible for securing her company's web-based applications and wants to conduct an educational program for developers on common web application security vulnerabilities. Where can she turn for a concise listing of the most common web application issues?CVENSAOWASPCSA

      80 The Bell-LaPadula and Biba models implement state machines in a fashion that uses what specific state machine model?Information flowNoninterferenceCascadingFeedback

      81 During a third-party vulnerability scan and security test, Danielle's employer recently discovered that the embedded systems that were installed to manage her company's new buildings have a severe remote access vulnerability. The manufacturer has gone out of business, and there is no patch or update for the devices. What should Danielle recommend that her employer do about the hundreds of devices that are vulnerable?Identify a replacement device model and replace every device.Turn off all of the devices.Move the devices to a secure and isolated network segment.Reverse engineer the devices and build an in-house patch.

      82 What type of motion detector senses changes in the electromagnetic fields in monitored areas?InfraredWave patternCapacitancePhotoelectric

      83 Mike has been tasked with preventing an outbreak of malware like Mirai, a botnet that targeted IP-based cameras and routers. What type of systems should be protected in his organization?ServersSCADAMobile devicesInternet of Things (IoT) devices

      84 Which one of the following statements is correct about the Biba model of access control?It addresses confidentiality and integrity.It addresses integrity and availability.It prevents covert channel attacks.It focuses on protecting objects from integrity threats.

      85 In Transport Layer Security, what type of key is used to encrypt the actual content of communications between a web server and a client?Ephemeral session keyClient's public keyServer's public keyServer's private key

      86 Beth would like to include technology in a secure area of her data center to protect against unwanted electromagnetic emanations. What technology would assist her with this goal?Heartbeat sensorFaraday cage PiggybackingWPA2

      87 In a virtualized computing environment, what component is responsible for enforcing separation between guest machines?Guest operating systemHypervisorKernelProtection manager

      88 Rick is an application developer who works primarily in Python. He recently decided to evaluate a new service where he provides his Python code to a vendor who then executes it on their server environment. What type of cloud computing environment is this service?SaaSPaaSIaaSCaaS

      89 A component failure in the primary HVAC system leads to a high temperature alarm in the data center that Kim manages. After resolving the issue, what should Kim consider to prevent future issues like this?A closed loop chillerRedundant cooling systemsSwamp coolersRelocating the data center to a colder climate

      90 Tommy is planning to implement a power conditioning UPS for a rack of servers in his data center. Which one of the following conditions will the UPS be unable to protect against if it persists for an extended period of time?FaultBlackoutSagNoise

      91 Which one of the following humidity values is within the acceptable range for a data center operation?0 percent10 percent25 percent40 percent

      92 Kristen's organization suffered a ransomware infection and has lost access to critical business data. She is considering paying the ransom to regain access to her data. Which of the following statements about this payment are correct? (Select all that apply.)Payment of the ransom may be illegal.Payment of the ransom may result in further demands for payments.Payment of the ransom guarantees access to the decryption key.Payment of the ransom may cause a data breach.

      93 Alex's employer creates most of their work output as PDF files. Alex is concerned about limiting the audience for the PDF files to those individuals who have СКАЧАТЬ