(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests. Mike Chapple
Чтение книги онлайн.

Читать онлайн книгу (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests - Mike Chapple страница 20

СКАЧАТЬ effectively control the access to and distribution of these files?EDMEncryptionDigital signaturesDRM

      94 As part of his team's forensic investigation process, Matt signs out drives and other evidence from an evidence storage facility before working with them. What type of documentation is he creating?CriminalChain of custodyCivilCYA

      95 Todd believes that a digital certificate used by his organization has been compromised and he wants to add it to the certificate revocation list (CRL). What element of the certificate goes on the CRL?Serial numberPublic keyDigital signaturePrivate key

      96 Alison is examining a digital certificate presented to her by her bank's website. Which one of the following requirements is not necessary for her to trust the digital certificate?She knows that the server belongs to the bank.She trusts the certificate authority.She verifies that the certificate is not listed on a CRL.She verifies the digital signature on the certificate.

      97 Which one of the following is an example of a covert timing channel when used to exfiltrate information from an organization?Sending an electronic mail messagePosting a file on a peer-to-peer file sharing service Typing with the rhythm of Morse codeWriting data to a shared memory space

      98 Which one of the following would be a reasonable application for the use of self-signed digital certificates?Digital commerce websiteBanking applicationInternal scheduling applicationCustomer portal

      99 Ron is investigating a security incident that took place at a highly secure government facility. He believes that encryption keys were stolen during the attack and finds evidence that the attackers used dry ice to freeze an encryption component. What type of attack was likely attempted?Side channel attackBrute-force attackTiming attackFault injection attack

      100 Match the following numbered security models with the appropriate lettered security descriptions:Security modelsClark-WilsonGraham-DenningBell-LaPadulaBibaDescriptionsThis model blocks lower-classified objects from accessing higher-classified objects, thus ensuring confidentiality.The * property of this model can be summarized as “no write-up.”This model uses security labels to grant access to objects via transformation procedures and a restricted interface model.This model focuses on the secure creation and deletion of subjects and objects using eight primary protection rules or actions.

      101 Match each of these following numbered architecture security concepts with the appropriate lettered description:Architectural security conceptsTime of checkCovert channelTime of useMaintenance hooksParameter checkingRace conditionDescriptionsA method used to pass information over a path not normally used for communicationThe exploitation of the reliance of a system's behavior on the sequence of events that occur externallyThe time at which the subject checks whether an object is availableThe time at which a subject can access an objectAn access method known only to the developer of the systemA method that can help prevent buffer overflow attacks

       SUBDOMAINS:

       4.1 Assess and implement secure design principles in network architectures

       4.2 Secure network components

       4.3 Implement secure communication channels according to design

      1 Gary wants to distribute a large file and prefers a peer-to-peer CDN. Which of the following is the most common example of this type of technology?CloudFlareBitTorrentAmazon CloudFrontAkamai Edge

      2 During a security assessment of a wireless network, Jim discovers that LEAP is in use on a network using WPA. What recommendation should Jim make?Continue to use LEAP. It provides better security than TKIP for WPA networks.Use an alternate protocol like PEAP or EAP-TLS and implement WPA2 if supported.Continue to use LEAP to avoid authentication issues, but move to WPA2.Use an alternate protocol like PEAP or EAP-TLS, and implement Wired Equivalent Privacy to avoid wireless security issues.

      3 Ben has connected his laptop to his tablet PC using an 802.11ac connection. What wireless network mode has he used to connect these devices?Infrastructure modeWired extension modeAd hoc modeStandalone mode

      4 Selah's and Nick's PCs simultaneously send traffic by transmitting at the same time. What network term describes the range of systems on a network that could be affected by this same issue?The subnetThe supernetA collision domainA broadcast domain

      5 Sarah is manually reviewing a packet capture of TCP traffic and finds that a system is setting the RST flag in the TCP packets it sends repeatedly during a short period of time. What does this flag mean in the TCP packet header?RST flags mean “Rest.” The server needs traffic to briefly pause.RST flags mean “Relay-set.” The packets will be forwarded to the address set in the packet.RST flags mean “Resume Standard.” Communications will resume in their normal format.RST means “Reset.” The TCP session will be disconnected.

      6 Gary is deploying a wireless network and wants to deploy the fastest possible wireless technology. Which one of the following wireless networking standards should he use?802.11a802.11g802.11n802.11ac

      7 Michele wants to replace FTP traffic with a secure replacement. What secure protocol should she select instead?TFTPHFTPSSecFTPSFTP

      8 Jake has been told that there is a layer 3 problem with his network. Which of the following is associated with layer 3 in the OSI model?IP addressesTCP and UDP protocolsMAC addressesSending and receiving bits via hardware

      9 Frank is responsible for ensuring that his organization has reliable, supported network hardware. Which of the following is not a common concern for network administrators as they work to ensure their network continues to be operational?If the devices have vendor supportIf the devices are under warrantyIf major devices support redundant power suppliesIf all devices support redundant power supplies

      10 Brian is selecting an authentication protocol for a PPP connection. He would like to select an option that encrypts both usernames and passwords and protects against replay using a challenge/response dialog. He would also like to reauthenticate remote systems periodically. Which protocol should he use?PAPCHAPEAPLEAP

      11 Which one of the following protocols is commonly used to provide back-end authentication services for a VPN?HTTPSRADIUS ESPAH

      12 Isaac wants to ensure that his VoIP session initialization is secure. What protocol should he ensure is enabled and required?SVOIPPBSXSIPSSRTPFor questions 13–15, please refer to the following scenario and diagram:Chris is designing layered network security for his organization.

      13 What type of firewall design is shown in the diagram?A single-tier firewallA two-tier firewallA three-tier firewallA four-tier firewall

      14 If the VPN grants remote users the same access to network and system resources as local workstations have, what security issue should Chris raise?VPN users will not be able to access the web server.There is no additional security issue; the VPN concentrator's logical network location matches the logical network location of the workstations. Web server traffic is not subjected to stateful inspection.VPN users should only connect from managed PCs.

      15 If Chris wants to stop cross-site scripting attacks against the web server, what is the best device for this purpose, and where should he put it?A firewall, location AAn IDS, location AAn IPS, location BA WAF, location C

      16 Susan is deploying a routing protocol that maintains a list of destination networks with metrics that include the distance in hops to them and the direction traffic should be sent to them. What type of protocol СКАЧАТЬ