(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests. Mike Chapple

Чтение книги онлайн.

СКАЧАТЬ will Jim encounter if he is contracted to conduct a scan from off-site?The IP ranges are too large to scan efficiently.The IP addresses provided cannot be scanned.The IP ranges overlap and will cause scanning issues.The IP addresses provided are RFC 1918 addresses.

      17 Mark's company has been notified that there is a flaw in their web application. The anonymous individual has notified them that they have two weeks to fix it before the details of the flaw are published along with example exploit code. What industry norm is the individual who contacted Mark's company violating?Zero-day reportingEthical disclosureEthical hackingThe (ISC)2 vulnerability disclosure ethics statementFor questions 18–20, please refer to the following scenario:The company that Jennifer works for has implemented a central logging infrastructure, as shown in the following image. Use this diagram and your knowledge of logging systems to answer the following questions.

      18 Jennifer needs to ensure that all Windows systems provide identical logging information to the SIEM. How can she best ensure that all Windows desktops have the same log settings?Perform periodic configuration audits.Use Group Policy.Use Local Policy.Deploy a Windows syslog client.

      19 During normal operations, Jennifer's team uses the SIEM appliance to monitor for exceptions received via syslog. What system shown does not natively have support for syslog events?Enterprise wireless access pointsWindows desktop systemsLinux web serversEnterprise firewall devices

      20 What technology should an organization use for each of the devices shown in the diagram to ensure that logs can be time sequenced across the entire infrastructure?SyslogNTPLogsyncSNAP

      21 During a penetration test, Michelle needs to identify systems, but she hasn't gained sufficient access on the system she is using to generate raw packets. What type of scan should she run to verify the most open services?A TCP connect scanA TCP SYN scanA UDP scanAn ICMP scan

      22 During a port scan using nmap, Joseph discovers that a system shows two ports open that cause him immediate worry:21/open23/openWhat services are likely running on those ports?SSH and FTPFTP and TelnetSMTP and TelnetPOP3 and SMTP

      23 Aaron wants to validate his compliance with PCI-DSS. His company is a large commercial organization with millions of dollars in transactions a year. What is the most common method of conducting this type of testing for large organizations?Self-assessmentTo conduct a thirty-party assessment using COBITTo partner with another company and trade assessments between the organizationsTo conduct a third-party assessment using a qualified security assessor

      24 What method is commonly used to assess how well software testing covered the potential uses of an application?A test coverage analysisA source code reviewA fuzz analysisA code review report

      25 Testing that is focused on functions that a system should not allow is an example of what type of testing?Use case testingManual testingMisuse case testingDynamic testing

      26 What type of monitoring uses simulated traffic to a website to monitor performance?Log analysisSynthetic monitoringPassive monitoringSimulated transaction analysis

      27 Derek wants to ensure that his organization tracks all changes to accounts through their lifecycle. What type of tool should he invest in for his organization?A directory service like LDAPAn IAM systemAn SIEMAn EDR system

      28 Jim uses a tool that scans a system for available services and then connects to them to collect banner information to determine what version of the service is running. It then provides a report detailing what it gathers, basing results on service fingerprinting, banner information, and similar details it gathers combined with CVE information. What type of tool is Jim using?A port scannerA service validatorA vulnerability scannerA patch management tool

      29 Emily builds a script that sends data to a web application that she is testing. Each time the script runs, it sends a series of transactions with data that fits the expected requirements of the web application to verify that it responds to typical customer behavior. What type of transactions is she using, and what type of test is this?Synthetic, passive monitoringSynthetic, use case testingActual, dynamic monitoringActual, fuzzing

      30 What passive monitoring technique records all user interaction with an application or website to ensure quality and performance?Client/server testingReal user monitoringSynthetic user monitoringPassive user recording

      31 Earlier this year, the information security team at Jim's employer identified a vulnerability in the web server that Jim is responsible for maintaining. He immediately applied the patch and is sure that it installed properly, but the vulnerability scanner has continued to incorrectly flag the system as vulnerable. To deal with the issue so that it does not continue to be flagged incorrectly?Uninstall and reinstall the patch.Ask the information security team to flag the system as patched and not vulnerable to that particular flaw.Update the version information in the web server's configuration.Review the vulnerability report and use alternate remediation options.

      32 Angela wants to test a web browser's handling of unexpected data using an automated tool. What tool should she choose?NmapzzufNessusNikto

      33 STRIDE, which stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege, is useful in what part of application threat modeling?Vulnerability assessmentMisuse case testingThreat categorizationPenetration test planning

      34 Why should passive scanning be conducted in addition to implementing wireless security technologies like wireless intrusion detection systems?It can help identify rogue devices.It can test the security of the wireless network via scripted attacks.Their short dwell time on each wireless channel can allow them to capture more packets.They can help test wireless IDS or IPS systems.

      35 Paul is reviewing the approval process for a penetration test and wants to ensure that it has appropriate management review. Who should he ensure has approved the request for a penetration test for a business system?The change advisory boardSenior managementThe systems administrator for the systemThe service owner

      36 What term describes software testing that is intended to uncover new bugs introduced by patches or configuration changes?Nonregression testingEvolution testingSmoke testingRegression testing

      37 Which of the following tools cannot identify a target's operating system for a penetration tester?NmapNessusNiktosqlmap

      38 Susan needs to predict high-risk areas for her organization and wants to use metrics to assess risk trends as they occur. What should she do to handle this?Perform yearly risk assessments.Hire a penetration testing company to regularly test organizational security.Identify and track key risk indicators.Monitor logs and events using a SIEM device.

      39 What major difference separates synthetic and passive monitoring?Synthetic monitoring works only after problems have occurred.Passive monitoring cannot detect functionality issues.Passive monitoring works only after problems have occurred.Synthetic monitoring cannot detect functionality issues.For questions 40–42, please refer to the following scenario. Chris uses the standard penetration testing methodology shown here. Use this methodology and your knowledge of penetration testing to answer questions about tool usage during a penetration test.

      40 What task is the most important during Phase 1, Planning?Building a test labGetting authorizationGathering appropriate toolsDetermining if the test is white, black, or gray box

      41 Which of the following tools is most likely to be used during discovery?NessusjohnNmapNikto

      42 Which of these concerns is the most important to address during planning to ensure that the reporting phase does not cause problems?Which CVE format to useHow the vulnerability data will be stored and sentWhich targets are off-limitsHow long the report should be

      43 What four types of coverage criteria are commonly СКАЧАТЬ