CISSP Practice question #97

What is the primary reason we use a specific server for storing logs with limited admin access?
A: To have logs available for analysis.
B: To ensure the logs integrity.
C: For the SEIM to be able to access them.
D: For redundancy.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


B: We want to ensure our central log repository is not tempered with by staff or attackers. While it also can provide redundancy it is not the main reason. The SEIM can access logs where ever they may be.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #96

Who and what do you not promise to protect in the ISC2 code of ethics?
A: Society.
B: Your organization.
C: Infrastructure.
D: The common good.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests

Answer


B: While your organization is important, it is not part of the ISC2 code of ethics. The common good, infrastructure and society is.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #95

Jane has been tasked with implementing multifactor authentication at our organization. The request from senior management is to make it secure, but also to protect employees privacy and not inadvertently record something that could reveal private employee health information. What are some good reasons to not use biometric authentication in Janes implementation?
A: It can reveal private employee information.
B: It is wrong more often than not.
C: Biometrics often change.
D: Biometrics are easily copied.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


A: Something you are – Type 3 Authentication (Biometrics): Can inadvertently breach our employees privacy: Some fingerprint patterns are related to chromosomal diseases. Iris patterns could reveal genetic sex, retina scans can show if a person is pregnant or diabetic. Hand vein patterns could reveal vascular diseases. Most behavioral biometrics could reveal neurological diseases, etc.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #94

What does digital signatures provide?
A: Confidentiality.
B: Availability.
C: Non-repudiation.
D: Authentication.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


C: Digital Signatures: Provides Integrity and Non-Repudiation.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #93

What are we dealing with when we do data disposal?
A: Data remanence.
B: How long we keep the data.
C: The data content.
D: The data in use.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


A: When we dispose of our data media we are making sure there is no data remanence on our hard disks, tapes, etc.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #92

In software testing, unit testing would test what?
A: The functionality of a specific section of code.
B: Interfaces between components against the software design.
C: Data handling passed between different units or subsystems.
D: Processes and security alerts when encountering errors.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


A: Unit testing: Tests that verify the functionality of a specific section of code. In an object-oriented environment, this is usually at the class level, and the minimal unit tests include the constructors and destructors. Usually written by developers as they work on code (white-box), to ensure that the specific function is working as expected.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #91

Attackers are using DDOS attacks on our organization using MAC flood, what does that attack do?
A: Opens many TCP sessions but never replies to the ACK from the host.
B: Sends many user datagram protocol packets.
C: Sends many ethernet frames, each with different media access control addresses,
D: Sends many IP addresses to a router.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


C: An attacker sends multiple dummy Ethernet frames, each with a different MAC address, Network switches treat MAC addresses separately, and hence reserve some resources for each request. When all the memory in a switch is used up, it either shuts down or becomes unresponsive. In a few types of routers, a MAC flood attack may cause these to drop their entire routing table, thus disrupting the whole network under its routing domain.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #90

What type of fire extinguisher should you use on metal fires?
A: Wet chemical.
B: Dry powder.
C: Soda-Acid.
D: Class A.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


B: Dry Powder Extinguishers (sodium chloride, graphite, ternary eutectic chloride). Lowers the temperature and removes oxygen in the area. Primarily used for metal fires (sodium, magnesium, graphite).

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #89

Replacing one character with another is called?
A: Confusion.
B: Diffusion.
C: Substition.
D: Permutation.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


C: Substitution replaces one character for another, this provides diffusion.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #88

An attacker has discovered an SSID from our organization what is he looking to attack in his initial attack?
A: Our switches.
B: Our servers.
C: Our wireless.
D: Our firewall.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


C: SSIDs are the names of our wireless access points, if an attacker has that it is likely that is the next target. SSIDs are easy to discover.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading