CISSP Practice question #204

Prior to us deploying honeypots and honeynets who should sign off on the deployment?
A: Our HR and payroll team.
B: Senior management.
C: The engineer deploying it.
D: A judge.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


B: Get approval from senior management and your legal department before deploying honeypots or honey nets, legal would know the legal ramifications and senior management are ultimately liable. Both can pose legal and practical risks.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #203

We have implemented different types of anti-virus throughout our organization. Which type of anti-virus can produce a lot of false positives?
A: Heuristic.
B: Signature.
C: Formal.
D: Embedded.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


A: Antivirus Software – tries to protect us against malware. Heuristic (Behavioral) based – looks for abnormal behavior – can result in a lot of false positives.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #202

Which of these protocols is the most commonly used for remote management of routers and switches?
A: Kerberos.
B: RADIUS.
C: DIAMETER.
D: LDAP.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


B: RADIUS (Remote Authentication Dial-In User Service): A networking protocol that provides centralized Authentication, Authorization, and Accounting management for users who connect and use a network service. Widely used by ISP’s (Internet service providers) and large organizations to manage access to IP networks, AP’s, VPN’s, Servers, 802.1x, … Uses a client/server protocol that runs in the application layer, and can use either TCP or UDP as transport. Network access servers, the gateways that control access to a network, usually contain a RADIUS client component that communicates with the RADIUS server. Use UDP ports 1812 for authentication and 1813 for accounting, can use TCP as the transport layer with TLS for security.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #201

Which subplan would we look at in our Business Continuity Plan (BCP) for dealing with the press and alerting employees about disasters?
A: COOP.
B: CCP.
C: OEP.
D: CIRP.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


B: Crisis Communications Plan: A subplan of the CMP. How we communicate internally and externally during a disaster. Who is permitted to talk to the press? Who is allowed to communicate what to whom internally?

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #200

We are implementing governance standard and control frameworks focused on internal risk analysis. What should we implement?
A: COBIT.
B: ITIL.
C: COSO.
D: FRAP

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests

Answer


D: FRAP (Facilitated Risk Analysis Process) analyses one business unit, application or system at a time in a roundtable brainstorm with internal employees. Impact analyzed, Threats and Risks Prioritized.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #199

Which of these are not considered useful in authentication?
A: Something you are.
B: Something you know.
C: Something you believe.
D: Something you have.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests

Answer


C: Something you know – Type 1 Authentication (passwords, pass phrase, PIN etc.). Something you have – Type 2 Authentication (ID, Passport, Smart Card, Token, cookie on PC etc.). Something you are – Type 3 Authentication (and Biometrics) (Fingerprint, Iris Scan, Facial geometry etc.). Somewhere you are – Type 4 Authentication (IP/MAC Address). Something you do – Type 5 Authentication (Signature, Pattern unlock).

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #198

Rearranging the plaintext is called?
A: Confusion.
B: Diffusion.
C: Substitution
D: Permutation.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


D: Permutation (transposition) provides confusion by rearranging the characters of the plaintext.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #197

Disk striping needs at least how many disks?
A: 1
B: 2
C: 3
D: 4

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


B: Disk striping: Writing the data simultaneously across multiple disks providing higher write speed. Uses at least 2 disks, and in it self does not provide redundancy. We use parity with striping for the redundancy, often by XOR, if we use parity for redundancy we need at least 3 disks.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #196

Penetration testers with full physical access to our facility has found PHI hard copies laying around which of our policies are our employees not following?
A: Clean desk policy.
B: BYOD policy.
C: Wireless policy.
D: Shred policy.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


A: Clean desk policy requires employees to not have sensitive (or any at all) paperwork on their desks unless they are at the desk. If they are done with the paperwork they should dispose of it, if not lock it away.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

My thoughts on the April 15th CISSP curriculum updates.

TL;DR; No need to buy new study materials, the changes are 1% or less, it is just reshuffling of knowledge areas.

With the updates to the CISSP curriculum I figured I would also give my 2 cents on the updates.

The updates are mostly on the organizational side of the curriculum, and not the actual content. It is mostly renaming, reorganizing and domain weight redistribution.

As a teacher I will buy the new books as soon as they are out (they are already pre-ordered).

If I was studying for the CISSP, I probably would not buy anything to replace my old materials, the changes being 1% actual updates or less.

That really goes for any study materials: Books, videos, practice tests, pod casts, anything.
If you have the 2015 versions, buying newer versions would not help you really.

I am going to update my practice tests in early May with questions from some of the actual updates (attribute-based access control, asset management, more IOT, more AI and some standards).

Previous domain name/weight:                   New domain name/weight:

Domain 1:
Security and Risk Management – 16%        Security and Risk Management – 15%
Mostly format and name changes of content. 0-1% update on actual curriculum.

Domain 2:
Asset Security – 10%                                      Asset Security – 10%
Cryptography moved to domain 3 where it should be and smaller format and name changes of content. 0-1% update on actual curriculum.

Domain 3:
Security Engineering – 12%                            Security Architecture and Engineering – 13%
Mostly format and name changes of content. 1-2% update on actual curriculum, mostly IOT and newer technologies, which are already on the exam and Cryptography being moved in from other domains.

Domain 4:
Communications and Network Security – 12%   Communication and Network Security – 14%
Cryptography moved to domain 3 where it should be and smaller format and name changes of content. 0-1% update on actual curriculum.

Domain 5:
Identity and Access Management – 13%         Identity and Access Management (IAM) – 13%
Mostly format and name changes of content. 0-1% update on actual curriculum.

Domain 6:
Security and Assessment Testing – 11%           Security Assessment and Testing – 12%
Mostly format and name changes of content. 0-1% update on actual curriculum.

Domain 7:
Security Operations – 16%                                 Security Operations – 13%
Mostly format and name changes of content. 0-1% update on actual curriculum.

Domain 8:
Software Development Security – 10%              Software Development Security – 10%
Mostly format and name changes of content. 0-1% update on actual curriculum.

If you have any questions about the upcoming changes feel free to post on this thread.

I hope I can help you get certified,

Thor

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading
1 2 3 22