CISSP Practice question #59

Which type of ATSM standard gate would you have at your house?
A: Class I.
B: Class III.
C: Class IV.
D: Class XI.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


A: Gate ATSM Standards: Class I Residential (your house).

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #58

Which of these indicates the average time between hardware failures?
A: MTBF.
B: MTTR.
C: MOR.
D: MTD.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: MTBF (Mean Time Between Failures): How long a new or repaired system or component will function on average before failing, this can help us plan for spares and give us an idea of how often we can expect hardware to fail.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #57

Which low tech or no tech attack can often be just as successful at very technical attacks?
A: DDOS.
B: Social engineering.
C: Trojan.
D: Worm.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


B: Social engineering can often be just as successful as more technical attacks, people want to be helpful.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #56

Implementing secure cables in our building what would be our cheapest option?
A: Copper Ethernet.
B: Fiber Ethernet.
C: Wireless.
D: Coax copper.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


B: The most secure cable is fiber cables, it is slightly more expensive than copper, since we need both we would use fiber cables. Wireless is .. well not a cable.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #55

We have an agreement with another organization in our line of business, where we have a rack of our hardware in their data center and they have a rack in our data center. The racks are completely segmented off from the rest of the network, what are these agreements called?
A: Reciprocal.
B: Redundant.
C: Mobile site.
D: Subscription site.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: Reciprocal Agreement site: Your organization has a contract with another organization that they will give you space in their data center in a disaster event and vise versa. This can be promised space or some racks with hardware completely segmented off the network there.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #54

In software acceptance testing, what is the purpose of user acceptance testing?
A: To ensure the backups are in place, we have a DR plan, how patching is handled and that the software is tested for vulnerabilities.
B: To ensure the software is as secure or more secure than the rules, laws and regulations of our industry.
C: To ensure the software perform as expected in our live environment vs. our development environment.
D: To ensure the software is functional for and tested by the end user and the application manager.

CBK 8: Software Development Security
Source: ThorTeaches.com practice tests

Answer


D: The User Acceptance test: Is the software functional for the users who will be using it, it is tested by the users and application managers.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #53

Each row in a relational database is called a/an:
A: Tuple.
B: Attribute.
C: Relation.
D: Schema.

CBK 8: Software Development Security
Source: ThorTeaches.com practice tests

Answer


A: Relational model: Rows are also called records or tuples. Generally, each table/relation represents one entity type. The rows represent instances of that type of entity and the columns representing values attributed to that instance.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #52

Before upgrading a system or applying a patch, which type of backup will not interfere with backup cycle and allows us to do a full restore with a single tape.
A: Full backup.
B: Incremental backup.
C: Differential backup.
D: Copy backup.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


D: Copy backup: This is a full backup with one important difference, it does not clear the archive bit. Often used before we do system updates, patches and similar upgrades. We do not want to mess up the backup cycle, but we want to be able to revert to a previous good copy if something goes wrong.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #51

A pen tester calling an employee and explains how they are the CEO’s executive assistant and they need to do what they are told is:
A: Authority.
B: Intimidation.
C: Scarcity.
D: Familiarity.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


A: Social engineering uses people skills to bypass security controls. Authority (someone you trust or are afraid of) – Look and sound like an authority figure, be in charge, this can be in a uniform or a suit. Most effective with impersonation, whaling, and vishing attacks.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #50

When Jane is designing the specifications she is including technology and countermeasures for hurricanes, what type of disasters is the focused on?
A: Natural.
B: Man made.
C: Environmental.
D: All of these.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: Natural: Hurricanes, floods, earthquakes, blizzards, anything that is caused by nature.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading