CISSP Practice question #121

Why would we use a differential backups over an incremental?
A: Faster restores.
B: Faster backup time.
C: To exclude certain directories from the backup.
D: To include all directories in the backup.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: Differential backup: Backs up everything since the last Full backup. Does not clear the archive bit. Faster to restore since we just need 2 tapes for a full restore, the full and the differential. Backups take longer tan the incrementals, we are backing everything since the last full.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #120

Which project management methodology is better geared towards year long project with very clear software requirements that should not change?
A: Waterfall.
B: Agile.
C: XP.
D: Rapid prototyping.

CBK 8: Software Development Security
Source: ThorTeaches.com practice tests

Answer


A: Waterfall methodology is well suited for long, very clearly defined projects.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #119

What would be proper data disposal of SSD drives?
A: Degaussing.
B: Formatting.
C: Deleting all files.
D: Overwriting.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


D: SSD drives can’t be degaussed and formatting or deleting the files only removes the file structure, most if not all files are recoverable. We would need to overwrite all the data with random 0s and 1s.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #118

Testing is done to:
A: See if the plan is accurate, complete and effective.
B: See how staff reacts and to train them.
C: Ensure the plan is being followed and understood.
D: Ensure compliance with regulations.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: Testing: To ensure the plan is accurate, complete and effective, happens before we implement the plan.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #117

What would be a good security practice for BYOD and IOT devices?
A: Segment them on their own VLAN.
B: Allow them on the normal network so we can monitor them.
C: Allow employees to keep PHI on their own devices.
D: Let them use the same wireless as medical equipment is on.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: BYOD and IOT almost never has as good security posture as the organization hardware, we want to segment it on it’s own limited VLAN to ensure any compromised hardware can do as little damage as possible.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #116

We are getting rid of a pile of hard drives, which of these would we use on the regular spinning disk ones to ensure there is no data remanence.
A: Degauss.
B: Overwrite.
C: Shred.
D: All of these.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


D: With regular spinning disk hard drives, degauss, overwrite and shred are all good options. Often done with more than one of them just to be sure.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #115

What would be a common attack on data at rest?
A: Cryptanalysis.
B: Shoulder surfing.
C: Eavesdropping.
D: All of these.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


A: Data at Rest (Stored Data): This is data on Disks, Tapes, CDs/DVDs, USB Sticks. We use disk encryption (full/partial), USB encryption, tape encryption (avoid CDs/DVDs). Encryption can be Hardware or Software Encryption.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #114

A too high sensitivity on our biometrics will often cause too many what?
A: False accepts.
B: False rejects.
C: True accepts.
D: True rejects.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


B: FRR (False rejection rate) Type 1 error: Authorized users are rejected. This can be too high settings – 99% accuracy on biometrics.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #113

Which is not protected by the 4th amendment in the US?
A: Anything search warranted.
B: Your emails.
C: Your internet history.
D: Anything done online.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: We ensure our evidence is acquired in legal manner remember the US Constitution 4th amendment. The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated. Anything supinated, search warranted, turned over voluntary and in exigent circumstances (immediate danger of being destroyed), can allow law enforcement to bypass the 4th amendment.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #112

When storing passwords in plaintext on a server it is obviously very vulnerable what would be a reason they chose to do so?
A: Because plaintext is more secure than encrypted.
B: Because the server is secure enough to not need the password encryption.
C: Access controls are only used on critical systems.
D: It is slightly faster than having to decrypt the password when the user tries to log in.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


D: It can take a second or two on older systems to authenticate if the passwords are hashed or encrypted. We should however never leave passwords in plaintext to save a second or two.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading