CISSP Practice question #242

The TACACS+ protocol as default uses which TCP port?
A: 443
B: 80
C: 49
D: 23

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests –

Answer


C: TACACS+: Provides better password protection by using two-factor strong authentication. Not backwards compatible with TACACS. Uses TCP port 49 for authentication with the TACACS+ server. Similar to RADIUS, but RADIUS only encrypts the password TACACS+, encrypts the entire data package.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #241

In which type of software testing would we test the functionality of the code?
A: Unit testing.
B: Regression testing.
C: Integration testing.
D: Installation testing.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests –

Answer


A: Unit testing: Tests that verify the functionality of a specific section of code. In an object-oriented environment, this is usually at the class level, and the minimal unit tests include the constructors and destructors. Usually written by developers as they work on code (white-box), to ensure that the specific function is working as expected.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #240

We want our employees to be connected without interruptions wherever they go, breakrooms, meeting rooms and their desks. What would be the best to use?
A: Copper Ethernet.
B: Fiber Ethernet.
C: Wireless.
D: Coax copper.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests –

Answer


C: To stay connected with employees roaming we need to not be connected to cables, wireless is the only option.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #239

An attacker is using low bandwidth coordinated attacks to avoid our Intrusion Prevention Systems (IPS). What is the attacker doing?
A: Breaking the data into segments.
B: Sending traffic on a well-known TCP port, where we would not expect the malicious traffic.
C: Have many different agents use different IPs and ports.
D: Change the attack signature.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests –

Answer


C: Low-bandwidth coordinated attacks: A number of attackers (or agents) allocate different ports or hosts to different attackers making it difficult for the IDS to correlate the captured packets and deduce that a network scan is in progress.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #238

In our Disaster Recovery Plan (DRP) we have distinct phases. In which phase would we act on our Disaster Recovery procedures?
A: Mitigation.
B: Preparation.
C: Response.
D: Recovery.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests –

Answer


C: Response: How we react in a disaster, following the procedures.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #237

One of our engineers has found a virus on one of our systems that keeps changing signature. What type of virus is it?
A: Macro virus.
B: Stealth virus.
C: Multipart.
D: Polymorphic.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests –

Answer


D: Polymorphic Viruses: Change their signature to avoid the antivirus signature definitions. Well-written polymorphic viruses have no parts which remain identical between infections, making it very difficult to detect directly using antivirus signatures. 

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #236

What do we often uncover in our vulnerability scans?
A: Open ports that should not be.
B: Unauthorized users.
C: Attacks.
D: None of these.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests –

Answer


A: Vulnerability scanning/testing: A vulnerability scanner tool is used to scan a network or system for a list of predefined vulnerabilities such as system misconfiguration, outdated software, or a lack of patching. It is very important to understand the output from a vulnerability scan, they can be 100’s of pages for some systems, and how do the vulnerabilities map to Threats and Risks (Risk = Threat x Vulnerability). When we understand the true Risk, we can then plan our mitigation.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #235

In our access management we would never want to use group user accounts. Why is that?
A: No authentication.
B: No accountability.
C: No authorization.
D: No availability.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests –

Answer


B: Accountability (often referred to as Auditing): Trace an Action to a Subjects Identity: Proves who performed given action, it provides non-repudiation. Group or shared accounts are never OK, they have zero accountability.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

I just released my new course “CISSP Certification: CISSP Domain 5 & 6 Video Boot Camp 2018”

I just released my new course “CISSP Certification: CISSP Domain 5 & 6 Video Boot Camp 2018”

You can buy it here for $9.99:
https://www.udemy.com/cissp-domain-5-6/?couponCode=NINENINENINE

You can also buy the video course for CISSP domain 1-2 here for $9.99:
https://www.udemy.com/cissp-domain-1-2/?couponCode=NINENINENINE

You can also buy the video course for CISSP domain 3-4 here for $9.99:
https://www.udemy.com/cissp-domain-3-4/?couponCode=NINENINENINE

This is my current release schedule for the rest of the CISSP video series:
“CISSP Certification: CISSP Domain 7 & 8 Video Boot Camp 2018” 6/13-2018.

As soon as it is released you can use the NINENINENINE coupon code to get it for $9.99, the same goes for all my practice tests:

 
Set 1 (Exam emulation sets with 2x 125 questions):
 
CISSP certification practice questions #1:
 
CISSP certification practice questions #2:
 
CISSP certification practice questions #3:
 
CISSP certification practice questions #4:
 
Set 2 (Domain based, 2 domains per test):
 
CISSP certification practice questions Domain 1 & 2:
 
CISSP certification practice questions Domain 3 & 4:
 
CISSP certification practice questions Domain 5 & 6:
 
CISSP certification practice questions Domain 7 & 8:
 
I hope I can help get you certified,
 
Thor

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #234

We have part of our infrastructure migrated to cloud computing. We are responsible for the applications and the data. Which type of cloud computing are we using?
A: IaaS.
B: SaaS
C: PaaS
D: IDaaS

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests –

Answer


C: In public cloud PaaS – (Platform as a Service) The vendor provides pre-configured OSs, then the customer adds all programs and applications.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading