CISSP Practice question #160

Which would be part of a clean desk policy?
A: Minimal use of paper copies and only used while at the desk and in use.
B: Cleaning your desk of all the clutter.
C: Full disk encryption on your hard disk.
D: Picking up anything you print as soon as you print it.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


A: As part of a clean desk policy we should only use paper copies of sensitive data when strictly needed.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #159

Jane has suggested we implement full disk encryption on our laptops. Our organization on average loses 25 laptops per year and currently it costs us $10,000 per laptop, of that $1,000 is the cost of the laptop and the $9,000 is from non encrypted data being exposed. How much can the countermeasure cost per year and we would break even with the current ALE?
A: 2250000
B: 225000
C: 250000
D: 22500

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests

Answer


B: The Laptop ($1,000) + PII ($9,000) per loss (AV), It is a 100% loss, it is gone (EF), Loss per laptop is $10,000 (AV) x 100% EF) = (SLE), The organization loses 25 Laptops Per Year (ARO), The annualized loss is $250,000 (ALE).

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #158

We are performing digital forensics on one of our hard drives, which of these could be part of what use?
A: Symmetric encryption.
B: Asymmetric encryption.
C: Hashing.
D: PKI.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


C: Digital forensics: The evidence we collect must be accurate, complete, authentic, convincing, admissible. Everything is documented, chain of custody: Who had it when? What was done? When did they do it? Pull the original, put it in write protected machine, we make a hash. We only do examinations and analysis on bit level copies, we confirm they have the same hash as the original before and after examination.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #157

Which type of attacks is salting designed to mitigate?
A: Brute force.
B: Physical access.
C: Rainbow tables.
D: Smurf attacks.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


C: Salt (salting): Random data that is used as an additional input to a one-way function that hashes a password or passphrase. The primary function of salts is to defend against dictionary attacks or a pre-compiled rainbow table attack.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #156

Which type of memory is volatile?
A: DRAM.
B: PROM.
C: Flash Memory.
D: EEPROM.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


A: RAM (Random Access Memory) is volatile memory. It loses the memory content after a power loss or within a few minutes. ROM (Read Only Memory) is nonvolatile it retains memory after power loss.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #155

Using AD for our RBAC authentication we would innately use which authentication protocol?
A: LDAP.
B: Diameter.
C: Radius.
D: TACACS

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


A: AD (Active Directory):Included in most Windows Server OS as a set of processes and services. Uses LDAP (Lightweight Directory Access Protocol) versions 2 and 3, Microsoft’s version of Kerberos, and DNS.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #154

IPv4 normally uses what type of addresses?
A: Hexadecimal.
B: True decimal.
C: Binary.
D: Flexible length.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


C: IPv4 addresses are made up of 4 octets (dotted-decimal notation) and broken further down in a 32bit integer binary.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #153

What does DNS do?
A: Assign IP addresses to our hosts.
B: Translates server names into IP addresses.
C: Prevents ARP poisoning.
D: Allows users to securely browse the internet.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


B: DNS (Domain Name System): Translates server names into IP Addresses, uses TCP and UDP Port 53. Google.com can get translated into 66.102.12.231 or 2607:f8b0:4007:80b::200e depending on requesters IP.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #152

To prevent damage to hardware when handling it we use:
A: A dark data center.
B: Proper humidity.
C: A nice hat.
D: Antistatic equipment.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


D: Static Electricity: Can be mitigated by proper humidity control, grounding all circuits, using antistatic wrist straps and work surfaces. All personnel working with internal computer equipment (motherboards, insert cards, memory sticks, hard disks) should ground themselves before working with the hardware.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #151

Jane chose SAML for our FIDM, what type of SSO is it?
A: Recursive.
B: Web browser.
C: SQL.
D: Cloud.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


B: SAML (Security Assertion Markup Language): The single most important requirement that SAML addresses is web browser SSO. An XML-based, open-standard data format for exchanging authentication and authorization data between parties.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading