CISSP Practice question #153

What does DNS do?
A: Assign IP addresses to our hosts.
B: Translates server names into IP addresses.
C: Prevents ARP poisoning.
D: Allows users to securely browse the internet.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


B: DNS (Domain Name System): Translates server names into IP Addresses, uses TCP and UDP Port 53. Google.com can get translated into 66.102.12.231 or 2607:f8b0:4007:80b::200e depending on requesters IP.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #152

To prevent damage to hardware when handling it we use:
A: A dark data center.
B: Proper humidity.
C: A nice hat.
D: Antistatic equipment.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


D: Static Electricity: Can be mitigated by proper humidity control, grounding all circuits, using antistatic wrist straps and work surfaces. All personnel working with internal computer equipment (motherboards, insert cards, memory sticks, hard disks) should ground themselves before working with the hardware.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #151

Jane chose SAML for our FIDM, what type of SSO is it?
A: Recursive.
B: Web browser.
C: SQL.
D: Cloud.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


B: SAML (Security Assertion Markup Language): The single most important requirement that SAML addresses is web browser SSO. An XML-based, open-standard data format for exchanging authentication and authorization data between parties.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #150

What would we not look at in a security assessment?
A: Penetration testing
B: Security audits.
C: Change management.
D: KPI.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


D: Security Assessments: A full picture approach to assessing how effective our access controls are, they have a very broad scope. We would not look at KPIs. Security assessments often span multiple areas, and can use some or all of these components: Policies, procedures, and other administrative controls. Assessing the real world-effectiveness of administrative controls. Change management. Architectural review. Penetration tests. Vulnerability assessments. Security audits.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #149

IPv6 uses which type of MAC addresses?
A: EUI/MAC-64
B: EUI/MAC-48
C: EUI/MAC-128
D: EUI/MAC-256

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


A: IPv6 uses EUI/MAC-64 addresses, if the card is EUI/MAC-48 it adds fffe to get a 64bit address.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #148

We are blocking unused ports on our servers as part of our server hardening, when we block TCP port 110, what are we blocking?
A: SMTP.
B: HTTP.
C: HTTPS.
D: POP3.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


D: Post Office Protocol, version 3 (POP3) uses TCP port 110.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #147

Bob has been tasked with adding content-based access control in addition to our existing security controls. What could be something he would implement?
A: Hiding or showing menus in an application.
B: Access to data only between 0800 and 1700 (5PM).
C: Access to data depending on labels and clearance.
D: Access to data dependent on job title.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


A: Content-based access control: Access is provided based on the attributes or content of an object, then it is known as a content-dependent access control. Hiding or showing menus in an application, views in databases, and access to confidential information are all content-dependent. In this type of control, the value and attributes of the content that is being accessed determines the control requirements.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #146

In our risk analysis we are looking at the total risk, what would that comprise of?
A: Threat + vulnerability.
B: Threat x vulnerability.
C: Threat * vulnerability * asset value.
D: (threat * vulnerability * asset value) – countermeasures.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests

Answer


C: Total Risk = Threat * Vulnerability * Asset Value.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #145

When adding double data rate memory to a server what is Bob adding?
A: DRAM.
B: SRAM.
C: SDRAM.
D: PROM.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


C: SDRAM: (Synchronous DRAM) What we normally put in the motherboard slots for the memory sticks. DDR (Double Data Rate) 1, 2, 3, 4 SDRAM.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #144

To notify only on a DDOS attack we would use which?
A: HIDS.
B: NIPS.
C: NIDS.
D: HIPS.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


C: Only alert (intrusion detection) and DDOS would be network based, so NIDS.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading