CISSP Practice question #47

An artificial neural network tries to emulate a brain, which of these is not true about ANNs?
A: They can analyze images where they know a fact about, this could be “gecko” or “no gecko”, the more images they process the better they become at recognizing the fact.
B: They are mostly used in areas that are difficult to express in a traditional computer algorithm using rule based programming.
C: They are organized in layers, different layers perform different transformations on their input.
D: They use rule based programming and a lot of IF/THEN statements.

CBK 8: Software Development Security
Source: ThorTeaches.com practice tests

Answer


D: ANNs do not use IF/THEN statements.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #46

Why would we not want to shut a compromised system down?
A: There could still be data on the hard disks, it will be lost if we shut the server down.
B: There could still be data in the non-volatile memory, it will be lost if we shut the server down.
C: There could still be data in the volatile memory, it will be lost if we shut the server down.
D: There could still be permitted users on the system.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


C: The digital (computer) forensics process: We need to be more aware of how we gather our forensic evidence, attackers are covering their tracks, deleting the evidence and logs. This can be through malware that is only in volatile memory, if power is shut off (to preserve the crime scene), the malware is gone and the evidence is lost.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

Video highlight from my new free CISSP Essentials course – Life after passing the CISSP certification and being being endorsed.

This is the seventh lecture from my new free CISSP Essentials course.

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #45

We have found some older systems on our network using PAP, why would we want to migrate away from using that?
A: Credentials are sent in plaintext over the network.
B: It uses SSL.
C: It uses PPP.
D: The client and server need to know a plaintext shared secret. It is stored in plaintext on the server, but never sent over the network.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


A: PAP (Password Authentication Protocol): One of the oldest authentication protocols, no longer secure. Credentials are sent over the network in plain text. Authentication is initialized by client/user by sending packet with credentials (username and password) at the beginning of the connection.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

Video highlight from my new free CISSP Essentials course – The CISSP exam itself, how to mentally and physically prepare for it.

This is the sixth lecture from my new free CISSP Essentials course.

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #44

What could an attacker who is vishing do?
A: Calling our dispatch trying to get information through social engineering.
B: Use a modem to call different numbers, looking for an answer with a modem carrier tone.
C: Driving around trying to gain access to unsecured or weak security wireless access points.
D: Disrupt our wireless access points by transmitting noise on the wireless channels we use.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


A: Vishing is phishing over the phone, it is a common and effective form of social engineering.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading