Updates – CISSP study and training by Thor Teaches!

CISSP Certification, CISSP Certification practice questions, Updates

CISSP Practice question #262

June 19, 2018 No Comments

For our servers we are using Random Access Memory (RAM), what is one of the key features of RAM?
A: Volatile.
B: Non-volatile.
C: Flash memory.
D: Predictive.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

A: RAM (Random Access Memory) is volatile memory. It loses the memory content after a power loss (or within a few minutes). This can be memory sticks or embedded memory.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

CISSP Certification, CISSP Certification practice questions, Updates

What can we do we do when a type 1 authentication is compromised?
A: Issue a new password.
B: Issue a new ID card.
C: Stop use of that type of biometric for that employee or use another finger if fingerprint.
D: Revoke the token.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

A: Type 1 Authentication is something you know, this could be passwords, pass phrase, PIN etc. We would issue a new different password.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

CISSP Certification, CISSP Certification practice questions, Updates

CISSP Practice question #260

June 17, 2018 No Comments

Which type of Random Access Memory (RAM) could be embedded in the Central Processing Unit (CPU)?
A: SRAM.
B: DRAM.
C: SDRAM.
D: DDR SDRAM.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

A: SRAM (Static RAM): Fast and Expensive. Uses latches to store bits (Flip-Flops). Does not need refreshing to keep data, keeps data until power is lost. This can be embedded on the CPU.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

CISSP Certification, CISSP Certification practice questions, Updates

CISSP Practice question #259

June 16, 2018 No Comments

When physically storing sensitive data in a secure way. Which of these has slots where staff can easily slip sensitive paperwork into?
A: Wall safe.
B: Depository.
C: Vault.
D: Data center.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

B: A depository is a safe with slots or an opening where staff can add sensitive physical data. Think depositing money at the bank outside of their operating hours in the envelopes at the ATMs.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

CISSP Certification, CISSP Certification practice questions, Updates

CISSP Practice question #258

June 15, 2018 No Comments

We have implemented static Network address translation (NAT). How many public IP addresses do we need if we are using 5 private IP addresses and they all need internet access at the same time?
A: 1
B: 5
C: 6
D: 10

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

B: Static NAT Translates 1-1, we need 1 Public IP per Private IP we use, not practical and not sustainable.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

CISSP Certification, CISSP Certification practice questions, Updates

CISSP Practice question #257

June 14, 2018 No Comments

In building a new system we need to ensure we protect the Protected Health Information (PHI) in accordance with the HIPAA standard. Which of these is protected under the HIPAA standard?
A: URLs.
B: IP addresses.
C: Full dates.
D: All of these.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

D: Under the US Health Insurance Portability and Accountability Act (HIPAA), PHI that is linked based on the following list of 18 identifiers must be treated with special care: 1 Names. 2 All geographical identifiers smaller than a state. 3 Dates (other than year). 4 Phone numbers. 5 Fax numbers. 6 Email addresses. 7 Social Security numbers. 8 Medical record numbers. 9 Health insurance beneficiary numbers. 10 Account numbers. 11 Certificate/license numbers. 12 Vehicle identifiers and serial numbers, including license plate numbers. 13 Device identifiers and serial numbers. 14 Web Uniform Resource Locators (URLs). 15 Internet Protocol (IP) address numbers. 16 Biometric identifiers, including finger, retinal and voice prints. 17 Full face photographic images and any comparable images. 18 Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

CISSP Certification, CISSP Certification practice questions, Updates

CISSP Practice question #256

June 13, 2018 No Comments

Using highly targeted emails to senior management an attacker has sent an email threatening with a lawsuit if attached documents are not filled out and returned by a certain date. What is this an example of?
A: Vishing.
B: Social engineering.
C: Whale phishing.
D: MITM.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

C: This is whale phishing, which is a social engineering attack. Whale Phishing (Whaling): Spear phishing targeted at senior leadership of an organization. This could be: “Your company is being sued if you don’t fill out the attached documents (With Trojan in them) and return them to us within 2 weeks”.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

CISSP Certification, CISSP Certification practice questions, Updates

CISSP Practice question #255

June 12, 2018 No Comments

When a computer uses more than one processor at a time for a task it is called?
A: Multithreading.
B: Multiprocessing.
C: Multitasking.
D: Multiprogramming.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

B: Multiprocessing – A computer using more than one CPU at a time for a task.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

CISSP Certification, CISSP Certification practice questions, Updates

CISSP Practice question #254

June 11, 2018 No Comments

In our Redundant Array of Independent Disks (RAID) configuration we are using striping with redundancy. At least how many disks would we need?
A: 1
B: 2
C: 3
D: 4

CBK 7: Security Operations
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

C: Disk striping: Writing the data simultaneously across multiple disks providing higher write speed. Uses at least 2 disks, and in it self does not provide redundancy. We use parity with striping for the redundancy, often by XOR, if we use parity for redundancy we need at least 3 disks.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

CISSP Certification, CISSP Certification practice questions, Updates

CISSP Practice question #253

June 10, 2018 No Comments

If you see any IPv4 address in the 127.0.0.0/8 range, what type of IPv4 address is that?
A: Loopback.
B: Link-local.
C: Private.
D: Public.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer

A: IPv4 network standards reserve the entire 127.0.0.0/8 address block for loopback purposes. That means any packet sent to one of those 16,777,214 addresses (127.0.0.1 through 127.255.255.254) is looped back. IPv6 has just a single address, ::1.

show less

Thor Pedersen

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.