CISSP Practice question #141

Which intrusion system blocks malicious traffic?
A: IPS.
B: IDS.
C: Heuristic.
D: Pattern.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: IPS (Intrusion Prevention System): Similar to IDS, but they also take action to malicious traffic, what they do with the traffic is determined by configuration. Events trigger an action, drop/redirect traffic, often combined with the trigger monitoring/administrator warnings, emails or text messages.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #140

Multicast is:
A: One-to-all.
B: One-to-many.
C: One-to-one.
D: All-to-one.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


B: Multicast -one-to-many (predefined): The traffic is sent to everyone in a predefined list.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

Cybersecurity Workforce Shortage Projected at 1.8 Million by 2022

Cybersecurity Workforce Shortage Projected at 1.8 Million by 2022

The results from the eighth Global Information Security Workforce Study (GISWS) have been released this week. The workforce gap is estimated to be growing, with the projected shortage reaching 1.8 million professionals by 2022. While the gap is not news, the fact that it is growing is of great concern to an already exhausted workforce. The question of how to fill the gap has been answered, and millennials are an integral part of the plan. “For years, we’ve known about the impending shortage of the information security workforce, as evidenced by our study year over year,” said David Shearer, CEO,…

Source: blog.isc2.org/isc2_blog/2017/02/cybersecurity-workforce-gap.html

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #139

Who is responsible for the day to day leadership of our organization?
A: The CEO.
B: The CFO
C: The CIO.
D: The CSO.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


A: The Chief Executive Officer is responsible for the day to day leadership of the organization, the board may provide the direction.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #138

Which language often saves data as an executable file that is saved once and executed many times.
A: Source code.
B: Assembled language.
C: Interpreted languages.
D: Compiled languages.

CBK 8: Software Development Security
Source: ThorTeaches.com practice tests

Answer


D: Compiled Languages: Translates the higher level language into machine code and saves, often as executables, compiled once and run multiple times.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #137

Which type of cables would we most likely use in our data center to avoid EMI and save on cost?
A: Single-mode fiber.
B: Multi-mode fiber.
C: Copper Ethernet.
D: COAX.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


B: In data centers we would use multimode fiber over singlemode fiber, as multimode is cheaper, better for shorter distances, and more versatile. Both types of fiber are not susceptible to EMI.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #136

If we have no degasser or disk crusher in our organization what can we do with our old hard disks?
A: Since we have no means of destroying them, we have done our due care and we can recycle them with the rest of the electronic waste.
B: We can pay another company to do it.
C: We can overwrite all the functional disks and the rest we can ignore since they are damaged anyways.
D: We can throw them in a lake or the ocean.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


B: If we do not have the means for proper data destruction, we can pay another company to do so. They obviously have to be licensed to do so and adhere to all our security policies.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #135

In software testing a black box test would have how much information?
A: Just the software, no source code.
B: The software, source code, data structures and variables.
C: User logs, access entries and project plan.
D: A version of the software, but only the cripple ware version.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


A: Black box software testing: The tester has no details, just the software, they then test for functionality and security flaws.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

Cybersecurity Unemployment Rate Drops To Zero Percent

Cybersecurity Unemployment Rate Drops To Zero Percent

There’s a job for everyone with cybersecurity experience.

– Steve Morgan, Editor-In-Chief

The demand for cybersecurity professionals will increase to approximately 6 million globally by 2019, according to some industry experts cited by the Palo Alto Networks Research Center.

Earlier this year, Cybersecurity Ventures predicted there will be 3.5 million unfilled cybersecurity jobs by 2021, up from an estimate of 1 million by Cisco in 2014.

Almost anyone with cybersecurity experience and realistic salary expectations can find immediate employment. There may be a small percentage of the cyber workforce who are in between jobs, some who have resigned to explore new opportunities, and others who are unrealistic about which positions they qualify for (and the compensation commensurate with their experience) — but there’s an abundance of positions available for cybersecurity pros.

Cybercrime damages are predicted to cost the world $6 trillion annually by 2021, up from $3 trillion in 2015… and the world will spend $1 trillion cumulatively over the next five years from 2017 to 2021 on cybersecurity products and services to combat cybercrime. These figures suggest the cyber employment problem will get worse before it gets better.

We interviewed several industry experts who corroborate the unemployment rate, and share the recruiting challenges that come with it.

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #134

How many backup tapes would we use to restore all the data if we do weekly full backups Sunday at midnight and daily incrementals at midnight and the system fails Wednesday afternoon?
A: 2
B: 3
C: 1
D: 4

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


B: We would need the Sunday full tape, the incremental tapes from Monday and Tuesday night so 3 tapes total.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading
1 2 3 30