CISSP Practice question #243

Jane has determined our Annualized Loss Expectancy (ALE) for laptops is $250,000. She is recommending we implement full disk encryption and remote wiping capabilities on all our laptops. The $1,000 laptop value is still lost, but the $9,000 value loss from Personally identifiable information (PII) exposure would be mitigated. How many laptops do we lose per year?
A: 25
B: 50
C: 10
D: 15

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


A: With an current ALE of $250,000 and a AV of $10,000 ($1,000 + $9,000) we lose 25 laptops per year.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #242

The TACACS+ protocol as default uses which TCP port?
A: 443
B: 80
C: 49
D: 23

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


C: TACACS+: Provides better password protection by using two-factor strong authentication. Not backwards compatible with TACACS. Uses TCP port 49 for authentication with the TACACS+ server. Similar to RADIUS, but RADIUS only encrypts the password TACACS+, encrypts the entire data package.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #241

In which type of software testing would we test the functionality of the code?
A: Unit testing.
B: Regression testing.
C: Integration testing.
D: Installation testing.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


A: Unit testing: Tests that verify the functionality of a specific section of code. In an object-oriented environment, this is usually at the class level, and the minimal unit tests include the constructors and destructors. Usually written by developers as they work on code (white-box), to ensure that the specific function is working as expected.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #240

We want our employees to be connected without interruptions wherever they go, breakrooms, meeting rooms and their desks. What would be the best to use?
A: Copper Ethernet.
B: Fiber Ethernet.
C: Wireless.
D: Coax copper.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


C: To stay connected with employees roaming we need to not be connected to cables, wireless is the only option.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #239

An attacker is using low bandwidth coordinated attacks to avoid our Intrusion Prevention Systems (IPS). What is the attacker doing?
A: Breaking the data into segments.
B: Sending traffic on a well-known TCP port, where we would not expect the malicious traffic.
C: Have many different agents use different IPs and ports.
D: Change the attack signature.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


C: Low-bandwidth coordinated attacks: A number of attackers (or agents) allocate different ports or hosts to different attackers making it difficult for the IDS to correlate the captured packets and deduce that a network scan is in progress.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #238

In our Disaster Recovery Plan (DRP) we have distinct phases. In which phase would we act on our Disaster Recovery procedures?
A: Mitigation.
B: Preparation.
C: Response.
D: Recovery.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


C: Response: How we react in a disaster, following the procedures.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #237

One of our engineers has found a virus on one of our systems that keeps changing signature. What type of virus is it?
A: Macro virus.
B: Stealth virus.
C: Multipart.
D: Polymorphic.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


D: Polymorphic Viruses: Change their signature to avoid the antivirus signature definitions. Well-written polymorphic viruses have no parts which remain identical between infections, making it very difficult to detect directly using antivirus signatures. 

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #236

What do we often uncover in our vulnerability scans?
A: Open ports that should not be.
B: Unauthorized users.
C: Attacks.
D: None of these.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


A: Vulnerability scanning/testing: A vulnerability scanner tool is used to scan a network or system for a list of predefined vulnerabilities such as system misconfiguration, outdated software, or a lack of patching. It is very important to understand the output from a vulnerability scan, they can be 100’s of pages for some systems, and how do the vulnerabilities map to Threats and Risks (Risk = Threat x Vulnerability). When we understand the true Risk, we can then plan our mitigation.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #235

In our access management we would never want to use group user accounts. Why is that?
A: No authentication.
B: No accountability.
C: No authorization.
D: No availability.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests – https://www.udemy.com/user/thorpedersen/

Answer


B: Accountability (often referred to as Auditing): Trace an Action to a Subjects Identity: Proves who performed given action, it provides non-repudiation. Group or shared accounts are never OK, they have zero accountability.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

I just released my new course “CISSP Certification: CISSP Domain 5 & 6 Video Boot Camp 2018”

I just released my new course “CISSP Certification: CISSP Domain 5 & 6 Video Boot Camp 2018”

You can buy it here for $9.99:
https://www.udemy.com/cissp-domain-5-6/?couponCode=NINENINENINE

You can also buy the video course for CISSP domain 1-2 here for $9.99:
https://www.udemy.com/cissp-domain-1-2/?couponCode=NINENINENINE

You can also buy the video course for CISSP domain 3-4 here for $9.99:
https://www.udemy.com/cissp-domain-3-4/?couponCode=NINENINENINE

This is my current release schedule for the rest of the CISSP video series:
“CISSP Certification: CISSP Domain 7 & 8 Video Boot Camp 2018” 6/13-2018.

As soon as it is released you can use the NINENINENINE coupon code to get it for $9.99, the same goes for all my practice tests:

 
Set 1 (Exam emulation sets with 2x 125 questions):
 
CISSP certification practice questions #1:
 
CISSP certification practice questions #2:
 
CISSP certification practice questions #3:
 
CISSP certification practice questions #4:
 
Set 2 (Domain based, 2 domains per test):
 
CISSP certification practice questions Domain 1 & 2:
 
CISSP certification practice questions Domain 3 & 4:
 
CISSP certification practice questions Domain 5 & 6:
 
CISSP certification practice questions Domain 7 & 8:
 
I hope I can help get you certified,
 
Thor

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading