CISSP Practice question #144

To notify only on a DDOS attack we would use which?
A: HIDS.
B: NIPS.
C: NIDS.
D: HIPS.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


C: Only alert (intrusion detection) and DDOS would be network based, so NIDS.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #143

Who will determine if the evidence was obtained legally?
A: The police.
B: The lawyers.
C: Senior management.
D: The courts.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests

Answer


D: The court will determine if evidence was obtained legally. If not, it is inadmissible in court.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #142

We are performing a security audit, what would that entail?
A: Testing against a published standard.
B: External auditors comes in.
C: Internal auditors looking for flaws.
D: Internal IT Security employees double checking their work.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


A: Security audit: A test against a published standard. Purpose is to validate/verify that an organization meets the requirements as stated in the published standard.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

Cybercrime Damage Costs $6 Trillion in 2021, Cybersecurity Market Data

Cybersecurity Ventures predicts cybercrime damages will cost the world $6 trillion annually by 2021

Cybercriminal activity is one of the biggest challenges that humanity will face in the next two decades.

– Steve Morgan, Editor-In-Chief

Menlo Park, Calif. — Oct. 16, 2017

Cybercrime is the greatest threat to every company in the world, and one of the biggest problems with mankind. The impact on society is reflected in the numbers.

Last year, Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, and will be more profitable than the global trade of all major illegal drugs combined.

The cybercrime prediction stands, and over the past year it has been corroborated by hundreds of major media outlets, universities and colleges, senior government officials, associations, industry experts, the largest technology and cybersecurity companies, and cybercrime fighters globally.

The damage cost projections are based on historical cybercrime figures including recent year-over-year growth, a dramatic increase in hostile nation state sponsored and organized crime gang hacking activities, and a cyber attack surface which will be an order of magnitude greater in 2021 than it is today.

Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.

Source: cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #141

Which intrusion system blocks malicious traffic?
A: IPS.
B: IDS.
C: Heuristic.
D: Pattern.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: IPS (Intrusion Prevention System): Similar to IDS, but they also take action to malicious traffic, what they do with the traffic is determined by configuration. Events trigger an action, drop/redirect traffic, often combined with the trigger monitoring/administrator warnings, emails or text messages.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #140

Multicast is:
A: One-to-all.
B: One-to-many.
C: One-to-one.
D: All-to-one.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


B: Multicast -one-to-many (predefined): The traffic is sent to everyone in a predefined list.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

Cybersecurity Workforce Shortage Projected at 1.8 Million by 2022

Cybersecurity Workforce Shortage Projected at 1.8 Million by 2022

The results from the eighth Global Information Security Workforce Study (GISWS) have been released this week. The workforce gap is estimated to be growing, with the projected shortage reaching 1.8 million professionals by 2022. While the gap is not news, the fact that it is growing is of great concern to an already exhausted workforce. The question of how to fill the gap has been answered, and millennials are an integral part of the plan. “For years, we’ve known about the impending shortage of the information security workforce, as evidenced by our study year over year,” said David Shearer, CEO,…

Source: blog.isc2.org/isc2_blog/2017/02/cybersecurity-workforce-gap.html

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #139

Who is responsible for the day to day leadership of our organization?
A: The CEO.
B: The CFO
C: The CIO.
D: The CSO.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


A: The Chief Executive Officer is responsible for the day to day leadership of the organization, the board may provide the direction.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #138

Which language often saves data as an executable file that is saved once and executed many times.
A: Source code.
B: Assembled language.
C: Interpreted languages.
D: Compiled languages.

CBK 8: Software Development Security
Source: ThorTeaches.com practice tests

Answer


D: Compiled Languages: Translates the higher level language into machine code and saves, often as executables, compiled once and run multiple times.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #137

Which type of cables would we most likely use in our data center to avoid EMI and save on cost?
A: Single-mode fiber.
B: Multi-mode fiber.
C: Copper Ethernet.
D: COAX.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


B: In data centers we would use multimode fiber over singlemode fiber, as multimode is cheaper, better for shorter distances, and more versatile. Both types of fiber are not susceptible to EMI.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading
1 2 3 27