CISSP Practice question #89

Replacing one character with another is called?
A: Confusion.
B: Diffusion.
C: Substition.
D: Permutation.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


C: Substitution replaces one character for another, this provides diffusion.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #88

An attacker has discovered an SSID from our organization what is he looking to attack in his initial attack?
A: Our switches.
B: Our servers.
C: Our wireless.
D: Our firewall.

CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests

Answer


C: SSIDs are the names of our wireless access points, if an attacker has that it is likely that is the next target. SSIDs are easy to discover.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #87

When we apply standards and framework we can use tailoring to do what?
A: To implement the full standard or framework, but implement different standards in some areas.
B: To pick and chose which parts of the standard or framework we want to implement.
C: Find out how much the implementation will cost us.
D: To see if the standard is a good fit for our organization.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer


A: Tailoring is customizing a standard to your organization. This could be we will apply this standard, but we use a stronger encryption (AES 256bit).

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #86

Bob wants to implement SSO for our internal applications, he wants to add a fingerprint reader to each work station for users to authenticate with. What is Bob implementing?
A: Super sign-on.
B: Secret sign-on.
C: Secure sign-on.
D: Single sign-on.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


D: SSO (Single sign-on): Users use a single sign-on for multiple systems. Often deployed in organizations where users have to access 10+ systems, and they think it is too burdensome to remember all those passwords.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #85

When using a fire extinguisher you should use which method?
A: RACE.
B: PACE.
C: PASS.
D: GASS.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


C: Use the PASS method to extinguish a fire with a portable fire extinguisher: Pull the pin in the handle. Aim at the base of the fire. Squeeze the lever slowly. Sweep from side to side.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #84

When authenticating against our access control systems you present your ID, what type of authentication are you using?
A: A possession factor.
B: A knowledge factor.
C: A biometric factor.
D: A location factor.

CBK 1: Security and Risk Management
Source: ThorTeaches.com practice tests

Answer


A: Something you have – Type 2 Authentication: ID, passport, smart card, token, cookie on PC, these are called Possession factors. The subject uses these to authenticate their identity, if they have the item, they must be who they say they are.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #83

Which backup backs everything up and clears the archive bit?
A: Full.
B: Copy.
C: Incremental.
D: Differential.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer


A: Full backup: This backs everything up, the entire database (most often), or the system. A full backup clears the all archive bits. Dependent on the size of the data we may do infrequent full backups, with large datasets it can take many hours for a full backup.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #82

Our networking department is recommending we use a half-duplex solution for an implementation, what is a key feature of those?
A: One way communication, one system transmits the other receives, direction can’t be reversed.
B: Both systems can send and receive at the same time.
C: Only one system on the network can send one signal at a time.
D: One way communication, one system transmits the other receives, direction can be reversed.

CBK 4: Communication and Network Security
Source: ThorTeaches.com practice tests

Answer


D: Half-duplex communication sends or receives at one time only (Only one system can transmit at a time).

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #81

How would an administrator reissue a new type 3 authentication to a user.
A: Give them a new password.
B: Give them a new ID card.
C: We can’t.
D: Give them a HOTP token.

CBK 5: Identity and Access Management
Source: ThorTeaches.com practice tests

Answer


D: With biometrics we can’t reissue authentication factors, you have the same fingerprints, if compromised nothing can be done other than stop using them.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading

CISSP Practice question #80

When a CPU can execute multiple processes concurrently it is called?
A: Multithreading.
B: Multiprocessing.
C: Multitasking.
D: Multiprogramming.

CBK 3: Security Engineering
Source: ThorTeaches.com practice tests

Answer


A: Multithreading is the ability of a central processing unit (CPU) or a single core in a multi-core processor to execute multiple processes or threads concurrently, appropriately supported by the operating system.

show less

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

Continue Reading