Introduction to the CISSP Exam

licoricebedsSécurité

22 févr. 2014 (il y a 3 années et 10 mois)

84 vue(s)

Sample Question



1. The preliminary steps to security planning
include all of the following EXCEPT



a.

establish objectives.


b.

list planning assumptions.


c.

establish a security audit function.


d.

determine alternate courses of action

Sample Question



2. Which of the following represents an ALE
calculation?



a.

Gross loss expectancy X loss frequency.


b.

Asset value X loss expectancy.


c.

Total cost of loss + actual replacement value.


d.

Single loss expectancy X annualized rate of


occurrence.

Sample Question



3. Why would an information security policy require
that communications test equipment be controlled?



a.

The equipment is susceptible to damage


b.

The equipment can be used to browse



information passing on a network


c.

The equipment must always be available for


replacement if necessary


d.

The equipment can be used to reconfigure the

network
multiplexers

Sample Question


4. Step
-
by
-
step instructions used to
satisfy control requirements is called a



a. policy


b. standard


c. guideline


d.

procedure

Sample Question



5. One purpose of a security awareness
program is to modify



a.

employee’s attitudes and behaviors.


b.

management’s approach.


c.

attitudes of employees with sensitive data.


d.

corporate attitudes about safeguarding


data.

Sample Question


6. Which one of the following individuals
has PRIMARY responsibility for
determining the classification level of
information?



a.

Security manager


b.

User


c.

Owner


d.

Auditor

Sample Question



1. Under the principle of culpable negligence,
executives can be held liable for losses that
result from computer system breeches if


a.

the company is not a multi
-
national company.


b.

they have not exercised due care protecting



computing resources.


c.

they have failed to properly insure computer



resources against loss.


d.

the company does not prosecute the hacker that


caused the breech.

Sample Question



2. Since disks and other magnetic media
are only copies of the actual or original
evidence, what type of evidence are they
are often considered to represent?



a.

Hearsay


b.

Irrelevant


c.

Incomplete


d.

Secondary


Sample Question



3. The deliberate planting of apparent flaws in a
system for the purpose of detecting attempted
penetrations or confusing an intruder about
which flaws to exploit is called



a.

alteration.


b.

investigation.


c.

re
-
direction.


d.

enticement.

Sample Question



4. Which element must computer evidence
have to be admissible in court?



a.

It must be relevant.


b.

It must be annotated.


c.

It must be printed.


d.

It must contain source code.

Sample Question



5. The Internet Activities Board
characterizes which of the following as
unethical behavior for Internet users?



a.

Writing computer viruses.


b.

Monitoring data traffic.


c.

Wasting computer resources.


d.

Concealing unauthorized accesses.

Sample Question


1. What is a common problem when using
vibration detection devices for perimeter
control?


a.

They are vulnerable to non
-
adversarial


disturbances.


b.

They can be defeated by electronic

means.


c.

Signal amplitude is affected by weather


conditions.


d.

They must be buried below the frost line.

Sample Question


2.

What physical characteristics does a
retinal scan biometric device measure?



a.

The amount of light reaching the retina.


b.

The amount of light reflected by the retina.


c.

The size, curvature, and shape of the retina.


d.

The pattern of blood vessels at the back of

the eye.

Sample Question


3.

Which of the following measures would
be the BEST deterrent to the theft of
corporate information from a laptop which
was left in a hotel room?


a.

Store all data on disks and lock them in an in
-

room safe.


b.

Remove the batteries and power supply from

the laptop and store them separately from the

computer.


c.

Install a cable lock on the laptop when it is

unattended.


d.

Encrypt the data on the hard drive.

Sample Question


4.

Under what conditions would use of a
“Class C” hand
-
held fire extinguisher be
preferable to use of a “Class A” hand
-
held fire extinguisher?



a.

When the fire is in its incipient stage.


b.

When the fire involves electrical equipment.


c.

When the fire is located in an enclosed area.


d.

When the fire is caused by flammable


products.

Sample Question


5.

To be in compliance with the Montreal
Protocol, which of the following options can be
taken to refill a Halon flooding system in the
event that Halon is fully discharged in the
computer room?


a.

Order an immediate refill with Halon 1201 from


the manufacturer.


b.

Contact a Halon recycling bank to make



arrangements for a refill.


c.

Order a different chlorofluorocarbon



compound from the manufacturer.


d.

Order an immediate refill with Halon 1301 from


the manufacturer.

Sample Question



1. Which of the following security controls
might force an operator into collusion with
personnel assigned organizationally within a
different function in order to gain access to
unauthorized data?


a.

Limiting the local access of operations

personnel


b.

Job rotation of operations personnel


c.

Management monitoring of audit logs


d.

Enforcing regular password changes


Sample Question



2. An electrical device (AC or DC) which can
generate coercive magnetic force for the purpose
of reducing magnetic flux density to zero on
storage media or other magnetic media is called



a.

a magnetic field.


b.

a degausser.


c.

magnetic remanence.


d.

magnetic saturation.

Sample Question



3. What is the
most

secure way to
dispose of information on a CD
-
ROM?



a.

Sanitizing


b.

Physical damage


c.

Degaussing


d.

Physical destruction

Sample Question



4. Fault tolerance countermeasures are
designed to combat threats to



a.

an uninterruptible power supply.


b.

backup and retention capability.


c.

design reliability.


d.

data integrity.

Sample Question



5. In what way can violation clipping levels assist in
violation tracking and analysis?


a.

Clipping levels set a baseline for normal user errors, and
violations exceeding that threshold will

be recorded for analysis of
why the violations


occurred.


b.

Clipping levels enable a security administrator to


customize the audit trail to record only those


violations which are deemed to be security relevant.


c.

Clipping levels enable the security administrator to

customize the audit trail to record only actions for

users with
access to usercodes with a

privileged


status.


d.

Clipping levels enable a security administrator to


view all reductions in security levels which have


been made to usercodes which have incurred


violations.

Sample Question


1. For which areas of the enterprise are
business continuity plans required?



a.

All areas of the enterprise.


b.

The financial and information processing


areas of the enterprise.


c.

The operating areas of the enterprise.


d.

The marketing, finance, and information


processing areas.

Sample Question


2. Which of the following will a Business
Impact Analysis NOT identify?


a.

Areas that would suffer the greatest


financial or operational loss in the event of a

disaster.


b.

Systems critical to the survival of the


enterprise.


c.

The names of individuals to be contacted


during a disaster.


d.

The outage time that can be tolerated by


the enterprise as a result of a disaster.

Sample Question


3. What is a hot
-
site facility?


a.

A site with pre
-
installed computers, raised flooring,

air
conditioning, telecommunications and



networking
equipment, and UPS.


b.

A site in which space is reserved with pre
-
installed

wiring and raised floors.


c.

A site with raised flooring, air conditioning,


telecommunications, and networking equipment,

and UPS.


d.

A site with ready made work space with



telecommunications equipment, LANs,

PCs, and

terminals for work groups.

Sample Question


4. Which of the following best describes
remote journaling?


a.

Send hourly tapes containing



transactions off
-
site.


b.

Send daily tapes containing transactions


off
-
site.


c.

Real
-
time capture of transactions to


multiple storage devices.


d.

The electronic forwarding of transactions

to

an off
-
site facility.

Sample Question


5. Emergency actions are taken at the incipient
stage of a disaster with the objectives of preventing
injuries or loss of life and of



a.

determining the extent of property damage.


b.

protecting evidence.


c.

preventing looting and further damage.


d.

mitigating the damage to avoid the need for

recovery.

Sample Question


1.

A mechanism that enforces the
authorized access relationships between
subjects and objects is known as




a.

the reference monitor.


b.

discretionary access control.


c.

trusted kernal.


d.

mandatory access control.

Sample Question


2.

What is the name of the first
mathematical model of a multi
-
level
security policy used to define the concept
of a secure state, the modes of access, and
rules for granting access?


a.

Clark and Wilson Model


b.

Harrison
-
Ruzzo
-
Ullman Model


c.

Rivest and Shamir Model


d.

Bell
-
LaPadula Model


Sample Question


3.

Which of the following models does
NOT include data integrity?




a.

Biba


b.

Clark
-
Wilson


c.

Bell
-
LaPadula


d.

Brewer
-
Nash


Sample Question


4.

Which of the following describes a logical
form of separation used by secure computing
systems?


a.

Processes use different levels of security


for input and output devices.


b.

Processes are constrained so that each


cannot access objects outside its



permitted domain.


c.

Processes conceal data and




computations to inhibit access by outside


processes.


d.

Processes are granted access based on


granularity of controlled objects.



Sample Question



5.

What security problem is most likely to
exist if an operating system permits objects to be
used sequentially by multiple users without
forcing a refresh of the objects?



a.

Disclosure of residual data.


b.

Unauthorized obtaining of a privileged



execution state.


c.

Denial of service through a deadly embrace.


d.

Data leakage through covert channels.


Sample Question


1.

What is the PRIMARY use of a
password?



a.

Allow access to files.


b.

Identify the user.


c.

Authenticate the user.


d.

Segregate various user’s accesses.

Sample Question


2.

The three classic ways of
authenticating yourself to the computer
security software are: something you
know, something you have, and
something


a.

you need.


b.

you read.


c.

you are.


d.

you do.

Sample Question


3.

A timely review of system access audit
records would be an example of which
basic security function?



a.

Avoidance


b.

Deterrence


c.

Prevention


d.

Detection

Sample Question


4.

An access system that grants users
only those rights necessary for them to
perform their work is operating on which
security principle?



a.

Discretionary Access


b.

Least Privilege


c.

Mandatory Access


d.

Separation of Duties

Sample Question


5.

Tokens, smart cards, and biometric devices
used for identification and authentication
provide robust authentication of the individual
by practicing which of the following principles?


a.

Multi
-
party authentication


b.

Two
-
factor authentication


c.

Mandatory authentication


d.

Discretionary authentication

Sample Question


1.

Which of the following statements is
true about data encryption as a method
of protecting data?



a.

It verifies the accuracy of the data.


b.

It is usually easily administered.


c.

It requires careful key management.


d.

It makes few demands on system



resources.

Sample Question


2.

In what way does the Rivest
-
Shamir
-
Adleman algorithm differ from the Data
Encryption Standard?


a.

It is based on a symmetric algorithm.


b.

It uses a public key for encryption.


c.

It eliminates the need for a key
-



distribution center.


d.

It cannot produce a digital signature.



“a.” is wrong because it is based on an asymmetric algorithm.


“c.” is wrong because often a third party creates & distributes the key
pairs; thereby acting as a key distribution center.


“d.” is wrong because it can produce a digital signature.

Sample Question


3.

Which of the following is NOT a property
of a one
-
way hash function?


a.

It converts a message of a fixed length


into a message digest of arbitrary length.


b.

It is computationally infeasible to



construct two different messages with the


same digest.


c.

It converts a message of arbitrary length


into a message digest of a fixed length.


d.

Given a digest value, it is computationally


infeasible to find the corresponding message.

Sample Question


4.

The Data Encryption Algorithm
performs how many rounds of
substitution and permutation?



a.

4


b.

16


c.

54


d.

64

Sample Question


5.

Which of the following statements is
most accurate of digital signature?


a.

It is a method used to encrypt



confidential data.


b.

It is the art of transferring handwritten


signature to electronic media.


c.

It allows the recipient of data to prove


the source and integrity of data.


d.

It can be used as a signature system and

a

cryptosystem.

Sample Question


1.

Why does fiber optic communication
technology have significant security advantage
over other transmission technology?



a.

Higher data rates can be transmitted.


b.

Interception of data traffic is more



difficult.


c.

Traffic analysis is prevented by



multiplexing.


d.

Single and double
-
bit errors are



correctable.


Answer: b.

Because of the resistance of fiber to tapping.



It would be correct to select “a.” if the word “security” was not in the
question.


Sample Question


2. Layer 4 of the OSI stack is known
as



a.

the data link layer


b.

the transport layer


c.

the network layer


d.

the presentation layer

Sample Question


3.

Another name for a VPN is a



a.


tunnel


b.

one
-
time password


c.

pipeline


d.

bypass

Sample Question


4.

Why is traffic across a packet
switched network (e.g. frame relay, X.25)
difficult to monitor?



a.

Packets are link encrypted by the carrier


b.

Government regulations forbid



monitoring


c.

Packets are transmitted on multiple paths


d.

The network factor is too high

Sample Question


5.

Which one of the following is used to
provide authentication and
confidentiality for e
-
mail messages?



a.

Digital signature


b.

PGP


c.

IPSEC AH


d.

MD4

Sample Question


6.

What is a packet sniffer?



a.

It tracks network connections to off
-
site


locations.


b.

It monitors network traffic for illegal


packets.


c.

It scans network segments for cabling


faults.


d.

It captures network traffic for later

analysis.

Sample Question

1.

At what stage of the applications development
process should the security department become
involved?



a.

Prior to the implementation


b.

Prior to systems testing


c.

During unit testing


d.

During requirements development

Sample Question

2.

What is one disadvantage of content
-
dependent protection of information?



a.

It increases processing overhead.


b.

It requires additional password entry.


c.

It exposes the system to data locking.


d.

It limits the user's individual address

space.

Sample Question

3.

In what way could Java applets pose a security
threat?


a.

Their transport can interrupt the secure


distribution of World Wide Web pages over the

Internet by removing SSL and S
-
HTTP


b.

Java interpreters do not provide the



ability to limit system access that an



applet could have on a client system.


c.

Executables from the Internet may



attempt an intentional attack when they are


downloaded on a client system.


d.

Java does not check the bytecode at runtime

or

provide other safety mechanisms for



program isolation from the client system.

Sample Question

4. Which of the following has the objective to
control and manage data from a central
location?



a.

Databases


b.

Data dictionaries


c.

Data access methods


d.

Data storage

Sample Question

5. A system file that has been patched numerous times
becomes infected with a virus. The anti
-
virus software
warns that disinfecting the file may damage it. What
course of action should be taken?


a.

Replace the file with the original version


from master media


b.

Proceed with automated disinfection


c.

Research the virus to see if it is benign


d.

Restore an uninfected version of the



patched file from backup media