(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests. Mike Chapple
Читать онлайн книгу.
up and running as quickly as possible. What would be the most reasonable next step for Michael to take?Keep the website offline until the investigation is complete.Take the virtualization platform offline as evidence.Take a snapshot of the compromised system and use that for the investigation.Ignore the incident and focus on quickly restoring the website.
9 Helen is a software engineer and is developing code that she would like to restrict to running within an isolated sandbox for security purposes. What software development technique is Helen using?BoundsInput validationConfinementTCB
10 What concept describes the degree of confidence that an organization has that its controls satisfy security requirements?TrustCredentialingVerificationAssurance
11 What type of security vulnerability are developers most likely to introduce into code when they seek to facilitate their own access, for testing purposes, to software they developed?Maintenance hookCross-site scriptingSQL injectionBuffer overflow
12 In the figure shown here, Sally is blocked from reading the file due to the Biba integrity model. Sally has a Secret security clearance, and the file has a Confidential classification. What principle of the Biba model is being enforced?Simple Security PropertySimple Integrity Property*-Security Property*-Integrity Property
13 Tom is responsible for maintaining the security of systems used to control industrial processes located within a power plant. What term is used to describe these systems?POWERSCADAHAVALCOBOL
14 Sonia recently removed an encrypted hard drive from a laptop and moved it to a new device because of a hardware failure. She is having difficulty accessing encrypted content on the drive despite the fact that she knows the user's password. What hardware security feature is likely causing this problem?TCBTPMNIACAPRSA
15 Chris wants to verify that a software package that he downloaded matches the original version. What hashing tool should he use if he believes that technically sophisticated attackers may have replaced the software package with a version containing a backdoor?MD53DESSHA1SHA 256For questions 16–19, please refer to the following scenario:Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority.
16 If Alice wants to send Bob a message that is encrypted for confidentiality, what key does she use to encrypt the message?Alice's public keyAlice's private keyBob's public keyBob's private key
17 When Bob receives the encrypted message from Alice, what key does he use to decrypt the message's plaintext content?Alice's public keyAlice's private keyBob's public keyBob's private key
18 Which one of the following keys would Bob not possess in this scenario?Alice's public keyAlice's private keyBob's public keyBob's private key
19 Alice would also like to digitally sign the message that she sends to Bob. What key should she use to create the digital signature?Alice's public keyAlice's private keyBob's public keyBob's private key
20 What name is given to the random value added to a password in an attempt to defeat rainbow table attacks?HashSaltExtenderRebar
21 Which one of the following is not an attribute of a hashing algorithm?They require a cryptographic key.They are irreversible.It is very difficult to find two messages with the same hash value.They take variable-length input.
22 What type of fire suppression system fills with water after a valve opens when the initial stages of a fire are detected and then requires a sprinkler head heat activation before dispensing water?Wet pipeDry pipeDelugePreaction
23 Susan would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability?AHESPIKEISAKMP
24 Which one of the following cryptographic goals protects against the risks posed when a device is lost or stolen?NonrepudiationAuthenticationIntegrityConfidentiality
25 Joanna wants to review the status of the industrial control systems her organization uses for building control. What type of systems should she inquire about access to?SCADADSSBASICS-CSS
26 In the figure shown here, Harry's request to write to the data file is blocked. Harry has a Secret security clearance, and the data file has a Confidential classification. What principle of the Bell-LaPadula model blocked this request?Simple Security PropertySimple Integrity Property*-Security PropertyDiscretionary Security Property
27 Florian and Tobias would like to begin communicating using a symmetric cryptosystem, but they have no prearranged secret and are not able to meet in person to exchange keys. What algorithm can they use to securely exchange the secret key?IDEADiffie-HellmanRSAMD5
28 Carl's organization recently underwent a user access review. At the conclusion of the review, the auditors noted several cases of privilege creep. What security principle was violated?Fail securelyKeep it simpleTrust but verifyLeast privilege
29 Matt's organization recently adopted a zero-trust network architecture. Under this approach, which one of the following criteria would be LEAST appropriate to use when granting a subject access to resources?PasswordTwo-factor authentication IP addressBiometric scan
30 Colin is the chief privacy officer for a nonprofit organization and is assisting with the team's transition to a Privacy by Design approach. Under this approach, which of the following principles should the team embrace?Proactive, not reactivePrivacy as the default settingEnd-to-end securityDefense in depth
31 What cryptographic principle stands behind the idea that cryptographic algorithms should be open to public inspection?Security through obscurityKerckhoffs' principleDefense in depthHeisenburg principle
32 Ryan is developing a physical access plan for his organization's data center and wants to implement the security control indicated by the arrow in this diagram. What is the name of this control?MantrapTurnstileIntrusion prevention systemPortal
33 Which one of the following does not describe a standard physical security requirement for wiring closets?Place only in areas monitored by security guards.Do not store flammable items in the closet.Use sensors on doors to log entries.Perform regular inspections of the closet.
34 In the figure shown here, Sally is blocked from writing to the data file by the Biba integrity model. Sally has a Secret security clearance, and the file is classified Top Secret. What principle is preventing her from writing to the file?Simple Security PropertySimple Integrity Property*-Security Property*-Integrity Property
35 Lana recently implemented a new process in her organization where managers who are responsible for granting users access to a system are not permitted to participate in access reviews. What principle is she enforcing?Two-person controlLeast privilegePrivilege creepSeparation of duties
36 Which of the following statements about system development are correct? (Select all that apply.)Systems should be designed to operate in a secure manner if the user performs no other configuration.Systems should be designed to fall back to a secure state if they experience an error.Systems should be designed to incorporate security as a design feature.Systems should be designed in a manner that keeps their functionality as simple as possible.
37 Alan is reviewing a system that has been assigned the EAL1 evaluation assurance level under the Common Criteria. What is the degree of assurance that he may have about the system?It has been functionally tested.It has been structurally tested. It has been formally verified, designed, and tested.It has been methodically designed, tested, and reviewed.
38 Jake works for a research organization that is seeking to deploy a grid computing system that will perform cycle scavenging on user workstations to conduct research tasks that require high-performance computing. What is the most significant risk associated with this operation?Data confidentialityIsolation breachData integrityData availability
39 Eimear's software development team uses an approach that creates many discrete software objects and then binds them together using APIs. What term best describes this architecture?MicroservicesFunction-as-a-serviceContainerizationVirtualization
40 Adam recently configured permissions on an NTFS filesystem to describe the access that different