(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests. Mike Chapple
Читать онлайн книгу.
efforts?Using WPA2 encryptionRunning WPA2 in Enterprise modeUsing WEP encryptionRunning WPA2 in PSK mode
11 A zero-day vulnerability is announced for the popular Apache web server in the middle of a workday. In Jacob's role as an information security analyst, he needs to quickly scan his network to determine what servers are vulnerable to the issue. What is Jacob's best route to quickly identify vulnerable systems?Immediately run Nessus against all of the servers to identify which systems are vulnerable.Review the CVE database to find the vulnerability information and patch information.Create a custom IDS or IPS signature.Identify affected versions and check systems for that version number using an automated scanner.
12 What type of testing is used to ensure that separately developed software modules properly exchange data?FuzzingDynamic testingInterface testingAPI checksums
13 Selah wants to provide security assessment information to customers who want to use her organization's cloud services. Which of the following options should she select to ensure that the greatest number of customers are satisfied with the assessment information?Use an internal audit team to self-assess against internal metrics.Use a third-party auditor.Use internal technical staff who know the systems.Use an internal audit team to self-assess against a common standard like COBIT.
14 Yasmine has been asked to consider a breach and attack simulation system. What type of system should she look for?A ticket and change management system designed to help manage incidentsA system that runs incident response simulations for blue teams to test their skillsA system that combines red and blue team techniques with automationA security operations and response (SOAR) system
15 Monica wants to gather information about security awareness in her organization. What technique is most frequently used to assess security awareness?Phishing simulatorsGamified applicationsAssessment testsSurveys
16 Jim has been contracted to conduct a gray-box penetration test, and his clients have provided him with the following information about their networks so that he can scan them:Data center: 10.10.10.0/24Sales: 10.10.11.0/24Billing: 10.10.12.0/24Wireless: 192.168.0.0/16What problem will Jim encounter if he is contracted to conduct a scan from off-site?The IP ranges are too large to scan efficiently.The IP addresses provided cannot be scanned.The IP ranges overlap and will cause scanning issues.The IP addresses provided are RFC 1918 addresses.
17 Mark's company has been notified that there is a flaw in their web application. The anonymous individual has notified them that they have two weeks to fix it before the details of the flaw are published along with example exploit code. What industry norm is the individual who contacted Mark's company violating?Zero-day reportingEthical disclosureEthical hackingThe (ISC)2 vulnerability disclosure ethics statementFor questions 18–20, please refer to the following scenario:The company that Jennifer works for has implemented a central logging infrastructure, as shown in the following image. Use this diagram and your knowledge of logging systems to answer the following questions.
18 Jennifer needs to ensure that all Windows systems provide identical logging information to the SIEM. How can she best ensure that all Windows desktops have the same log settings?Perform periodic configuration audits.Use Group Policy.Use Local Policy.Deploy a Windows syslog client.
19 During normal operations, Jennifer's team uses the SIEM appliance to monitor for exceptions received via syslog. What system shown does not natively have support for syslog events?Enterprise wireless access pointsWindows desktop systemsLinux web serversEnterprise firewall devices
20 What technology should an organization use for each of the devices shown in the diagram to ensure that logs can be time sequenced across the entire infrastructure?SyslogNTPLogsyncSNAP
21 During a penetration test, Michelle needs to identify systems, but she hasn't gained sufficient access on the system she is using to generate raw packets. What type of scan should she run to verify the most open services?A TCP connect scanA TCP SYN scanA UDP scanAn ICMP scan
22 During a port scan using nmap, Joseph discovers that a system shows two ports open that cause him immediate worry:21/open23/openWhat services are likely running on those ports?SSH and FTPFTP and TelnetSMTP and TelnetPOP3 and SMTP
23 Aaron wants to validate his compliance with PCI-DSS. His company is a large commercial organization with millions of dollars in transactions a year. What is the most common method of conducting this type of testing for large organizations?Self-assessmentTo conduct a thirty-party assessment using COBITTo partner with another company and trade assessments between the organizationsTo conduct a third-party assessment using a qualified security assessor
24 What method is commonly used to assess how well software testing covered the potential uses of an application?A test coverage analysisA source code reviewA fuzz analysisA code review report
25 Testing that is focused on functions that a system should not allow is an example of what type of testing?Use case testingManual testingMisuse case testingDynamic testing
26 What type of monitoring uses simulated traffic to a website to monitor performance?Log analysisSynthetic monitoringPassive monitoringSimulated transaction analysis
27 Derek wants to ensure that his organization tracks all changes to accounts through their lifecycle. What type of tool should he invest in for his organization?A directory service like LDAPAn IAM systemAn SIEMAn EDR system
28 Jim uses a tool that scans a system for available services and then connects to them to collect banner information to determine what version of the service is running. It then provides a report detailing what it gathers, basing results on service fingerprinting, banner information, and similar details it gathers combined with CVE information. What type of tool is Jim using?A port scannerA service validatorA vulnerability scannerA patch management tool
29 Emily builds a script that sends data to a web application that she is testing. Each time the script runs, it sends a series of transactions with data that fits the expected requirements of the web application to verify that it responds to typical customer behavior. What type of transactions is she using, and what type of test is this?Synthetic, passive monitoringSynthetic, use case testingActual, dynamic monitoringActual, fuzzing
30 What passive monitoring technique records all user interaction with an application or website to ensure quality and performance?Client/server testingReal user monitoringSynthetic user monitoringPassive user recording
31 Earlier this year, the information security team at Jim's employer identified a vulnerability in the web server that Jim is responsible for maintaining. He immediately applied the patch and is sure that it installed properly, but the vulnerability scanner has continued to incorrectly flag the system as vulnerable. To deal with the issue so that it does not continue to be flagged incorrectly?Uninstall and reinstall the patch.Ask the information security team to flag the system as patched and not vulnerable to that particular flaw.Update the version information in the web server's configuration.Review the vulnerability report and use alternate remediation options.
32 Angela wants to test a web browser's handling of unexpected data using an automated tool. What tool should she choose?NmapzzufNessusNikto
33 STRIDE, which stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege, is useful in what part of application threat modeling?Vulnerability assessmentMisuse case testingThreat categorizationPenetration test planning
34 Why should passive scanning be conducted in addition to implementing wireless security technologies like wireless intrusion detection systems?It can help identify rogue devices.It can test the security of the wireless network via scripted attacks.Their short dwell time on each wireless channel can allow them to capture more packets.They can help test wireless IDS or IPS systems.
35 Paul is reviewing the approval process for a penetration test and wants to ensure that it has appropriate management review. Who should he ensure has approved the request for a penetration test for a business system?The change advisory boardSenior managementThe systems administrator for the systemThe service owner
36 What term describes software testing that is intended to uncover new bugs introduced by patches or configuration changes?Nonregression testingEvolution testingSmoke testingRegression testing
37 Which