CISSP
Friday Simulated Exam - 100 questions
1. Configuration Management controls what?
a. Auditing
of changes to the Trusted Computing Base
b. Control
of changes to the Trusted Computing Base
c. Changes
in the configuration access to the Trusted Computing Base
d. Auditing
and controlling any changes to the Trusted Computer Base
2. If the computer system being used
contains confidential information, users must not:
a.
Leave their computer withour first logging off
b. Share
their desks
c. Encrypt
their passwords
d. Communicate
3. Which of the following is the most
reliable authentication device?
a. Variable
callback system
b. Smart
Card system
c. Fixed
callback system
d. Combination
of variable and fixed callback system
4. Which
of the following is responsible for ensuring that proper controls are in place
to control integrity, confidentiality, and availability of IT systems and data?
a. Business
and functional managers
b. IT
Security practitioners
c. System
and Information owners
d. Chief
information officer
5. Which tape format type is mostly used
for home/small office backups?
a. Quarter
Inch Cartridge drives (QIC)
b. Digital
Linear Tapes (DLT)
c. 8mm tape
d. Digital
Audio Tape (DAT)
6. In an organization, an Information
Technology security policy should:
a. Function
within the information systems function of an organization
b. Report
directly to a specialized business unit such as legal, corporate security or insurance.
c. Be
lead by a Chief Security Officer and report directly to the CEO
d. Be independent but report to the
Information Systems function
7. A critical application is one that MUST
a. Remain operational for the organization
to survive
b. Be
subject to continual program maintenance
c. Undergo
continual risk assessments
d. Be
constantly monitored by operations management
8. Valuable paper insurance coverage does
not cover damage to which of the following:
a. Inscribed,
printed and written documents
b. Manuscripts
c. Records
d. Cash
and securities
9. What is the window of time for recovery
of information processing capabilities based on?
a. Quality
of data to be processed
b. Criticality
of the operations affected
c. Nature
of the disaster
d. Applications
that are mainframe based
10. Cryptography does not concern itself
with:
a. Availability
b. Integrity
c. Confidentiality
d. Authenticity
11. Which
of the following computer crimes is more often associated with insider involvement?
a. IP
spoofing
b. Password
sniffing
c. Data
diddling
d. Denial
of Service (DOS)
12. What
is it called when a computer uses more than one CPU in parallel to execute instructions?
a. Multiprocessing
b. Multitasking
c. Multithreading
d. Parallel
running
13. A server farm is an example of:
a. Server
clustering
b. Redundant
servers
c. Multiple
servers
d. Server
fault tolerance
14. Which of the following statements
pertaining to block ciphers is incorrect?
a. It
operates on fixed-size blocks of plaintext
b. It's
more suitable for software than hardware encryption
c. Plain
text is encrypted with a public key and decrypted with a private key
d. Block
ciphers can be operated as a stream
15. Which of the following is a symmetric
encryption algorithm?
a. RSA
b. Elliptic
Curve
c. RC5
d. El
Gamal
16. How many bits is the effective length of
the key of the DES algorithm?
a. 32
b. 56
c. 64
d. 128
17. How many rounds are used by DES?
a. 16
b. 32
c. 48
d. 64
18. Secure Shell (SSH) and Secure Sockets
Layer (SSL) are heavily used to protect:
a. Ethernet Transactions
b. Internet
Transactions
c. Telnet Transactions
d. Electronic
banking transactions
19. Another name for a VPN is a:
a. One-time
password session
b. Pipeline
c. Bypass
d. Tunnel
20. A TCP SYN attack:
a. requires a synchronized effort by
multiple attackers
b. takes advantage of the way a TCP
session is established
c. may result in elevation of privileges
d. is not something system users would
notice
21. Which attack is typically used for
identifying the topology of the target network?
a. spoofing
b. brute force
c. scanning
d. teardrop
22. What is the first phase of a distributed
Denial of Service attack?
a. establishing a connection between the
handler and agent
b. disrupting the normal traffic to the
host
c. disabling the router so it cannot
filter traffic
d. compromising as many machines as
possible
23. Which of the following is the BEST way
to prevent software license violations?
a. implementing a corporate policy on
copyright infringement and software use
b. requiring that all PCs be diskless
workstations
c. installing metering software on the LAN
so apps can be accessed through
metered software
d. regularly scanning PCs to ensure that unaurhorized copies of software have not
been loaded on the PC
24. The ISC2 Code of Ethics does not include
which of the following behaviors for a CISSP?
a. moral
b. ethical
c. control
d. legal
25. Forensic imaging of a workstation is
initiated by:
a. booting the machine with the installed
operating system
b. booting the machine with an operating
system diskette
c. removing the hard drive to view the
output of the forensic imaging software
d. redirecting the output of the forensic
imaging software to another interface so the
original hard drive is not
modified
26. Why is there an exception are in a
policy?
a. Policy
isn't valid without it
b. Mgmt
has to deal with various issues that may require exceptions
c. All
of the above
d. None
of the above
27. In a discretionary mode, which of the following entities is authorized to grant access to
other people?
a. information owner
b. manager
c. security manager
d. all of the above
28. Which
a. C2
b. B1
c. B2
d. B3
29.
An
offsite backup facility intended to operate an information processing facility
having no computer or communications equipment, only providing flooring,
electrical wiring, air conditioning, etc. is better known as a:
a. hot site
b. warm site
c. cold site
d. duplicate processing facility
30. Valid choices for Access Control
techniques include all of the below except:
a. Relevant
Access Controls
b. Discretionary
Access Control
c. Mandatory
Access Control
d. Lattice
Based Access Control
31. Database views are NOT used to:
a. Implement
least privilege
b. Implement
content-dependent access restrictions
c. Implement
referential integrity
d. Implement
need-to-know security
32. Which of the following could illegally
capture network user passwords?
a. Data
diddling
b. Sniffing
c. Spoofing
d. Smurfing
33. What does the star integrity axiom mean
in the Biba model?
a. No
read up
b. No
write up
c. No
read down
d. No
write down
34. Related to information security,
confidentiality is the opposite of which?
a. closure
b. disclosure
c. disposal
d. disaster
35. What is the main concern of the Bell-LaPadula security model?
a. Accountability
b. Integrity
c. Confidentiality
d. Availability
36. Access control techniques do not
include:
a. Rule
based access controls
b. Role
based access controls
c. Mandatory
access controls
d. Random Number Based access controls
37. Which of the following biometrics
devices has the HIGHEST crossover error rate (CER)?
a. Iris
scan
b. Hand
geometry
c. Voice
pattern
d. Fingerprnts
38. Which of the following is MOST critical
characteristic of a biometrics system?
a. acceptability
b. accuracy
c. throughput
d. reliability
39. Which
of the following is not a recognized biometrics method to uniquely verify an individual's
identity?
a. skin scan
b. retina scan
c. iris scan
d. palm scan
40. Almost
all types of detection permit a system's sensitivity to be increased or
decreased during an inspection process.
To have a valid measure of system performance, we use the:
a. Crossover
Error Rate
b. False
Rejection Rate
c. False
Acceptance Rate
d. Type
III Error Count
41. Which of the following is true of
two-factor authentication?
a. It
uses the RSA algorithm on integers with large prime numbers
b. It
requires two measurements of hand geometry
c. It
does not use Single Sign On (SSO) technology
d. It
relies on two independent proofs of identity
42. What is Kerberos?
a. A
three headed dog from Egyptian mythology
b. A
trusted third party authentication protocol
c. A
security model
d. A
remote authentication dial in server
43. The primary service provided by Kerberos
is which of the following?
a. non-repudiation
b. confidentiality
c. authentication
d. authorization
44. What
is the access protection system called that limits connections by calling back
the number of a previously authorized location?
a. sendback
system
b. callback forward system
c. callback system
d. sendback
forward system
45. How are memory cards and smart cards
different?
a. Memory
cards normally hold more memory than smart cards
b. smart cards provide two-factor
authentication and memory cards don't
c. memory cards have no processing power
d. only smart cards can be used by ATMs
46. Which
of the following offers advantages such as the ability to use stronger
passwords, easier password administration, and faster resource access?
a. Smart
cards
b. Single
Sign On (SSO)
c. Kerberos
d. Public
Key Infrastructure (PKI)
47. Which
is a protocol used for carrying authentication, authorization, and accounting information
between a Network Access Server and a shared Authentication Server?
a. IPSec
b. RADIUS
c. L2TP
d. PPTP
48. What is called the act of a user
professing an identity to a system (usually a logon ID?)
a. Identification
b. Authentication
c. Integrity
d. Confidentiality
49. A password represents:
a. Something
you have
b. Something
you are
c. Something
you know
d. All
of the above
50. An automated means of identifying or
authenticating the person based on physiological or behavioral characteristics
is:
a. Micrometrics
b. Macrometrics
c. MicroBiometrics
d. Biometrics
51. In which situation would TEMPEST
technologies be most useful?
a. Where
high availability is vital
b. Where
the consequences of disclosure are very high
c. Where
countermeasures are easy to implement
d. Where
database integrity is crucial
52. Which of the following media is MOST
resistant to tapping?
a. Microwave
b. Twisted
pair
c. Coaxial
cable
d. Fiber
optic
53. Which of the following statements is
incorrect?
a. The
problem of protecting assets has been going on since the early days of
mankind
b. The
addition of a PIN keypad to the card reader was a solution to unreported lost
or stolen cards
c. There
has never been a problem with lost keys
d. Human
security guards are an inefficient and sometimes ineffective method of
protecting resources
54. Which of the following can be used to
protect your system against brute force attacks?
a. Password
clipping level that locks a users account
b. Decrease
the value of the password history
c. Employees
are required to request a password via a signed email
d. Increase
the value of the password age
55. Which of the following attacks focus on
cracking passwords?
a. SMURF
b. Spamming
c. Teardrop
d. Dictionary
56. What is known as a decoy system designed
to lure portential attackers away from actual
resources?
a. Honeypot
b. Vulnerability
Analysis System (VAS)
c. File
Integrity Checker
d. Padded
Cell Technology (PCT)
57. Under a Mandatory Access Control system,
which is true?
a. All
that is expressly permitted is forbidden
b. All
that is not expressly permitted is forbidden
c. All
that is not expressly permitted is not forbidden
d. None
of the above
58. Access controls that are not based on
policy are characterized as:
a. secret controls
b. mandatory controls
c. discretionary controls
d. corrective controls
59. By far, the largest security exposure in
application system development relates to:
a. maintenance and debugging hooks
b. deliberate compromise
c. change control
d. errors and lock of training
60. For what reason would a network
administrator leverage promiscuous mode?
a. to screen out all network errors that
affect network statistical information
b. to monitor the network and gain a
complete statistical picture of activities
c. to monitor only unauthorized activity
and use
d. to capture only unauthorized
internal/external communications
61. Which
of the following files should the security administrator be
restricted to read only access?
a. security parameters
b. user passwords
c. user profiles
d. system logs
62. At what temperature does damage start
occurring to magnetic media?
a. 100 degrees
b. 125 degrees
c. 150 degrees
d. 175 degrees
63. Removing unnecessary processes, segregating interprocess communications, and reducing execution privileges
to increase system security is commonly called:
a. hardening
b. segmenting
c. aggregating
d. kerneling
64. Which of the following RAID levels refers
to disk striping with parity?
a. RAID
0
b. RAID
1
c. RAID
5
d. RAID
10
65. Which
technology entails immediately transmitting copies of online transactions to another
computer facility for backup?
a. Archival
Storage Mgmt (ASM)
b. Electronic
vaulting
c. Hierarchical
storage mgmt (HSM)
d. Data
compression
66. The
backup method that makes a complete backup of every file on the server is also known
as:
a. full backup
b. incremental backup
c. differential backup
d. tape backup method
67. What
should a company do first when disposing of a personal computer that was used
to store confidential information?
a. overwrite all data on the hard drive
with zeroes
b. delete all data on the hard disk
c. demagnetize the hard disk
d. low level format the hard drive
68. Which of the following is not a good
response to a detected intrusion?
a. collect additional information about
the suspected attack
b. inject TCP reset packets into the
attacker's connection to the victim system
c. reconfigure routers and firewalls to
block packets from the attacker's IP
d. launch attacks or actively attempt to
gain information about the attacker's host
69. An IDS can detect an attack using which
of the following?
a. an event-based ID or a statistical
anomaly-based ID
b. a discrete anomaly-based ID or a
signature-based ID
c. a signature-based ID or a statistical
anomaly-based ID
d. a signature-based ID or an event-based
ID
70. You
are comparing host based IDS with a network based IDS. Which is an obvious disadvantage of a host
based IDS?
a. It
cannot analyze encrypted information
b. It
is costly to remove
c. It
is affected by switched networks
d. It
is costly to manage
71. Which of the following represents the
ALE calculation?
a. single loss expectancy x annualized
rate of occurence
b. gross loss expectancy x loss frequency
c. actual replacement cost - proceeds of
salvage
d. asset value x loss expectancy
72. Why
could anomaly detection based IDSs potentially generate a large number of false
positives?
a. because they can only identify attacks
they already know about
b. because they are application-based and
subject to error
c. because they can't identify abnormal
behavior
d. because normal patterns of user and
system behavior can vary wildly
73. Which of the following is used in
database information security to hide information?
a. inheritance
b. polyinstantiation
c. polymorphism
d. delegation
74. An
effective information security policy should not have which of the following characteristics?
a. include separation of duties
b. be designed with a short to mid-term
focus
c. be understandable and supported by all
stakeholders
d. specify the areas of responsibility and
authority
75. Which
of the following statements pertaining to secure information processing
facilities is incorrect?
a. walls should have an acceptable fire
rating
b. windows should be protected by bars
c. doors must resist forcible entry
d. location and type of fire suppression
systems should be known
76. Making sure that the data is accessible
when and where it is needed:
a. confidentiality
b. integrity
c. authorization
d. availability
77. Business continuity plan development
depends most on?
a. directives of senior management
b. scope and plan initiation
c. business impact analysis (BIA)
d. skills of BCP committee
78. A router is found on what layer of the
OSI model?
a. Network
b. Data
Link
c. Session
d. Transport
79. A hub is located on what layer of the
OSI model?
a. Network
b. Data
Link
c. Physical
d. Routing
80. Which of the following statements
pertaining to VPN protocol standards is false?
a. L2TP
is a combination of PPTP and L2F
b. L2TP
and PPTP were designed for single point-to-point client to server communication
c. L2TP
operates at the network layer
d. PPTP
uses native PPP authentication and encryption
81. The
guarantee that the message sent is the message received and that it hasn't been
altered is:
a. Integrity
b. Confidentiality
c. Availability
d. Non-repudiation
82. Which of the following is a preventative
control?
a. motion detectors
b. guard dogs
c. audit logs
d. intrusion detection systems
83. What cryptographic device uses a key
that is the same length as the message?
a. running key cipher
b. one-time pad
c. steganography
d. cipher block chaining
84. Prolonged high voltage is known as:
a. spike
b. blackout
c. surge
d. fault
85. What are three main characteristics of
the Reference Monitor?
a. confidentiality, availability and
integrity
b. policy, mechanism and assurance
c. isolation, layering and abstraction
d. isolation, completeness and
verifiability
86. A copyright protects:
a. The
trade secrets of a company
b. a person's private papers
c. an invention
d. an expression or an idea
87. When
an employer places login banners on all company computers notifying users of
the permitted use of company assets, this is called:
a. acceptable use policy
b. employee privacy law
c. employee regulation
d. user policy
88. Object(s)
deemed proprietary to a company that can be information that provides a competitive
edge:
a. trade secrets
b. copyrights
c. restricted information
d. information marked strictly private
89. What is the last step in the change
control process?
a. report change to management
b. test and implement the change
c. review and approve the change
d. validate and approve the change
90. Who is ultimately responsible for the
security of an organization?
a. management
b. senior / executive leadership
c. the chief security officer
d. employees
91. Procedure that requires two entities to
work together to complete a task.
a. rotation of duties
b. separation of duties
c. dual controls
d. enforced mandatory vacations
92. Which attack involves actions to mimic
one's identify?
a. brute force
b. exhaustive
c. social engineering
d. spoofing
93. Which layer of the OSI model is
responsible for encryption?
a. application
b. presentation
c. session
d. transport
94. Which OSI layer is responsible for
end-to-end communication between systems?
a. network
b. data link
c. transport
d. presentation
95. On which port is POP3 usually run?
a. 110
b. 125
c. 139
d. 143
96. On which port is SSL usually run?
a. 110
b. 25
c. 443
d. 1046
97. The
primary function of this protocol is to send messages between network devices regarding
the health of the network:
a. ICMP
b. RARP
c. ARP
d. IP
98. Which
of the following is an IP address that is private (reserved for private
networks and not a valid address on the internet)?
a. 192.166.42.5
b. 192.168.26.199
c. 168.192.33.101
d. 172.1.42.5
99. Which of the following is one of the
biggest concerns with firewall security?
a. internal hackers
b. complex configuration rules leading to misconfiguration
c. buffer overflows
d. distributed denial of service attacks
100. Which
of the following packets should NOT be dropped at a firewall protecting an organization's
internal network?
a. inbound packets with source routing
option set
b. router information exchange protocols
c. inbound packets with an internal source
IP address
d. outbound packets with an external
destination IP address