cissp.pdf

CISSP (Certified Information Systems Security Professional) Total Questions: 1,375 Last Updated: Aug 18, 2008 Document version: 8.27.11

http://www.techexams.ws/�

CISSP: Certified Information Systems Security Professional

© Copyright www.techeXams.ws 2008 Practice Exams, Printable, Audio Trainings, Study Guides

1

Thanks for purchasing techXams’ Study Guide, techXams’ CISSP study guide is a comprehensive compilation of questions and answers that have been developed by our team of certified professionals. In order to prepare for the actual exam, all you need is to study the content of this guide. An average of approximately 10 to 20 hours should be spent to study this guide and you will surely pass your exam. It’s our guarantee.

Disclaimer Neither this guide nor any material in this guide is sponsored, endorsed or affiliated with any of the respective vendor. All trademarks are properties of their respective owners.

Guarantee If you study this guide properly and still unable to pass the exam, please send us a scanned copy of your official score at: [email protected]. We will happily reimburse the cost of this study guide or send you an exchange of study guide of your choice free of cost.

Feedback If you find any possible improvement, then please do let us know. We are always interested in improving the quality of this product. Feedback can be send at: [email protected]

Copyright techXams holds the copyright of this material. techXams grants you a limited license to view and study this material, either for personal or commercial use. Unauthorized reproduction or distribution of this material, or any portion thereof, may result in severe civil and criminal penalties, and will be prosecuted to the maximum extent possible under law.

http://www.techexams.ws/exams/cissp.do�




2

Question: 1.

Ensuring the integrity of business information is the PRIMARY concern of

A. Encryption Security B. Procedural Security. C. Logical Security D. On-line Security

Explanation:

Procedures are looked at as the lowest level in the policy chain because they are closest to the computers and provide detailed steps for configuration and installation issues. They provide the steps to actually implement the statements in the policies, standards, and guidelines...Security procedures, standards, measures, practices, and policies cover a number of different subject areas. - Shon Harris All-in-one CISSP Certification Guide pg 44-45

Question: 2.

Which one of the following actions should be taken FIRST after a fire has been detected?

A. Turn off power to the computers B. Call the fire department C. Notify management D. Evacuate all personnel

Explanation:

Protection of life is of the utmost importance and should be dealt with first before looking to save material objects. Shon Harris All-in-one CISSP Certification Guide pg 625

Question: 3.

Which one of the following is the Open Systems Interconnection (OSI) protocol for message handling?

A. X.25 B. X.400 C. X.500 D. X.509

Answer: B

Answer: D




3

Explanation:

An ISO and ITU standard for addressing and transporting e-mail messages. It conforms to layer 7 of the OSI model and supports several types of transport mechanisms, including Ethernet, X.25, TCP/IP, and dial-up lines. - http://www.webopedia.com/TERM/X/X_400.html

Question: 4.

Which of the following is a weakness of both statistical anomaly detection and pattern matching?

A. Lack of ability to scale. B. Lack of learning model. C. Inability to run in real time. D. Requirement to monitor every event.

Explanation:

Disadvantages of Knowledge-based ID systems: This system is resources-intensive; the knowledge database continually needs maintenance and updates New, unique, or original attacks often go unnoticed. Disadvantages of Behavior-based ID systems: The system is characterized by high false alarm rates. High positives are the most common failure of ID systems and can create data noise that makes the system unusable. The activity and behavior of the users while in the networked system might not be static enough to effectively implement a behavior-based ID system. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 88

Question: 5.

Digital signature users register their public keys with a certification authority, which distributes a certificate containing the user's public key and digital signature of the certification authority. In create the certificate, the user's public key and the validity period are combined with what other information before computing the digital signature?

A. Certificate issuer and the Digital Signature Algorithm identifier B. User's private key and the identifier of the master key code C. Name of secure channel and the identifier of the protocol type D. Key authorization and identifier of key distribution center

Answer: B

Answer: B

CISSP Dem

o Exam




4

Explanation:

The key word is 'In create the certificate.." Certificates Certificates that conform to X.509 contain the following data: Version of X.509 to which the certificate conforms; Serial number (from the certificate creator); Signature algorithm identifier (specifies the technique used by the certificate authority to digitally sign the contends of the certificate); Issuer name (identification of the certificate authority that issues the certificate) Validity perido (specifies the dates and times - a starting date and time and an ending date and time - during which the certificate is valued); Subject's name (contains the distinguished name, or DN, of the entity that owns the public key contained in the certificate); Subject's public key (the meat of the certificate - the actual public key of the certificate owner used to setup secure communications) pg 343-344 CISSP Study Guide by title

Question: 6.

Why are macro viruses easy to write?

A. Active contents controls can make direct system calls B. The underlying language is simple and intuitive to apply. C. Only a few assembler instructions are needed to do damage. D. Office templates are fully API compliant.

Explanation:

Macro Languages enable programmers to edit, delete, and copy files. Because these languages are so easy to use, many more types of macro viruses are possible. - Shon Harris All-in-one CISSP Certification Guide pg 785

Question: 7.

Tracing violations, or attempted violations of system security to the user responsible is a function of

A. authentication B. access management C. integrity checking D. accountability

Answer: A

Answer: B

Answer: D

CISSP Dem

o Exam




5

Explanation:

Auditing capabilities ensure that users are accountable for their actions, verify that the security policies are enforced, worked as a deterrent to improper actions, and are used as investigation tools. - Shon Harris Allin- one CISSP Certification Guide pg 182

Question: 8.

Which one of the following is concerned with masking the frequency, length, and origin- destination patterns of the communications between protocol entities?

A. Masking analysis B. Protocol analysis C. Traffic analysis D. Pattern analysis

Explanation:

Traffic analysis, which is sometimes called trend analysis, is a technique employed by an intruder that involves analyzing data characteristics (message length, message frequency, and so forth) and the patterns of transmissions (rather than any knowledge of the actual information transmitted) to infer information that is useful to an intruder) . -Ronald Krutz The CISSP PREP Guide (gold edition) pg 323

Question: 9.

In which situation would TEMPEST risks and technologies be of MOST interest?

A. Where high availability is vital. B. Where the consequences of disclose are very high. C. Where countermeasures are easy to implement D. Where data base integrity is crucial

Answer: C

Answer: B

CISSP Dem

o Exam




6

Explanation:

Emanation eavesdropping. Receipt and display of information, which is resident on computers or terminals, through the interception of radio frequency (RF) signals generated by those computers or terminals. The U.S. government established a program called TEMPEST that addressed this problem by requiring a shielding and other emanation-reducing mechanisms to be employed on computers processing sensitive and classified government information. . -Ronald Krutz The CISSP PREP Guide (gold edition) pg 416

Question: 10.

In which state must a computer system operate to process input/output instructions?

A. User mode B. Stateful inspection C. Interprocess communication D. Supervisor mode

Explanation:

A computer is in a supervisory state when it is executing these privileged instructions. (privileged instructions are executed by the system administrator or by an individual who is authorized to use those instructions.) . -Ronald Krutz The CISSP PREP Guide (gold edition) pg 254-255

Question: 11.

All of the following are basic components of a security policy EXCEPT the

A. definition of the issue and statement of relevant terms. B. statement of roles and responsibilities C. statement of applicability and compliance requirements. D. statement of performance of characteristics and requirements.

Answer: D

Answer: D

CISSP Dem

o Exam




7

Explanation:

Policies are considered the first and highest level of documentation, from which the lower level elements of standards, procedures, and guidelines flow. This order, however, does not mean that policies are more important than the lower elements. These higher-level policies, which are the more general policies and statements, should be created first in the process for strategic reasons, and then the more tactical elements can follow. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 13

Question: 12.

What set of principles is the basis for information systems controls?

A. Authentication, audit trails, and awareness briefings B. Individual accountability, auditing, and separation of duties C. Need to know, identification, and authenticity D. Audit trails, limited tenure, and awareness briefings

Explanation:

“In addition to the CIA Triad, there is a plethora of other security-related concepts, principles, and tenants that should be considered and addressed when designing a security policy and deploying a security solution. This section discusses privacy, identification, authentication, authorization, accountability, nonrepudiation, and auditing.” Pg. 133 Tittel: CISSP Study Guide

Question: 13.

Why do vendors publish MD5 hash values when they provide software patches for their customers to download from the Internet?

A. Recipients can verify the software's integrity after downloading. B. Recipients can confirm the authenticity of the site from which they are downloading the patch. C. Recipients can request future updates to the software by using the assigned hash value. D. Recipients need the hash value to successfully activate the new software.

Answer: C

Answer: A

CISSP Dem

o Exam




8

Explanation:

If the two values are different, Maureen knows that the message was altered, either intentionally or unintentionally, and she discards the message...As stated in an earlier section, the goal of using a one-way hash function is to provide a fingerprint of the message. MD5 is the newer version of MD4. IT still produces a 128-bit hash, but the algorithm is a bit more complex to make it harder to break than MD4. The MD5 added a fourth round of operations to be performed during the hash functions and makes several of its mathematical operations carry steps or more complexity to provide a higher level of security . - Shon Harris All-in-one CISSP Certification Guide pg 182-185

Question: 14.

Which one of the following is NOT a requirement before a search warrant can be issued?

A. There is a probably cause that a crime has been committed. B. There is an expectation that evidence exists of the crime. C. There is probably cause to enter someone's home or business. D. There is a written document detailing the anticipated evidence.

Explanation:

"If a computer crime is suspected, it is important not to alert the suspect. A preliminary investigation should be conducted to determine weather a crime has been committed by examining the audit records and system logs, interviewing witnesses, and assessing the damage incurred....Search warrants are issued when there is a probable cause for the search and provide legal authorization to search a location for specific evidence." -Ronald Krutz The CISSP PREP Guide (gold edition) pg 436

Question: 15.

The Trusted Computer Security Evaluation Criteria (TBSEC) provides

A. a basis for assessing the effectiveness of security controls built into automatic data-processing system products B. a system analysis and penetration technique where specifications and document for the system are analyzed. C. a formal static transition model of computer security policy that describes a set of access Control rules. D. a means of restricting access to objects based on the identity of subjects and groups to which They belong.

Answer: D

CISSP Dem

o Exam




9

Explanation:

TBSEC provides guidelines to be used with evaluating a security product. The TBSEC guidelines address basic security functionality and allow evaluators to measure and rate the functionality of a system and how trustworthy it is. Functionality and assurance are combined and not separated, as in criteria developed later. TCSEC guidelines can be used for evaluating vendor products or by vendors to design necessary functionality into new products. CISSP Study Guide by Tittel pg. 413.

Question: 16.

Which factor is critical in all systems to protect data integrity?

A. Data classification B. Information ownership C. Change control D. System design

Explanation:

A Integrity is dependent on confidentiality, which relies on data classification. Also Biba integrity model relies on data classification. “There are numerous countermeasures to ensure confidentiality against possible threats. Theseinclude the use of encryption, network traffic padding, strict access control, rigorousauthentication procedures, data classification, and extensive personnel training.Confidentiality and integrity are dependent upon each other. Without object integrity, confidentiality cannon be maintained. Other concepts, conditions, and aspects of confidentiality include sensitivity, discretion, criticality, concealment, secrecy, privacy, seclusion, and isolation.” Pg 145 Tittel: CISSP Study Guide. “Biba Integrity Model Integrity is usually characterized by the three following goals: 1.) The data is protected from modification by unauthorized users.2.) The data is protected from unauthorized modification by authorized users. 3.) The data is internally and externally consistent; the data held in a database must balance internally and correspond to the external, real world situation.” Pg. 277 Krutz: The CISSP Prep Guide: Gold Edition.

Question: 17.

Audit trails based upon access and identification codes establish…

A. intrustion detection thresholds B. individual accontabbility C. audit review critera D. individual authentication

Answer: A

Answer: A

CISSP Dem

o Exam




10

Explanation:

Accountability is another facet of access control. Individuals on a system are responsible for their actions. This accountability property enables system activities to be traced to the proper individuals. Accountability is supported by audit trails that record events on the system and on the network. Audit trails can be used for intrusion detection and for the reconstruction of past events. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 65

Question: 18.

Which one of the following attacks is MOST effective against an Internet Protocol Security (IPSEC) based virtual private network (VPN)?

A. Brute force B. Man-in-the-middle C. Traffic analysis D. Replay

Explanation:

Active attacks find identities by being a man-in-the-middle or by replacing the responder in the negotiation. The attacker proceeds through the key negotiation with the attackee until the attackee has revealed its identity. In a well-designed system, the negotiation will fail after the attackee has revealed its identity because the attacker cannot spoof the identity of the originally-intended system. The attackee might then suspect that there was an attack because the other side failed before it gave its identity. Therefore, an active attack cannot be persistent because it would prevent all legitimate access to the desired IPsec system.

Answer: B

http://msgs.securepoint.com/cgi-bin/get/ipsec-0201/18.html

Answer: B

CISSP Dem

o Exam


cissp.pdf

Documents

Transcript of cissp.pdf