├── demo.gif ├── README.md ├── LICENSE ├── helpers.py ├── .gitignore ├── main.py ├── questengine.py └── bank └── cissp_questions.json /demo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/037g/cissp_test_sim/HEAD/demo.gif -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # cissp_test_sim 2 | A mock CISSP exam test simulator using aggregated questions from online sources. 3 | 4 | [Source of questions:] (https://drive.google.com/drive/folders/14gNd5oWmghD8hLuPZ7osdE1UQDeSfmu1?usp=sharing) 5 | 6 | ### Instructions 7 | 1. Make sure you have [python](https://www.python.org/) installed. 8 | 2. Clone this repo. 9 | 3. Cd into the folder and python3 main.py 10 | 4. You can add new questions to the bank, just make sure the questions and answers have the same "key" number in the dictionary. 11 |
12 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 Leo 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /helpers.py: -------------------------------------------------------------------------------- 1 | from os import system, name 2 | from questengine import QuestionEngine 3 | 4 | #Alias colos 5 | class bc: 6 | OKBLUE = '\033[94m' 7 | OKGREEN = '\033[92m' 8 | WARNING = '\033[93m' 9 | ENDC = '\033[0m' 10 | 11 | #Ask question 12 | def ask(question_num: int, questionset:QuestionEngine) -> str: 13 | """Ask user question from dataset""" 14 | 15 | question = questionset.getQuestion(question_num) 16 | answers = questionset.getAnswers(question_num) 17 | solution = questionset.getSolutionText(question_num) 18 | answertable = {} 19 | print("{}".format(question)) 20 | for key, val in answers.items(): 21 | for k, v in val.items(): 22 | print(" {}. {}".format(key, v)) 23 | answertable[key] = k 24 | 25 | reply = input("\n{}Your Answer: {}".format(bc.OKBLUE, bc.ENDC)) 26 | reply = reply.lower() 27 | if reply == "x": 28 | return "exit" 29 | elif questionset.compareSolution(question_num, answertable[reply]): 30 | return 'correct' 31 | else: 32 | return 'wrong' 33 | 34 | 35 | 36 | #Clear screen 37 | def clear() -> None: 38 | """Clear the screen""" 39 | if name == "posix": 40 | _ = system("clear") 41 | else: 42 | _ = system('cls') -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | # Created by https://www.gitignore.io/api/python 3 | # Edit at https://www.gitignore.io/?templates=python 4 | 5 | ### Python ### 6 | # Byte-compiled / optimized / DLL files 7 | __pycache__/ 8 | *.py[cod] 9 | *$py.class 10 | 11 | # C extensions 12 | *.so 13 | 14 | # Distribution / packaging 15 | .Python 16 | build/ 17 | develop-eggs/ 18 | dist/ 19 | downloads/ 20 | eggs/ 21 | .eggs/ 22 | lib/ 23 | lib64/ 24 | parts/ 25 | sdist/ 26 | var/ 27 | wheels/ 28 | pip-wheel-metadata/ 29 | share/python-wheels/ 30 | *.egg-info/ 31 | .installed.cfg 32 | *.egg 33 | MANIFEST 34 | 35 | # PyInstaller 36 | # Usually these files are written by a python script from a template 37 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 38 | *.manifest 39 | *.spec 40 | 41 | # Installer logs 42 | pip-log.txt 43 | pip-delete-this-directory.txt 44 | 45 | # Unit test / coverage reports 46 | htmlcov/ 47 | .tox/ 48 | .nox/ 49 | .coverage 50 | .coverage.* 51 | .cache 52 | nosetests.xml 53 | coverage.xml 54 | *.cover 55 | .hypothesis/ 56 | .pytest_cache/ 57 | 58 | # Translations 59 | *.mo 60 | *.pot 61 | 62 | # Scrapy stuff: 63 | .scrapy 64 | 65 | # Sphinx documentation 66 | docs/_build/ 67 | 68 | # PyBuilder 69 | target/ 70 | 71 | # pyenv 72 | .python-version 73 | 74 | # pipenv 75 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 76 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 77 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 78 | # install all needed dependencies. 79 | #Pipfile.lock 80 | 81 | # celery beat schedule file 82 | celerybeat-schedule 83 | 84 | # SageMath parsed files 85 | *.sage.py 86 | 87 | # Spyder project settings 88 | .spyderproject 89 | .spyproject 90 | 91 | # Rope project settings 92 | .ropeproject 93 | 94 | # Mr Developer 95 | .mr.developer.cfg 96 | .project 97 | .pydevproject 98 | 99 | # kdocs documentation 100 | /site 101 | 102 | # mypy 103 | .mypy_cache/ 104 | .dmypy.json 105 | dmypy.json 106 | 107 | # Pyre type checker 108 | .pyre/ 109 | 110 | # End of https://www.gitignore.io/api/python 111 | -------------------------------------------------------------------------------- /main.py: -------------------------------------------------------------------------------- 1 | ################################################ 2 | # Simple test simulator. 3 | # See README and LICENSE 4 | ################################################ 5 | from questengine import QuestionEngine 6 | from helpers import bc, ask, clear 7 | 8 | # Main 9 | if __name__ == "__main__": 10 | qe = QuestionEngine() 11 | qc = 0 12 | 13 | clear() 14 | while True: 15 | qc = input("How many questions do you want to practice? 1-{} (X to exit): \n" 16 | .format(qe.totalQuestions)) 17 | if qc == "x" or qc == "X": 18 | exit() 19 | elif qc.isdigit() and (int(qc) > 0 20 | and int(qc) <= qe.totalQuestions): 21 | break 22 | else: 23 | clear() 24 | 25 | i = 0 26 | is_done = False 27 | result = None 28 | while True: 29 | try: 30 | qn = i + 1 31 | clear() 32 | print("Question {} of {} (X to exit)\n".format(qn, qc)) 33 | 34 | result = ask(i, qe) 35 | if result == 'correct': 36 | print("\n{}Correct!!! The Answer is: {}\n\n{}".format(bc.OKGREEN, qe.getSolutionText(i), bc.ENDC)) 37 | qe.correct += 1 38 | i += 1 39 | elif result == 'wrong': 40 | print("\n{} Wrong!!! The correct Answer is: {}{}\n\n{}".format(bc.WARNING, 41 | bc.OKGREEN, qe.getSolutionText(i), bc.ENDC)) 42 | qe.incorrect += 1 43 | i += 1 44 | elif result == "exit": 45 | qn = qc 46 | 47 | if int(qn) == int(qc): 48 | raise Exception() 49 | else: 50 | input("Press ENTER to continue...") 51 | 52 | except Exception as e: 53 | if int(qn) == int(qc): 54 | input("Press ENTER to view results...") 55 | break 56 | else: 57 | pass 58 | 59 | clear() 60 | answered = qe.correct + qe.incorrect 61 | right = qe.correct 62 | wrong = qe.incorrect 63 | if answered == 0: 64 | righta = "0.0" 65 | wronga = "0.0" 66 | else: 67 | righta = int(right) / int(answered) * 100 68 | wronga = wrong / int(answered) * 100 69 | rightq = int(right) / int(qc) * 100 70 | wrongq = wrong / int(qc) * 100 71 | skipq = int(qc) - int(answered) 72 | print("Results:") 73 | print("Questions answered: {} of {}\n".format(answered, qc)) 74 | 75 | print("Scores from questions answered:") 76 | print("{}# Right: {} {}% {}".format( 77 | bc.OKGREEN, str(right), righta, bc.ENDC)) 78 | print("{}# Wrong: {} {}% \n{}".format( 79 | bc.WARNING, str(wrong), wronga, bc.ENDC)) 80 | 81 | print("Scores from total questions") 82 | print("{}# Right: {} {}% {}".format( 83 | bc.OKGREEN, str(right), rightq, bc.ENDC)) 84 | print("{}# Wrong: {} {}% {}".format( 85 | bc.WARNING, str(wrong), wrongq, bc.ENDC)) 86 | print("{}# Skipped: {}\n{}".format(bc.WARNING, skipq, bc.ENDC)) 87 | -------------------------------------------------------------------------------- /questengine.py: -------------------------------------------------------------------------------- 1 | import json 2 | import random 3 | from pathlib import Path 4 | 5 | 6 | class QuestionEngine: 7 | 8 | def __init__(self, jsonfile: str = 'bank/cissp_questions.json', 9 | questionisrandom: bool = True, 10 | answerisalpha: bool = True, 11 | answerisrandom: bool = True): 12 | """Use JSON files to make exams""" 13 | 14 | self._jsonFile = jsonfile 15 | self._questionIsRandom = questionisrandom 16 | self._answerIsAlpha = answerisalpha 17 | self._answerIsRandom = answerisrandom 18 | self._jsonData = self.__loadJsonFile() 19 | 20 | self.correct = 0 21 | self.incorrect = 0 22 | self.totalQuestions = len(self._jsonData['questions']) 23 | self.questionSet = self.__complieQuestions() 24 | 25 | def __loadJsonFile(self) -> dict: 26 | """Load the json question file""" 27 | 28 | jsonDataFile = Path(self._jsonFile) 29 | with open(jsonDataFile) as f: 30 | self._jsonData = json.load(f) 31 | f.close() 32 | 33 | return self._jsonData 34 | 35 | def __complieQuestions(self) -> dict: 36 | """Create dictionary of questions and question number""" 37 | 38 | if self._questionIsRandom: 39 | questions = random.sample(range(0, self.totalQuestions), 40 | self.totalQuestions) 41 | else: 42 | questions = list(range(0, self.totalQuestions)) 43 | 44 | questionSet = {} 45 | currentAnswers = {} 46 | for itr, question in enumerate(questions): 47 | answers = self._jsonData['questions'][question]['answers'] 48 | questionSection = self._jsonData['questions'][question] 49 | answerKeys = '123456789' 50 | if self._answerIsAlpha: 51 | answerKeys = 'abcdefghi' 52 | 53 | answerValues = list(answers.keys()) 54 | if self._answerIsRandom: 55 | random.shuffle(answerValues) 56 | 57 | currentAnswers = {} 58 | for answer in range(len(answerKeys)): 59 | if answer >= len(answerValues): 60 | break 61 | else: 62 | currentAnswers.update({answerKeys[answer]: { 63 | answerValues[answer]: answers[answerValues[answer]]}}) 64 | 65 | questionSet[itr] = ({'question': questionSection['question'], 66 | 'answers': currentAnswers, 67 | 'solution': questionSection['solution'], 68 | 'explanation': questionSection['explanation']}) 69 | 70 | return questionSet 71 | 72 | def getQuestion(self, questionnumber: int) -> str: 73 | """Return question from compiled questions""" 74 | 75 | return self.questionSet[questionnumber]['question'] 76 | 77 | def getAnswers(self, questionnumber: int) -> dict: 78 | """Return dictionary with answers for given question""" 79 | 80 | return self.questionSet[questionnumber]['answers'] 81 | 82 | def getExplanation(self, questionnumber: int) -> str: 83 | """Return solution for given question""" 84 | 85 | return self.questionSet[questionnumber]['explanation'] 86 | 87 | def getSolutionText(self, questionnumber: int) -> str: 88 | """Return solution for given question""" 89 | 90 | solution = self.questionSet[questionnumber]['solution'] 91 | answers = self.questionSet[questionnumber]['answers'] 92 | solutiontext = "" 93 | for key, value in answers.items(): 94 | for k, v in value.items(): 95 | if solution == k: 96 | solutiontext = v 97 | 98 | return solutiontext 99 | 100 | def compareSolution(self, questionnumber: int, answerguess: int) -> bool: 101 | """Compare value to solution""" 102 | 103 | if answerguess == self.questionSet[questionnumber]['solution']: 104 | return True 105 | else: 106 | return False 107 | -------------------------------------------------------------------------------- /bank/cissp_questions.json: -------------------------------------------------------------------------------- 1 | { 2 | "questions": [ 3 | { 4 | "question": "What is a passive measure that can be used to detect hacker attacks?", 5 | "answers": { 6 | "1": "Event logging", 7 | "2": "Firewall reconfiguration", 8 | "3": "Connection termination", 9 | "4": "Process termination" 10 | }, 11 | "solution": "1", 12 | "explanation": null 13 | }, 14 | { 15 | "question": "What is another term for technical controls?", 16 | "answers": { 17 | "1": "Logical controls", 18 | "2": "Access controls", 19 | "3": "Detective controls", 20 | "4": "Preventative controls" 21 | }, 22 | "solution": "1", 23 | "explanation": null 24 | }, 25 | { 26 | "question": "Which tool is an intrusion detection system (IDS)?", 27 | "answers": { 28 | "1": "Snort", 29 | "2": "Nessus", 30 | "3": "Tripwire", 31 | "4": "Ethereal" 32 | }, 33 | "solution": "1", 34 | "explanation": null 35 | }, 36 | { 37 | "question": "Which authentication method checks the identity of both ends of the connection?", 38 | "answers": { 39 | "1": "Biometric authentication", 40 | "2": "Mutual authentication", 41 | "3": "CHAP authentication", 42 | "4": "RADIUS authentication" 43 | }, 44 | "solution": "2", 45 | "explanation": null 46 | }, 47 | { 48 | "question": "Which methodology is used to analyze operating system exploitable weaknesses in a penetration testing project?", 49 | "answers": { 50 | "1": "Flaw hypothesis methodology", 51 | "2": "Operating system fingerprint methodology", 52 | "3": "Open Web application security Project methodology", 53 | "4": "Vulnerability assessment and recovery methodology" 54 | }, 55 | "solution": "1", 56 | "explanation": null 57 | }, 58 | { 59 | "question": "Which protocol grants TGTs?", 60 | "answers": { 61 | "1": "ARP", 62 | "2": "Kerberos", 63 | "3": "L2TP", 64 | "4": "Telnet" 65 | }, 66 | "solution": "2", 67 | "explanation": null 68 | }, 69 | { 70 | "question": "You have implemented a biometric system that analyzes signature dynamics. This biometric system is an example of which biometric category?", 71 | "answers": { 72 | "1": "Physiological", 73 | "2": "Psychological", 74 | "3": "Behavioral", 75 | "4": "Biological" 76 | }, 77 | "solution": "3", 78 | "explanation": null 79 | }, 80 | { 81 | "question": "You have been given several suggestions for implementing the principle of least privilege. What is the best implementation of this principle?", 82 | "answers": { 83 | "1": "Complete administrative tasks at a computer that functions only as a server", 84 | "2": "Issue the Run As command to execute administrative tasks during a regular user session", 85 | "3": "Ensure that all services use the main administrative account execute their processes", 86 | "4": "Issue a single account to each user regardless of his job function" 87 | }, 88 | "solution": "2", 89 | "explanation": null 90 | }, 91 | { 92 | "question": "Users access your network using smart cards. Recently hackers have uncovered the encryption key of a smartcard using reverse engineering. Which smart card attack was used?", 93 | "answers": { 94 | "1": "Micro probing", 95 | "2": "Software attack", 96 | "3": "Fault generation", 97 | "4": "Side-channel attack" 98 | }, 99 | "solution": "3", 100 | "explanation": null 101 | }, 102 | { 103 | "question": "What is an example of a brute force attack?", 104 | "answers": { 105 | "1": "Sending multiple ICMP messages to a Web server", 106 | "2": "Searching through a company's trash", 107 | "3": "Using a program to guess passwords from a SAM file", 108 | "4": "Gathering packets from a network connection" 109 | }, 110 | "solution": "3", 111 | "explanation": null 112 | }, 113 | { 114 | "question": "You have been asked to deploy a biometric system to protect your company's data center. Management is concerned that errors in the system will prevent users from accepting the system. Management stipulates that you must deploy the system with the lowest crossover error rate (CER). Identify one of the terms used in biometrics to determine CER?", 115 | "answers": { 116 | "1": "ACL", 117 | "2": "EAR", 118 | "3": "ERR", 119 | "4": "FAR" 120 | }, 121 | "solution": "4", 122 | "explanation": null 123 | }, 124 | { 125 | "question": "Which password type is usually the easiest to remember?", 126 | "answers": { 127 | "1": "Pass phrase", 128 | "2": " Static password", 129 | "3": "Dynamic password", 130 | "4": "Software generated password" 131 | }, 132 | "solution": "1", 133 | "explanation": null 134 | }, 135 | { 136 | "question": "Management of your company has recently become increasingly concerned with security. You have been asked to provide examples of controls that will help to prevent security breaches. Which control is an example of this?", 137 | "answers": { 138 | "1": "Backups", 139 | "2": "Audit logs", 140 | "3": "Job rotation", 141 | "4": "Security policy" 142 | }, 143 | "solution": "4", 144 | "explanation": null 145 | }, 146 | { 147 | "question": "Which type of IPS monitoring requires that updates be regularly installed to ensure effectiveness?", 148 | "answers": { 149 | "1": "Network-based", 150 | "2": "Anomaly-based", 151 | "3": "Behavior-based", 152 | "4": "Signature-based" 153 | }, 154 | "solution": "4", 155 | "explanation": null 156 | }, 157 | { 158 | "question": "Who is responsible for ensuring data integrity and security for an organization?", 159 | "answers": { 160 | "1": "Data owner", 161 | "2": "Data custodian", 162 | "3": "Security analyst", 163 | "4": "Security administrator" 164 | }, 165 | "solution": "2", 166 | "explanation": null 167 | }, 168 | { 169 | "question": "Which security principle identifies sensitive data and ensures that unauthorized entities cannot access it?", 170 | "answers": { 171 | "1": "Availability", 172 | "2": "Confidentiality", 173 | "3": "Integrity", 174 | "4": " Authentication" 175 | }, 176 | "solution": "2", 177 | "explanation": null 178 | }, 179 | { 180 | "question": "As a system administrator you decide to implement audit trails to ensure that users are not violating policy during operation. What are you trying to determine?", 181 | "answers": { 182 | "1": "Identification", 183 | "2": "Authorization", 184 | "3": "Accountability", 185 | "4": "Authentication" 186 | }, 187 | "solution": "3", 188 | "explanation": null 189 | }, 190 | { 191 | "question": "You are designing the access control for your organization's network. You need to ensure that access to network resources is restricted. Which criteria can be used to do this?", 192 | "answers": { 193 | "1": "Roles", 194 | "2": "Groups", 195 | "3": "Location", 196 | "4": "Time of day", 197 | "5": "Transaction type", 198 | "6": "all of the above choices", 199 | "7": "none of the choices" 200 | }, 201 | "solution": "6", 202 | "explanation": null 203 | }, 204 | { 205 | "question": "Which type of intrusion prevention system (IPS) watches for intrusions that match a known identity?", 206 | "answers": { 207 | "1": "Network-based", 208 | "2": "Anomaly-based", 209 | "3": "Behavior-based", 210 | "4": "Signature based" 211 | }, 212 | "solution": "4", 213 | "explanation": null 214 | }, 215 | { 216 | "question": "Management has requested that active directory be implemented on your network. What is the function of this service?", 217 | "answers": { 218 | "1": "It is the directory service used on a Unix network", 219 | "2": "It is the authentication service used on a Unix network", 220 | "3": "It is the directory service used on a Windows server network", 221 | "4": "It is the authentication service used on a Windows server network" 222 | }, 223 | "solution": "3", 224 | "explanation": null 225 | }, 226 | { 227 | "question": "Under MAC which entity would exist as an object?", 228 | "answers": { 229 | "1": "A file", 230 | "2": "A user", 231 | "3": "A group", 232 | "4": "A permission" 233 | }, 234 | "solution": "1", 235 | "explanation": null 236 | }, 237 | { 238 | "question": "What is the most important entity in a mandatory access control (MAC) environment?", 239 | "answers": { 240 | "1": "Security label", 241 | "2": "Role-based controls", 242 | "3": "Access control lists (ACLs)", 243 | "4": "Owner determined controls" 244 | }, 245 | "solution": "1", 246 | "explanation": null 247 | }, 248 | { 249 | "question": "Because of the value of your company's data your company has asked you to ensure data availability. You want to implement the techniques that can help to ensure data availability. Which mechanism should you implement?", 250 | "answers": { 251 | "1": "Auditing techniques", 252 | "2": "Data recovery techniques", 253 | "3": "Authentication techniques", 254 | "4": "Access control techniques" 255 | }, 256 | "solution": "2", 257 | "explanation": null 258 | }, 259 | { 260 | "question": "Your organization uses a relational database to store customer contact information. You need to modify the schema of the relational database. Which component identifies this information?", 261 | "answers": { 262 | "1": "Query language (QL)", 263 | "2": "Data control language (DCL)", 264 | "3": "Data definition language (DDL)", 265 | "4": "Data manipulation language (DML)" 266 | }, 267 | "solution": "3", 268 | "explanation": null 269 | }, 270 | { 271 | "question": "You need to ensure that data types and rules are enforced in the database. Which type of integrity should be enforced?", 272 | "answers": { 273 | "1": "Entity integrity", 274 | "2": "Referential integrity", 275 | "3": "Semantic integrity", 276 | "4": "Cell suppression" 277 | }, 278 | "solution": "3", 279 | "explanation": null 280 | }, 281 | { 282 | "question": "Which type of malicious code is wrapped inside an otherwise benign program when the program is written?", 283 | "answers": { 284 | "1": "A Trojan horse", 285 | "2": "A virus", 286 | "3": "Aworm", 287 | "4": "A logic bomb" 288 | }, 289 | "solution": "1", 290 | "explanation": null 291 | }, 292 | { 293 | "question": "Which pair of processes should be separated from each other to manage the stability of the test environment?", 294 | "answers": { 295 | "1": "Testing and validity", 296 | "2": "Validity and security", 297 | "3": "Testing and development", 298 | "4": "Validity and production" 299 | }, 300 | "solution": "3", 301 | "explanation": null 302 | }, 303 | { 304 | "question": "Which statement correctly defines the capability maturity model in the context of software development?", 305 | "answers": { 306 | "1": "It is a formal model based on the capacity of an organization to cater to projects", 307 | "2": "It is a model based on conducting reviews and documenting the reviews in each phase of the software development cycle", 308 | "3": "It is a model that describes the principles procedures and practices that should be followed by a developer in the software development cycle", 309 | "4": "It is a model based on analyzing the risk and building prototypes and simulations during the various phases of the software development cycle" 310 | }, 311 | "solution": "3", 312 | "explanation": null 313 | }, 314 | { 315 | "question": "An organization's web site includes several Java applets. The Java applets include a security feature that limits the applet's access to certain areas of the web user's system. How does it do this?", 316 | "answers": { 317 | "1": "By using sandboxes", 318 | "2": "By using object codes", 319 | "3": "By using macro languages", 320 | "4": "By using digital and trusted certificates" 321 | }, 322 | "solution": "1", 323 | "explanation": null 324 | }, 325 | { 326 | "question": "Which malicious software relies upon other applications to execute and infect the system?", 327 | "answers": { 328 | "1": "A virus", 329 | "2": "Aworm", 330 | "3": "A logic bomb", 331 | "4": "A Trojan horse" 332 | }, 333 | "solution": "1", 334 | "explanation": null 335 | }, 336 | { 337 | "question": "Which program translates one line of a code at a time instead of an entire section of a code?", 338 | "answers": { 339 | "1": "A compiler", 340 | "2": "An interpreter", 341 | "3": "An assembler", 342 | "4": "An abstractor" 343 | }, 344 | "solution": "2", 345 | "explanation": null 346 | }, 347 | { 348 | "question": "You need to view windows events that are generated based on your auditing settings. Which log in event viewer should you view?", 349 | "answers": { 350 | "1": "Application", 351 | "2": "Security", 352 | "3": "System", 353 | "4": "DNS" 354 | }, 355 | "solution": "2", 356 | "explanation": null 357 | }, 358 | { 359 | "question": "Which function is provided by remote procedure call (RPC)?", 360 | "answers": { 361 | "1": "It identifies components within a distributed computing environment (DCE)", 362 | "2": "It provides code that can be transmitted across a network and executed remotely", 363 | "3": "It provides an integrated file system that all users in the distributed environment can share", 364 | "4": "It allows the execution of individual routines on remote computers across a network" 365 | }, 366 | "solution": "4", 367 | "explanation": null 368 | }, 369 | { 370 | "question": "Your company has an online transaction processing (OLTP) environment for customers. Management is concerned with the atomicity of the OL TP environment in its 24/7 environment. Which statement correctly defines management's concern?", 371 | "answers": { 372 | "1": "Transactions occur in isolation and do not interact with other transactions until the transaction is over", 373 | "2": "Only complete transactions take place. If any part of the transaction fails the changes made to a database are rolled back", 374 | "3": "The changes are committed only if the transaction is verified on all systems and the database cannot be rolled back after committing the changes", 375 | "4": "Transactions are consistent throughout the different databases" 376 | }, 377 | "solution": "2", 378 | "explanation": null 379 | }, 380 | { 381 | "question": "Which statement correctly defines assurance procedures?", 382 | "answers": { 383 | "1": "Assurance procedures determine the modularity of the product", 384 | "2": "Assurance procedures focus on the throughput and the performance of the system", 385 | "3": "Assurance procedures focus on the applicability of the standard operating procedures", 386 | "4": "Assurance procedures ensure that the control mechanisms implement the security policy of an information system" 387 | }, 388 | "solution": "4", 389 | "explanation": null 390 | }, 391 | { 392 | "question": "As a security administrator you have recently learned of an issue with the webbased administrative interface on your Web server. You want to provide a countermeasure to prevent attacks via the administrative interface. All of the following are countermeasures to use in this scenario EXCEPT:", 393 | "answers": { 394 | "1": "Remove the administrative interfaces from the Web server", 395 | "2": "Use a stronger authentication technique on the Web server", 396 | "3": "Control which systems are allowed to connect to and administer the Web server", 397 | "4": "Hardcode the authentication credentials into the administrative interface links" 398 | }, 399 | "solution": "4", 400 | "explanation": null 401 | }, 402 | { 403 | "question": "Which statement is true of network address hijacking?", 404 | "answers": { 405 | "1": "It is used for identifying the topology of the target network", 406 | "2": "It uses ICMP messages to identify the systems and services that are up and running", 407 | "3": "It allows the attacker to reroute data traffic from a network device to a personal computer", 408 | "4": "It involves flooding the target system with malformed fragmented packets to disrupt operations" 409 | }, 410 | "solution": "3", 411 | "explanation": null 412 | }, 413 | { 414 | "question": "Which statement correctly describes Bind variables in structured query language (SQL)?", 415 | "answers": { 416 | "1": "Bind variables implement database security", 417 | "2": "Bind variables are used to normalize a database", 418 | "3": "Bind variables are used to replace values in SQL commands", 419 | "4": "Bind variables are used to enhance the performance of the database" 420 | }, 421 | "solution": "4", 422 | "explanation": null 423 | }, 424 | { 425 | "question": "What is the BEST method to avoid buffer overflows?", 426 | "answers": { 427 | "1": "Run an audit trail", 428 | "2": "Perform a check digit", 429 | "3": "Perform a reasonable check", 430 | "4": "Develop a well-written program" 431 | }, 432 | "solution": "4", 433 | "explanation": null 434 | }, 435 | { 436 | "question": "Management is concerned that attackers will attempt to access information in the database. They have asked you to implement database protection using bogus data in hopes that the bogus data will mislead attackers. Which technique is being requested?", 437 | "answers": { 438 | "1": "Partitioning", 439 | "2": "Cell suppression", 440 | "3": "Trusted front end", 441 | "4": "Noise and perturbation" 442 | }, 443 | "solution": "4", 444 | "explanation": null 445 | }, 446 | { 447 | "question": "Which spyware technique inserts a dynamic link library into a running process's memory?", 448 | "answers": { 449 | "1": "SMTP open relay", 450 | "2": "DLL injection", 451 | "3": "Buffer overflow", 452 | "4": "Cookies" 453 | }, 454 | "solution": "2", 455 | "explanation": null 456 | }, 457 | { 458 | "question": "Which statement correctly defines spamming attacks?", 459 | "answers": { 460 | "1": "Repeatedly sending e-mails", 461 | "2": "Using ICMP oversized echo messages to flood the target computer", 462 | "3": "Sending spoofed packets with the same source and destination address", 463 | "4": "Sending multiple spoofed packets with the SYN flag set to the target host of an open port" 464 | }, 465 | "solution": "1", 466 | "explanation": null 467 | }, 468 | { 469 | "question": "Which option is NOT a reason to update the business continuity plan?", 470 | "answers": { 471 | "1": "Budgetchanges", 472 | "2": "Personnelchanges", 473 | "3": "Infrastructure changes", 474 | "4": "Organizational changes" 475 | }, 476 | "solution": "1", 477 | "explanation": null 478 | }, 479 | { 480 | "question": "Which entity is an example of a corrective control?", 481 | "answers": { 482 | "1": "Audit trails", 483 | "2": "RAID", 484 | "3": "Separation of duties", 485 | "4": "Business continuity planning" 486 | }, 487 | "solution": "4", 488 | "explanation": null 489 | }, 490 | { 491 | "question": "Which business continuity plan (BCP) element exists to alleviate the risk of certain threats by providing monetary compensation in the event those threats occur?", 492 | "answers": { 493 | "1": "Insurance", 494 | "2": "Business impact analysis (BIA)", 495 | "3": "Reciprocal agreement", 496 | "4": "Continuity of operations plan (COOP)" 497 | }, 498 | "solution": "1", 499 | "explanation": null 500 | }, 501 | { 502 | "question": "Which site is usually maintained within the company and requires no contract with an offsite vendor?", 503 | "answers": { 504 | "1": "Redundant site", 505 | "2": "Hot site", 506 | "3": "Warm site", 507 | "4": "Cold site" 508 | }, 509 | "solution": "1", 510 | "explanation": null 511 | }, 512 | { 513 | "question": "The business continuity committee has developed the business impact analysis (BIA) identified the preventative controls that can be implemented and develop the recovery strategies. Next the committee should develop a contingency plan. All of the following teams should be included in this plan's development to aid in the execution of the final plan except?", 514 | "answers": { 515 | "1": "Restoration team", 516 | "2": "Damage assessment team", 517 | "3": "Salvage team", 518 | "4": "Risk management team" 519 | }, 520 | "solution": "4", 521 | "explanation": null 522 | }, 523 | { 524 | "question": "Which alternate disaster recovery facility is the easiest to test?", 525 | "answers": { 526 | "1": "Hot site", 527 | "2": "Warm site", 528 | "3": "Cold site", 529 | "4": "Reciprocal agreement site" 530 | }, 531 | "solution": "1", 532 | "explanation": null 533 | }, 534 | { 535 | "question": "What is covered by the last step of a business continuity plan?", 536 | "answers": { 537 | "1": "Testing the plan", 538 | "2": "Analyzing risks", 539 | "3": "Updating the plan", 540 | "4": "Training personnel" 541 | }, 542 | "solution": "3", 543 | "explanation": null 544 | }, 545 | { 546 | "question": "What occurs during the reconstitution phases of a recovery?", 547 | "answers": { 548 | "1": "An organization transitions to a temporary alternate site", 549 | "2": "An organization implements the recovery strategy", 550 | "3": "An organization ensures that it's facility is fully restored at the alternate site", 551 | "4": "An organization transitions back to its original site" 552 | }, 553 | "solution": "4", 554 | "explanation": null 555 | }, 556 | { 557 | "question": "Which plan ensures that a vital corporate position is filled in the event it is vacated during a disaster?", 558 | "answers": { 559 | "1": "Occupant emergency plan (OEP)", 560 | "2": "Continuity of operations plan (COOP)", 561 | "3": "Succession plan", 562 | "4": "Reciprocal agreement" 563 | }, 564 | "solution": "3", 565 | "explanation": null 566 | }, 567 | { 568 | "question": "What is the primary consideration when choosing an alternate computing facility?", 569 | "answers": { 570 | "1": "Cost", 571 | "2": "Location", 572 | "3": "Amount of time facility needed", 573 | "4": "Resources available" 574 | }, 575 | "solution": "2", 576 | "explanation": null 577 | }, 578 | { 579 | "question": "While completing the business impact analysis the committee discovers that a human resources application relies on the following two servers: 1) a human resources server managed by the human resources Department and 2) a database server managed by the IT department. What is this an example of?", 580 | "answers": { 581 | "1": "A preventative control", 582 | "2": "A reciprocal agreement", 583 | "3": "An interdependency", 584 | "4": "A backup strategy" 585 | }, 586 | "solution": "3", 587 | "explanation": null 588 | }, 589 | { 590 | "question": "Your organization has just expanded its network to include another floor of the building where your offices are located. You have been asked to ensure that the new floor is included in the business continuity plan. What should you do?", 591 | "answers": { 592 | "1": "Complete a structured walk-through test", 593 | "2": "Complete a simulation tests", 594 | "3": "Complete a parallel test", 595 | "4": "Update the business continuity plan to include the new floor and its functions" 596 | }, 597 | "solution": "4", 598 | "explanation": null 599 | }, 600 | { 601 | "question": "While developing the business continuity plan your team must create a plan that ensures that normal operation can be resumed in a timely manner after an outage. Which element is your team creating?", 602 | "answers": { 603 | "1": "Vulnerability analysis", 604 | "2": "Disaster recovery plan", 605 | "3": "Business continuity plan", 606 | "4": "Business impact analysis (BIA)" 607 | }, 608 | "solution": "2", 609 | "explanation": null 610 | }, 611 | { 612 | "question": "Which recovery site usually takes the longest to configure when needed?", 613 | "answers": { 614 | "1": "Hot site", 615 | "2": "Warm site", 616 | "3": "Cold site", 617 | "4": "Redundant site" 618 | }, 619 | "solution": "3", 620 | "explanation": null 621 | }, 622 | { 623 | "question": "You administer a small corporate network. On Friday evening after close of business you performed a full backup of the hard disk of one of the company servers. On Monday evening you performed a differential backup of the same server's hard disk and on Tuesday Wednesday and Thursday evenings you performed incremental backups of the server's hard disk. Which files are recorded in the backup that you performed on Thursday?", 624 | "answers": { 625 | "1": "All the files on the hard disk", 626 | "2": "All the files on the hard disk that were changed or created since the differential backup on Monday", 627 | "3": "All the files on the hard disk that were changed or created since the incremental backup on Tuesday", 628 | "4": "All the files on the hard disk that were changed or created since the incremental backup on Wednesday" 629 | }, 630 | "solution": "4", 631 | "explanation": null 632 | }, 633 | { 634 | "question": "What protects data on computer networks from power spikes?", 635 | "answers": { 636 | "1": "A heating system", 637 | "2": "A key card", 638 | "3": "A sprinkler", 639 | "4": "A surge suppressor" 640 | }, 641 | "solution": "4", 642 | "explanation": null 643 | }, 644 | { 645 | "question": "The business continuity team is interviewing users to gather information about business units and their functions. Which part of the business continuity plan includes this analysis?", 646 | "answers": { 647 | "1": "Disaster recovery plan", 648 | "2": "Contingency plan", 649 | "3": "Business impact analysis (BIA)", 650 | "4": "Occupant emergency plan (OEP)" 651 | }, 652 | "solution": "3", 653 | "explanation": null 654 | }, 655 | { 656 | "question": "During business continuity planning you need to obtain the single loss expectancy (SLE) of the company's file server. Which formula should you use to determine this?", 657 | "answers": { 658 | "1": "Asset value times exposure factor (EF)", 659 | "2": "Asset value times annualized rate of occurrence (ARO)", 660 | "3": "Exposure factor (EF) times annualized rate of occurrence (ARO)", 661 | "4": "Annualized loss expectancy (ALE) times annualized rate of occurrence (ARO)" 662 | }, 663 | "solution": "1", 664 | "explanation": null 665 | }, 666 | { 667 | "question": "Your company has a backup solution that performs a full backup each Saturday evening and an incremental backup all other evenings. A vital system crashes on Tuesday morning. How many backups will be needed to restore?", 668 | "answers": { 669 | "1": "One", 670 | "2": "Two", 671 | "3": "Three", 672 | "4": "Four" 673 | }, 674 | "solution": "3", 675 | "explanation": null 676 | }, 677 | { 678 | "question": "Which term refers to how long a company can tolerate the outage of a certain asset entity or service?", 679 | "answers": { 680 | "1": "Business impact analysis", 681 | "2": "Maximum tolerable downtime", 682 | "3": "Maximum recovery time", 683 | "4": "Mean time between failure", 684 | "5": "Mean time to repair" 685 | }, 686 | "solution": "2", 687 | "explanation": null 688 | }, 689 | { 690 | "question": "During a recent natural disaster the primary location for your organization was destroyed. To bring the alternate site online you restored the most critical systems first. Now a new primary site is complete and you need to ensure the site is brought online in an orderly fashion. What should you do first?", 691 | "answers": { 692 | "1": "Restore the most critical functions to the new primary site", 693 | "2": "Restore the least critical functions to the new primary site", 694 | "3": "Restore all independent functions to the new primary site", 695 | "4": "Restore all interdependent functions to the new primary site" 696 | }, 697 | "solution": "2", 698 | "explanation": null 699 | }, 700 | { 701 | "question": "When is a disaster recovery plan implemented?", 702 | "answers": { 703 | "1": "After all systems are back online", 704 | "2": "After the critical systems are back online", 705 | "3": "After a disaster is declared", 706 | "4": "When the company is in normal operation mode" 707 | }, 708 | "solution": "3", 709 | "explanation": null 710 | }, 711 | { 712 | "question": "Your organization has decided to implement the Diffie-Hellman asymmetric algorithm. Which statement is true of this algorithm's key exchange?", 713 | "answers": { 714 | "1": "Authorized users need not exchange secret keys", 715 | "2": "Authorized users exchange public keys over a secure medium", 716 | "3": "Authorized users exchange symmetric session keys over a nonsecure medium", 717 | "4": "Unauthorized users exchange public keys over a nonsecure medium" 718 | }, 719 | "solution": "3", 720 | "explanation": null 721 | }, 722 | { 723 | "question": "What is a list of serial numbers of digital certificates that have not expired but should be considered invalid?", 724 | "answers": { 725 | "1": "CA", 726 | "2": "CRL", 727 | "3": "KDC", 728 | "4": "UDP" 729 | }, 730 | "solution": "2", 731 | "explanation": null 732 | }, 733 | { 734 | "question": "Which statement is NOT true of an RSA algorithm?", 735 | "answers": { 736 | "1": "RSA can prevent man in the middle attacks", 737 | "2": "An RSA algorithm is an example of symmetric cryptography", 738 | "3": "RSA encryption algorithms do not deal with discrete logarithms", 739 | "4": "RSA is a public key algorithm that performs both encryption and authentication", 740 | "5": "RSA uses public and private key signatures for integrity verification" 741 | }, 742 | "solution": "2", 743 | "explanation": null 744 | }, 745 | { 746 | "question": "Your organization signed a contract with the United States military. As part of this contract all e-mail communication between your organization and the US military must be protected. Which e-mail standard must you use for this communication?", 747 | "answers": { 748 | "1": "Multipurpose Internet Mail extension (MIME)", 749 | "2": "SMIME", 750 | "3": "Message security protocol (MSP)", 751 | "4": "Pretty good privacy (PGP)" 752 | }, 753 | "solution": "3", 754 | "explanation": null 755 | }, 756 | { 757 | "question": "Which service is fulfilled by cryptography by ensuring that a sender cannot deny sending a message once it is transmitted?", 758 | "answers": { 759 | "1": "Confidentiality", 760 | "2": "Authenticity", 761 | "3": "Integrity", 762 | "4": "Non-repudiation" 763 | }, 764 | "solution": "4", 765 | "explanation": null 766 | }, 767 | { 768 | "question": "Which service provided by a cryptosystem turns information into unintelligible data?", 769 | "answers": { 770 | "1": "Non-repudiation", 771 | "2": "Authorization", 772 | "3": "Cipher text", 773 | "4": "Encryption" 774 | }, 775 | "solution": "4", 776 | "explanation": null 777 | }, 778 | { 779 | "question": "What identifies entries within an X.509 CRL?", 780 | "answers": { 781 | "1": "Digital certificates", 782 | "2": "Private keys", 783 | "3": "Public keys", 784 | "4": "Serial numbers" 785 | }, 786 | "solution": "4", 787 | "explanation": null 788 | }, 789 | { 790 | "question": "You want to send a file to a coworker named Maria. You do not want to protect the file contents from being viewed; however when Maria receives a file you want her to be able to determine whether the contents of the file were altered during transit. Which protective measures should you use?", 791 | "answers": { 792 | "1": "A digital certificate", 793 | "2": "A digital signature", 794 | "3": "Symmetric message receipt", 795 | "4": "Asymmetric encryption" 796 | }, 797 | "solution": "2", 798 | "explanation": null 799 | }, 800 | { 801 | "question": "Your organization uses the Kerberos protocol to authenticate users of the network. Which statement is true of the key distribution center (KOC) when this protocol is used?", 802 | "answers": { 803 | "1": "The KOC is only used to store secret keys", 804 | "2": "The KOC is used to capture secret keys over the network", 805 | "3": "The KOC is used to maintain and distribute public keys for each session", 806 | "4": "The KOC is used to store distribute and maintain cryptographic session keys" 807 | }, 808 | "solution": "4", 809 | "explanation": null 810 | }, 811 | { 812 | "question": "Your organization is working with an international partner on a new and innovative product. All communication regarding this must be encrypted using a very strong symmetric algorithm. Which algorithm should you use?", 813 | "answers": { 814 | "1": "AES", 815 | "2": "3DES", 816 | "3": "IDEA", 817 | "4": "Blowfish" 818 | }, 819 | "solution": "1", 820 | "explanation": null 821 | }, 822 | { 823 | "question": "Which statement is true of the rijndael algorithm used in AES?", 824 | "answers": { 825 | "1": "Rijndael uses variable block lengths and variable key lengths", 826 | "2": "Rijndael uses fixed block lengths and fixed key lengths", 827 | "3": "Rijndael uses variable block lengths and fixed key lengths", 828 | "4": "Rijndael uses fixed block lengths and variable key lengths" 829 | }, 830 | "solution": "1", 831 | "explanation": null 832 | }, 833 | { 834 | "question": "Your manager has asked you to ensure that the password files that are stored on the servers are not vulnerable to attacks. To which type of attack would these files be vulnerable?", 835 | "answers": { 836 | "1": "A dictionary attack", 837 | "2": "A SYN flood attack", 838 | "3": "A side channel attack", 839 | "4": "A denial of service (DoS) attack" 840 | }, 841 | "solution": "1", 842 | "explanation": null 843 | }, 844 | { 845 | "question": "Your company hosts several public web sites on its Web Server. Some of the sites implement the secure sockets layer (SSL) protocol. Which statement is NOT true of this protocol?", 846 | "answers": { 847 | "1": "SSL is used to protect Internet transactions", 848 | "2": "SSL version 2 provides client-side authentication", 849 | "3": "SSL operates at the network layer of the OSI model", 850 | "4": "SSL with TLS supports both server and client authentication", 851 | "5": "TLS has two possible session key lengths: 128 bit and 256 bit" 852 | }, 853 | "solution": "3", 854 | "explanation": null 855 | }, 856 | { 857 | "question": "Your organization implements hybrid encryption to provide a high level of protection of your data. Which statement is true of this type of encryption?", 858 | "answers": { 859 | "1": "The secret key protects the encryption keys", 860 | "2": "Public keys decrypt the secret key for distribution", 861 | "3": "Asymmetric cryptography is used for secure key distribution", 862 | "4": "The symmetric algorithm generates public and private keys" 863 | }, 864 | "solution": "3", 865 | "explanation": null 866 | }, 867 | { 868 | "question": "Recently your organization has become increasingly concerned about hackers. You have been specifically tasked with preventing man in the middle attacks. Which protocol is NOT capable of preventing this type of attack?", 869 | "answers": { 870 | "1": "CHAP", 871 | "2": "Secure shell (SSH)", 872 | "3": "HTTP secure (HTTPS)", 873 | "4": "Internet protocol security (IPSec)" 874 | }, 875 | "solution": "1", 876 | "explanation": null 877 | }, 878 | { 879 | "question": "Which hashing algorithm generates a 160 bit hashing value?", 880 | "answers": { 881 | "1": "Tiger", 882 | "2": "HAVAL", 883 | "3": "SHA", 884 | "4": "MD5" 885 | }, 886 | "solution": "3", 887 | "explanation": null 888 | }, 889 | { 890 | "question": "You have implemented a public key infrastructure (PKI) to issue certificates to the computers on your organization's network. You must ensure that the certificates that have been validated are protected. What must be secured in a PKI to do this?", 891 | "answers": { 892 | "1": "The public key of the root CA", 893 | "2": "The private key of the root CA", 894 | "3": "The public key of a user's certificate", 895 | "4": "The private key of a user's certificate" 896 | }, 897 | "solution": "2", 898 | "explanation": null 899 | }, 900 | { 901 | "question": "Which statement is NOT true of cross certification?", 902 | "answers": { 903 | "1": "Cross certification builds an overall PKI hierarchy", 904 | "2": "Cross certification is primarily used to establish trust between different PKl's", 905 | "3": "Cross certification checks the authenticity of the certificates in the certification path", 906 | "4": "Cross certification allows users to validate each other's certificate when they are certified under different certification hierarchies" 907 | }, 908 | "solution": "3", 909 | "explanation": null 910 | }, 911 | { 912 | "question": "You have been specifically asks to implement a stream cipher for Wi-Fi. Which cryptographic algorithm could you use?", 913 | "answers": { 914 | "1": "RC4", 915 | "2": "RCS", 916 | "3": "TKIP", 917 | "4": "MOS" 918 | }, 919 | "solution": "1", 920 | "explanation": null 921 | }, 922 | { 923 | "question": "The IT department manager informs you that your organization's network has been the victim of a ciphertext only attack. Which statement is true regarding this type of attack?", 924 | "answers": { 925 | "1": "A birthday attack is an example of a ciphertext only attack", 926 | "2": "A ciphertext only attack is focused on discovering the encryption key", 927 | "3": "It is very difficult for an attacker to gather the ciphertext in a network", 928 | "4": "A ciphertext only attack is considered by hackers to be the easiest attack" 929 | }, 930 | "solution": "2", 931 | "explanation": null 932 | }, 933 | { 934 | "question": "You are engaged in a risk assessment for your organization's network. You have identified several risks. When you calculate the risks by using the quantitative method you multiply the assets value by the exposure factor (EF). What is the result?", 935 | "answers": { 936 | "1": "Risk elimination", 937 | "2": "Actual cost evaluation (ACV)", 938 | "3": "Single loss expectancy (SLE)", 939 | "4": "Annualized loss expectancy (ALE)" 940 | }, 941 | "solution": "3", 942 | "explanation": null 943 | }, 944 | { 945 | "question": "What is a potential opening in network security that a hacker can exploit to attack a network?", 946 | "answers": { 947 | "1": "An agent", 948 | "2": "An event", 949 | "3": "A target", 950 | "4": "A vulnerability" 951 | }, 952 | "solution": "4", 953 | "explanation": null 954 | }, 955 | { 956 | "question": "As part of a new security initiative your organization has decided that all employees must undergo security awareness training. What is the aim of this training?", 957 | "answers": { 958 | "1": "All employees must understand their security responsibilities", 959 | "2": "All employees in the IT department should be able to handle security incidents", 960 | "3": "All employees excluding top management should understand the legal implications of loss of information", 961 | "4": "All employees in the IT department should be able to handle social engineering attacks" 962 | }, 963 | "solution": "1", 964 | "explanation": null 965 | }, 966 | { 967 | "question": "Which statement is true of risk?", 968 | "answers": { 969 | "1": "Risk is the probability of the exploitation of vulnerabilities by a threat agent", 970 | "2": "Implementation of preventive controls is sufficient for risk mitigation", 971 | "3": "A qualitative risk analysis should be preferred for assigning monetary values", 972 | "4": "The risk of an internal security breach by employees is less than that posed by external threats" 973 | }, 974 | "solution": "1", 975 | "explanation": null 976 | }, 977 | { 978 | "question": "For which security objective(s) should system owners and data owners be accountable?", 979 | "answers": { 980 | "1": "Integrity", 981 | "2": "Availability", 982 | "3": "Confidentiality", 983 | "4": "Integrity and availability", 984 | "5": "Confidentiality and integrity", 985 | "6": "Confidentiality and availability", 986 | "7": "Availability integrity and confidentiality" 987 | }, 988 | "solution": "7", 989 | "explanation": null 990 | }, 991 | { 992 | "question": "The new security plan for your organization states that all data on your servers must be classified to ensure appropriate access controls are implemented. All of the following statements are true of information classification EXCEPT?", 993 | "answers": { 994 | "1": "A data owner must determine the information classification of an asset", 995 | "2": "Data classification refers to assigning security labels of information assets", 996 | "3": "A data custodian must determine the classification of an information asset", 997 | "4": "The two primary classes of data classification deal with military institutions and commercial organizations" 998 | }, 999 | "solution": "3", 1000 | "explanation": null 1001 | }, 1002 | { 1003 | "question": "Of which control is WPA TKIP an example?", 1004 | "answers": { 1005 | "1": "Physical controls", 1006 | "2": "Technical controls", 1007 | "3": "Detective controls", 1008 | "4": "Administrative controls" 1009 | }, 1010 | "solution": "2", 1011 | "explanation": null 1012 | }, 1013 | { 1014 | "question": "You are designing the security awareness training plan for your organization. Several groups have been identified to receive customized training. Which group requires security training to ensure the programs produced by the company do not contain security problems?", 1015 | "answers": { 1016 | "1": "Administrators", 1017 | "2": "Developers", 1018 | "3": "Employees", 1019 | "4": "Executives" 1020 | }, 1021 | "solution": "2", 1022 | "explanation": null 1023 | }, 1024 | { 1025 | "question": "All of the following are controls which are integral parts of information security administration except?", 1026 | "answers": { 1027 | "1": "Information controls", 1028 | "2": "Physical controls", 1029 | "3": "Technical controls", 1030 | "4": "Administrative controls" 1031 | }, 1032 | "solution": "1", 1033 | "explanation": null 1034 | }, 1035 | { 1036 | "question": "You are the security manager for your organization. You are identifying potential security risks for your organization . Which technique would you NOT use?", 1037 | "answers": { 1038 | "1": "Interviewing", 1039 | "2": "Benchmarking", 1040 | "3": "Brainstorming", 1041 | "4": "Delphi technique" 1042 | }, 1043 | "solution": "2", 1044 | "explanation": null 1045 | }, 1046 | { 1047 | "question": "Your organization has decided that the organization needs to implement password policies for better security. Which password policy will NOT strengthen password security?", 1048 | "answers": { 1049 | "1": "Requiring users to use a minimum of eight characters in a password", 1050 | "2": "Requiring users to use symbols and numbers in their passwords", 1051 | "3": "Requiring users to use only alphabetic words as passwords", 1052 | "4": "Requiring users to periodically change their passwords" 1053 | }, 1054 | "solution": "3", 1055 | "explanation": null 1056 | }, 1057 | { 1058 | "question": "What is typically part of an information policy?", 1059 | "answers": { 1060 | "1": "Classification", 1061 | "2": "Authentication", 1062 | "3": "Acceptable use", 1063 | "4": "Employee termination procedure" 1064 | }, 1065 | "solution": "1", 1066 | "explanation": null 1067 | }, 1068 | { 1069 | "question": "What is a risk trigger?", 1070 | "answers": { 1071 | "1": "A risk response strategy", 1072 | "2": "A metric used to measure the impact of a risk", 1073 | "3": "An event that indicates that a risk has occurred or is about to occur", 1074 | "4": "An individual who is responsible for alerting the team when a given risk occurs" 1075 | }, 1076 | "solution": "3", 1077 | "explanation": null 1078 | }, 1079 | { 1080 | "question": "Your organization has decided that the organization needs to implement password policies for better security. Which password policy will likely REDUCE network security?", 1081 | "answers": { 1082 | "1": "Requiring users to increase the length of their passwords from six characters to eight characters", 1083 | "2": "Requiring users to use symbols such as the $ character and the % character in their passwords", 1084 | "3": "Requiring users to use easily remembered passwords", 1085 | "4": "Requiring users to change passwords in 60 days rather than 90 days" 1086 | }, 1087 | "solution": "3", 1088 | "explanation": null 1089 | }, 1090 | { 1091 | "question": "What is employed when user accounts are created by one employee and user permissions are configured by another employee?", 1092 | "answers": { 1093 | "1": "A collusion", 1094 | "2": "A two-man control", 1095 | "3": "Separation of duties", 1096 | "4": "Rotation of duties" 1097 | }, 1098 | "solution": "3", 1099 | "explanation": null 1100 | }, 1101 | { 1102 | "question": "Which security management approach is recommended for an information security program?", 1103 | "answers": { 1104 | "1": "Top-down", 1105 | "2": "Bottom-up", 1106 | "3": "Integrated", 1107 | "4": "Differential" 1108 | }, 1109 | "solution": "1", 1110 | "explanation": null 1111 | }, 1112 | { 1113 | "question": "You identify a security risk that you do not have in-house skills to address. You decide to procure contract resources to mitigate this security risk. Which type of risk response strategy are you demonstrating?", 1114 | "answers": { 1115 | "1": "Avoidance", 1116 | "2": "Acceptance", 1117 | "3": "Mitigation", 1118 | "4": "Transference" 1119 | }, 1120 | "solution": "4", 1121 | "explanation": null 1122 | }, 1123 | { 1124 | "question": "What is the purpose of quantitative risk analysis?", 1125 | "answers": { 1126 | "1": "To generate an action plan in response to each identified risk", 1127 | "2": "To generate a prioritized list of risks that might adversely affect the project", 1128 | "3": "To determine the overall impact that specific risks posed to successful project completion", 1129 | "4": "To analyze the already prioritized risks in such a way as to give each a numerical rating" 1130 | }, 1131 | "solution": "4", 1132 | "explanation": null 1133 | }, 1134 | { 1135 | "question": "You are the security administrator for your company. You identify a security risk. You decide to continue with the current security plan. However you develop a contingency plan for if the security risk occurs. Which type of risk response strategy are you demonstrating?", 1136 | "answers": { 1137 | "1": "Avoidance", 1138 | "2": "Acceptance", 1139 | "3": "Mitigation", 1140 | "4": "Transference" 1141 | }, 1142 | "solution": "2", 1143 | "explanation": null 1144 | }, 1145 | { 1146 | "question": "As you are designing your security awareness training you list the different groups that require different training. Which group should receive security training that is part education and part marketing?", 1147 | "answers": { 1148 | "1": "Administrators", 1149 | "2": "Developers", 1150 | "3": "Employees", 1151 | "4": "Executives" 1152 | }, 1153 | "solution": "4", 1154 | "explanation": null 1155 | }, 1156 | { 1157 | "question": "Which role is a strategic role that helps to develop policies standards and guidelines and ensures the security elements are implemented properly?", 1158 | "answers": { 1159 | "1": "User", 1160 | "2": "Data owner", 1161 | "3": "Security administrator", 1162 | "4": "Security analyst" 1163 | }, 1164 | "solution": "4", 1165 | "explanation": null 1166 | }, 1167 | { 1168 | "question": "What does sending data across an insecure network such as the Internet primarily affect?", 1169 | "answers": { 1170 | "1": "Confidentiality and availability", 1171 | "2": "Integrity and availability", 1172 | "3": "Confidentiality and integrity", 1173 | "4": "Integrity and authenticity" 1174 | }, 1175 | "solution": "3", 1176 | "explanation": null 1177 | }, 1178 | { 1179 | "question": "What should be the role of management in developing an information security program?", 1180 | "answers": { 1181 | "1": "It should be minimal", 1182 | "2": "It is mandatory", 1183 | "3": "It is not required at all", 1184 | "4": "It is limited to the providing of funds" 1185 | }, 1186 | "solution": "2", 1187 | "explanation": null 1188 | }, 1189 | { 1190 | "question": "What would be a correct statement regarding ethics and laws?", 1191 | "answers": { 1192 | "1": "Ethics are always drawn from laws", 1193 | "2": "If something isn't illegal then it is probably ethical", 1194 | "3": "Most laws are drawn from ethics", 1195 | "4": "Laws apply to everything in society that is right and wrong" 1196 | }, 1197 | "solution": "3", 1198 | "explanation": null 1199 | }, 1200 | { 1201 | "question": "Monitoring employee e-mail messages may be a useful tool for uncovering malicious activity. Which of the following is not something a company should do if they are going to carry out this type of monitoring?", 1202 | "answers": { 1203 | "1": "Inform users that this type of monitoring may take place", 1204 | "2": "Explain the ramifications of misuse of this resource to users", 1205 | "3": "Guarantee employee privacy", 1206 | "4": "Monitor all users consistently and fairly" 1207 | }, 1208 | "solution": "3", 1209 | "explanation": null 1210 | }, 1211 | { 1212 | "question": "Which of the following is an attack that uses tools to intercept electronic communications signals usually passively instead of actively?", 1213 | "answers": { 1214 | "1": "Masquerading", 1215 | "2": "Social engineering", 1216 | "3": "Sniffing", 1217 | "4": "Salami" 1218 | }, 1219 | "solution": "3", 1220 | "explanation": null 1221 | }, 1222 | { 1223 | "question": "What is the first step when investigating a computer crime?", 1224 | "answers": { 1225 | "1": "Photograph the area computer and contents on the screen", 1226 | "2": "Advise individuals in the area of their rights before evidence is collected", 1227 | "3": "Quickly look for planted logic bombs and Trojan horses to ensure damage cannot be done", 1228 | "4": "Power off the computer system" 1229 | }, 1230 | "solution": "1", 1231 | "explanation": null 1232 | }, 1233 | { 1234 | "question": "If senior executives are found liable for not properly protecting their company's assets and information systems what type of law likely would apply in this situation?", 1235 | "answers": { 1236 | "1": "Criminal", 1237 | "2": "International", 1238 | "3": "Civil", 1239 | "4": "Common" 1240 | }, 1241 | "solution": "3", 1242 | "explanation": null 1243 | }, 1244 | { 1245 | "question": "During a trial a company introduces documents that were created during the course of the investigation to show new evidence of wrongdoing. These documents would be classified as what type of evidence?", 1246 | "answers": { 1247 | "1": "Direct", 1248 | "2": "Conclusive", 1249 | "3": "Hearsay", 1250 | "4": "Corroborative" 1251 | }, 1252 | "solution": "3", 1253 | "explanation": null 1254 | }, 1255 | { 1256 | "question": "The investigation process of a computer crime is very similar to investigating many other types of crime. What is the 'who' and 'why' of a crime?", 1257 | "answers": { 1258 | "1": "Motivations", 1259 | "2": "Opportunities", 1260 | "3": "Means", 1261 | "4": "Capabilities" 1262 | }, 1263 | "solution": "1", 1264 | "explanation": null 1265 | }, 1266 | { 1267 | "question": "Typically computer files are considered hearsay evidence. In which of the following scenarios would computer files be admissible?", 1268 | "answers": { 1269 | "1": "When the file clearly proves guilt", 1270 | "2": "When a forensic expert testifies that the evidence is trustworthy", 1271 | "3": "When the computer output is produced during the course of regular business", 1272 | "4": "It is never admissible" 1273 | }, 1274 | "solution": "3", 1275 | "explanation": null 1276 | }, 1277 | { 1278 | "question": "Which of the following is a true statement regarding warrants and seizure on an individual's property?", 1279 | "answers": { 1280 | "1": "Police do not have to have a warrant for most cases of property seizure", 1281 | "2": "A manager falls under the same restrictions as law enforcement agents if she follows the instruction of a law enforcement agent", 1282 | "3": "A manager without a warrant can seize the information on a computer at a company that contains suspected child pornography information if the manager was directed by a police officer to obtain this information", 1283 | "4": "If law enforcement has a warrant for a home computer in a case of suspected child pornography they can also confiscate the computers at the homeowner's office" 1284 | }, 1285 | "solution": "2", 1286 | "explanation": null 1287 | }, 1288 | { 1289 | "question": "What is administrative law?", 1290 | "answers": { 1291 | "1": "Deals with violations of regulatory standards", 1292 | "2": "Deals with violent violation of individuals", 1293 | "3": "Deals with laws develop to protect the public", 1294 | "4": "Deals with commerce laws across borders" 1295 | }, 1296 | "solution": "1", 1297 | "explanation": null 1298 | }, 1299 | { 1300 | "question": "In many cases traditional laws do not adequately approach computer crimes and their ramifications. Which of the following is one way legal systems have changed to better allow these established rules to be used?", 1301 | "answers": { 1302 | "1": "The definition of property has been expanded to include intangible property as in hard drives", 1303 | "2": "The definition of property has been expanded to include intangible property as in electronic information", 1304 | "3": "The definition of property has been expanded to include tangible property as in electronic information", 1305 | "4": "The definition of property has been expanded to include tangible property as in secondary storage devices" 1306 | }, 1307 | "solution": "2", 1308 | "explanation": null 1309 | }, 1310 | { 1311 | "question": "Three main categories fall under common law. Which of the following is NOT one of them?", 1312 | "answers": { 1313 | "1": "Administrative law", 1314 | "2": "Civil law", 1315 | "3": "Criminal law", 1316 | "4": "Union law" 1317 | }, 1318 | "solution": "4", 1319 | "explanation": null 1320 | }, 1321 | { 1322 | "question": "Who usually blows the whistle on illegal software usage within companies?", 1323 | "answers": { 1324 | "1": "IT administrators", 1325 | "2": "CISSPs", 1326 | "3": "Disgruntled employees", 1327 | "4": "Managers" 1328 | }, 1329 | "solution": "3", 1330 | "explanation": null 1331 | }, 1332 | { 1333 | "question": "What type of attack is done with a protocol analyzer?", 1334 | "answers": { 1335 | "1": "Active", 1336 | "2": "Aggressive", 1337 | "3": "Masquerading", 1338 | "4": "Passive" 1339 | }, 1340 | "solution": "4", 1341 | "explanation": null 1342 | }, 1343 | { 1344 | "question": "Which of the following statements regarding trade secrets and trademark law is accurate?", 1345 | "answers": { 1346 | "1": "All countries follow a uniform standard for these areas", 1347 | "2": "A vendor with in a country should follow their own country's standards in these areas as the appropriate method to conduct their business", 1348 | "3": "Any vendor that is interested in doing business in a country outside of theirs should be aware of the differences in these specific areas and take the necessary steps to properly protect their product", 1349 | "4": "A vendor can choose between his country's laws and practices or the foreign country in which they do business" 1350 | }, 1351 | "solution": "3", 1352 | "explanation": null 1353 | }, 1354 | { 1355 | "question": "Which of the Following Items Is Addressed in the (ISC)2 Code of Ethics?", 1356 | "answers": { 1357 | "1": "Avoid conflicts of interest", 1358 | "2": "Avoid conducting the penetration tests", 1359 | "3": "Protect national security", 1360 | "4": "Protect individual rights" 1361 | }, 1362 | "solution": "1", 1363 | "explanation": null 1364 | }, 1365 | { 1366 | "question": "Which of the following acts was created to protect the privacy of medical information?", 1367 | "answers": { 1368 | "1": "US federal privacy act of 1974", 1369 | "2": "Computer fraud and abuse act", 1370 | "3": "HIPM", 1371 | "4": "Gramm Leach Bliley act of 1999" 1372 | }, 1373 | "solution": "3", 1374 | "explanation": null 1375 | }, 1376 | { 1377 | "question": "A cashier who enters incorrect values in the cash register and keeps the remaining money has committed what kind of crime?", 1378 | "answers": { 1379 | "1": "Sniffing", 1380 | "2": "Social Engineering", 1381 | "3": "Masquerading", 1382 | "4": "Data diddling" 1383 | }, 1384 | "solution": "4", 1385 | "explanation": null 1386 | }, 1387 | { 1388 | "question": "An edict stating that all evidence be labeled with information about who secured it and who validated it is called --------", 1389 | "answers": { 1390 | "1": "CERT", 1391 | "2": "Chain of custody", 1392 | "3": "Direct evidence", 1393 | "4": "Incident response policy" 1394 | }, 1395 | "solution": "2", 1396 | "explanation": null 1397 | }, 1398 | { 1399 | "question": "Which of the following is addressed in the federal sentencing guidelines?", 1400 | "answers": { 1401 | "1": "Senior executives are not responsible for the computer and information security decisions they make and what actually takes place within their organizations", 1402 | "2": "Senior executives are responsible for the computer and information security decisions they make and what actually takes place within their organizations", 1403 | "3": "This act provides the necessary structure when dealing with espionage and further defines trade secrets to be technical business engineering scientific or financial", 1404 | "4": "This act requires federal agencies to identify computer systems that will contain sensitive information" 1405 | }, 1406 | "solution": "2", 1407 | "explanation": null 1408 | }, 1409 | { 1410 | "question": "Tricking an intruder into accessing the digital information in order to prosecute him is an example of what?", 1411 | "answers": { 1412 | "1": "Enticement", 1413 | "2": "Interrogation", 1414 | "3": "Entrapment", 1415 | "4": "Salami attack" 1416 | }, 1417 | "solution": "3", 1418 | "explanation": null 1419 | }, 1420 | { 1421 | "question": "There are different categories for evidence depending upon what form it is in and possibly how it was collected. Which of the following is considered supporting evidence?", 1422 | "answers": { 1423 | "1": "Best evidence", 1424 | "2": "Corroborative evidence", 1425 | "3": "Conclusive evidence", 1426 | "4": "Direct evidence" 1427 | }, 1428 | "solution": "2", 1429 | "explanation": null 1430 | }, 1431 | { 1432 | "question": "Which term refers to a hidden set of software instructions created by the developer as a matter of convenience?", 1433 | "answers": { 1434 | "1": "Covert channel", 1435 | "2": "Software patch", 1436 | "3": "Maintenance hook", 1437 | "4": "GUI" 1438 | }, 1439 | "solution": "3", 1440 | "explanation": null 1441 | }, 1442 | { 1443 | "question": "Don is a senior manager of a software development firm. He has just found out that a key contract was renewed allowing the company to continue developing an application that was idle for several months. Excited to get started Don begins work in the application privately but cannot tell his staff until the news is announced publicly in a few days. However as Don begins making changes in the software various staff members notice changes in their connected systems even though they work in a lower security level. What kind of model could be used to ensure this does not happen?", 1444 | "answers": { 1445 | "1": "Biba", 1446 | "2": "Bell-LaPadula", 1447 | "3": "Non-interference", 1448 | "4": "Clark Wilson" 1449 | }, 1450 | "solution": "3", 1451 | "explanation": null 1452 | }, 1453 | { 1454 | "question": "The concept that dictates that once an object is used it must be stripped of all of its data remnants is called --- --- --.", 1455 | "answers": { 1456 | "1": "Layering", 1457 | "2": "Object reuse", 1458 | "3": "Multi use", 1459 | "4": "Polymorphism" 1460 | }, 1461 | "solution": "2", 1462 | "explanation": null 1463 | }, 1464 | { 1465 | "question": "A computer's hard drive floppy disks or CD-ROM is called - ---.", 1466 | "answers": { 1467 | "1": "Primary storage", 1468 | "2": "Virtual memory", 1469 | "3": "Real storage", 1470 | "4": "Secondary storage" 1471 | }, 1472 | "solution": "4", 1473 | "explanation": null 1474 | }, 1475 | { 1476 | "question": "The ability for a computer to perform 1/0 functions is the key factor in its effectiveness. When proper 1/0 levels cannot be maintained a system may malfunction and operations freeze. Which one of the core security principles does this affect most?", 1477 | "answers": { 1478 | "1": "Integrity", 1479 | "2": "Availability", 1480 | "3": "Confidentiality", 1481 | "4": "Consistency" 1482 | }, 1483 | "solution": "2", 1484 | "explanation": null 1485 | }, 1486 | { 1487 | "question": "What is the main reason why an application would be developed using the Brewer-Nash model?", 1488 | "answers": { 1489 | "1": "To provide varying degrees confidentiality and integrity", 1490 | "2": "To ensure that unauthorized subjects cannot make modifications", 1491 | "3": "To ensure conflicts of interest are minimized through dynamic access control", 1492 | "4": "To ensure that the integrity on an object at a higher level is not compromised" 1493 | }, 1494 | "solution": "3", 1495 | "explanation": null 1496 | }, 1497 | { 1498 | "question": "What is the result of combining RAM and secondary storage?", 1499 | "answers": { 1500 | "1": "Virtual storage", 1501 | "2": "Real storage", 1502 | "3": "Primary storage", 1503 | "4": "Combo storage" 1504 | }, 1505 | "solution": "1", 1506 | "explanation": null 1507 | }, 1508 | { 1509 | "question": "Which of the following computer components dictates when data is processed by the system's processor?", 1510 | "answers": { 1511 | "1": "Control unit", 1512 | "2": "Registers", 1513 | "3": "ALU", 1514 | "4": "Ring 0" 1515 | }, 1516 | "solution": "1", 1517 | "explanation": null 1518 | }, 1519 | { 1520 | "question": "Computers have many methods for protecting themselves. One security measure is an abstract machine that ensures all subjects have adequate permission to access objects. This concept ensures objects will not be harmed by untrusted subjects. What is this security control called?", 1521 | "answers": { 1522 | "1": "Security kernel", 1523 | "2": "Trusted computer base", 1524 | "3": "Reference monitor", 1525 | "4": "Security domain" 1526 | }, 1527 | "solution": "3", 1528 | "explanation": null 1529 | }, 1530 | { 1531 | "question": "Which security model specifies that commands and activities performed at one security level should not be seen or affect subjects or objects at a different security level?", 1532 | "answers": { 1533 | "1": "Biba model", 1534 | "2": "Information flow model", 1535 | "3": "Security separation model", 1536 | "4": "Noninterference model" 1537 | }, 1538 | "solution": "4", 1539 | "explanation": null 1540 | }, 1541 | { 1542 | "question": "Which of the following provides the highest security when it comes to memory?", 1543 | "answers": { 1544 | "1": "Memory mapping", 1545 | "2": "Hardware segmentation", 1546 | "3": "Virtual machines", 1547 | "4": "Protection rings" 1548 | }, 1549 | "solution": "2", 1550 | "explanation": null 1551 | }, 1552 | { 1553 | "question": "Companies should follow certain steps in selecting and implementing a new computer product. Which of the following sequences is ordered correctly?", 1554 | "answers": { 1555 | "1": "Evaluation accreditation certification", 1556 | "2": "Evaluation certification accreditation", 1557 | "3": "Certification evaluation accreditation", 1558 | "4": "Certification accreditation evaluation" 1559 | }, 1560 | "solution": "2", 1561 | "explanation": null 1562 | }, 1563 | { 1564 | "question": "Operating systems that provide multilevel security and mandatory access control are based on which model?", 1565 | "answers": { 1566 | "1": "Brewer-Nash", 1567 | "2": "Biba", 1568 | "3": "Clark-Wilson", 1569 | "4": "Bell-LaPadula" 1570 | }, 1571 | "solution": "4", 1572 | "explanation": null 1573 | }, 1574 | { 1575 | "question": "Data is stored in a variety of ways. Sometimes it is stored based on convenience and sometimes on necessity. Sequential storage means that data saved on a medium must be accessed in the same order in which it was saved. Which of the media types below is a sequential storage device?", 1576 | "answers": { 1577 | "1": "CD-ROM", 1578 | "2": "WSB drive", 1579 | "3": "Magnetic tape", 1580 | "4": "Hard drive" 1581 | }, 1582 | "solution": "3", 1583 | "explanation": null 1584 | }, 1585 | { 1586 | "question": "There are several types of components that fall within the trusted computing base (TCB). Which of the following would not be within the security perimeter?", 1587 | "answers": { 1588 | "1": "Firmware on motherboard", 1589 | "2": "Applications", 1590 | "3": "Protective hardware components", 1591 | "4": "Reference monitor and security kernel" 1592 | }, 1593 | "solution": "2", 1594 | "explanation": null 1595 | }, 1596 | { 1597 | "question": "A company has performed the following steps when buying a new operating system: 1) analyzed common criteria evaluation report on the product; 2) purchased the product after comparing other alternatives; and 3) properly certified the product within the internal network. What is the next step that needs to happen before the process is complete?", 1598 | "answers": { 1599 | "1": "Software debugging", 1600 | "2": "Contingency planning", 1601 | "3": "Accreditation", 1602 | "4": "Establish access control policies" 1603 | }, 1604 | "solution": "3", 1605 | "explanation": null 1606 | }, 1607 | { 1608 | "question": "Many of the security architecture models (Bell-LaPadula Biba Clark Wilson) are very high level constructs and provide abstracts for software designers to use as a map to meet specific security goals. Which of the following models address more granular activities as in all subjects and objects should be created securely?", 1609 | "answers": { 1610 | "1": "Harrison-Ruzzo-Ullman model", 1611 | "2": "Brewer Nash", 1612 | "3": "Information flow", 1613 | "4": "Graham Denning model" 1614 | }, 1615 | "solution": "4", 1616 | "explanation": null 1617 | }, 1618 | { 1619 | "question": "Which of the following best describes TCSEC?", 1620 | "answers": { 1621 | "1": "A criteria to validate the security and assurance provided in products", 1622 | "2": "The red book", 1623 | "3": "European assurance evaluation criteria", 1624 | "4": "A penetration testing method" 1625 | }, 1626 | "solution": "1", 1627 | "explanation": null 1628 | }, 1629 | { 1630 | "question": "Tim is an entry-level customer service representative working with a client on a service escalation. After working through several issues the customer asks him if he can verify the annual service charge and opt-out provisions of his contract. Tim unhappily responds he only has access to technical and operations data and cannot access contract information. He says he must transfer the customer to customer service. What type of control is described in this example?", 1631 | "answers": { 1632 | "1": "Clipping level", 1633 | "2": "Least privilege", 1634 | "3": "Operations security", 1635 | "4": "ACL" 1636 | }, 1637 | "solution": "2", 1638 | "explanation": null 1639 | }, 1640 | { 1641 | "question": "Pretending to be another person in order to gain privileges is an example of what kind of attack?", 1642 | "answers": { 1643 | "1": "Scavenging", 1644 | "2": "Spoofing", 1645 | "3": "Keystroke logging", 1646 | "4": "Man in the middle" 1647 | }, 1648 | "solution": "2", 1649 | "explanation": null 1650 | }, 1651 | { 1652 | "question": "The three main types of operational controls are technical administrative and physical. There or several mechanisms for each of these types that provide different services. What service does passwords ACL's and ID badges all provide?", 1653 | "answers": { 1654 | "1": "Deterrent", 1655 | "2": "Correction", 1656 | "3": "Prevention", 1657 | "4": "Compensation" 1658 | }, 1659 | "solution": "3", 1660 | "explanation": null 1661 | }, 1662 | { 1663 | "question": "In many states sending spam is illegal. Thus the spammers have techniques to try and ensure that no one knows they sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the origin of these types of e-mails?", 1664 | "answers": { 1665 | "1": "A blacklist of companies that have their mail server relays configured to allow traffic only to their specified domain name", 1666 | "2": "A blacklist of companies that have their mail server relays configured to be wide open", 1667 | "3": "Mail relay which is a technique of bouncing e-mail from internal to external mail servers continuously", 1668 | "4": "Tools that will reconfigure a mail server's relay component to send theemail back to the spammers occasionally" 1669 | }, 1670 | "solution": "2", 1671 | "explanation": null 1672 | }, 1673 | { 1674 | "question": "What is configuration management used for in many different environments?", 1675 | "answers": { 1676 | "1": "Controlling changes in testing procedures", 1677 | "2": "Controlling testing environments and documentation of testing", 1678 | "3": "Ensuring changes in design and its verification process testing and implementation", 1679 | "4": "Controlling changes in design and its verification of process testing and implementation" 1680 | }, 1681 | "solution": "4", 1682 | "explanation": null 1683 | }, 1684 | { 1685 | "question": "Which of the following ensures that security is not compromised when a system crashes or a component failure occurs?", 1686 | "answers": { 1687 | "1": "Trusted recovery", 1688 | "2": "Hot swappable", 1689 | "3": "Redundancy", 1690 | "4": "Secure boot" 1691 | }, 1692 | "solution": "1", 1693 | "explanation": null 1694 | }, 1695 | { 1696 | "question": "Which of the following controls are used to amend a situation after an attack has occurred or a vulnerability has been identified?", 1697 | "answers": { 1698 | "1": "Deterrent", 1699 | "2": "Corrective", 1700 | "3": "Preventive", 1701 | "4": "Recovery" 1702 | }, 1703 | "solution": "2", 1704 | "explanation": null 1705 | }, 1706 | { 1707 | "question": "Max has just finished developing a new software feature that the network provisioners have been requesting for some time. Anxious to get this to the group Max installs the patch on a production system. The next day he is summoned to his boss's office who is very angry. His boss says 'You didn't submit a request get approval document anything; or do proper testing.' What procedure is Max's boss referring to?", 1708 | "answers": { 1709 | "1": "Sanitization", 1710 | "2": "Due care", 1711 | "3": "Change control", 1712 | "4": "Operational assurance" 1713 | }, 1714 | "solution": "3", 1715 | "explanation": null 1716 | }, 1717 | { 1718 | "question": "A device used to ensure facsimile security so that transmissions are NOT sent in cleartext is called a -------.", 1719 | "answers": { 1720 | "1": "Firewall", 1721 | "2": "Fax encryptor", 1722 | "3": "Security policy", 1723 | "4": "TCB" 1724 | }, 1725 | "solution": "2", 1726 | "explanation": null 1727 | }, 1728 | { 1729 | "question": "Which is NOT true regarding authorization creep?", 1730 | "answers": { 1731 | "1": "Typically occurs when employees transfer to new departments or change positions", 1732 | "2": "Violates 'least privilege'", 1733 | "3": "Enforces the need to know concept", 1734 | "4": "Tendency of users to request additional privileges but seldom ask for it to be taken away" 1735 | }, 1736 | "solution": "3", 1737 | "explanation": null 1738 | }, 1739 | { 1740 | "question": "What role should accountability play in the access to media and auditing portion of a company's operations security strategy policies?", 1741 | "answers": { 1742 | "1": "None. Accountability is managed by corporate security policies not at the operator level", 1743 | "2": "Accountability is the other side of the coin of auditing. If a user is properly authorized any violations or errors he makes can be traced back to him if auditing is in place", 1744 | "3": "Accountability means that the creator of the company's access policy bears final accountability for any improper access", 1745 | "4": "Accountability means that the entire IT department as creator of the company's access policy bears final accountability for any improper accesses" 1746 | }, 1747 | "solution": "2", 1748 | "explanation": null 1749 | }, 1750 | { 1751 | "question": "Which of the following is NOT a correct way in which an operating system responds to a failure?", 1752 | "answers": { 1753 | "1": "System reboot", 1754 | "2": "Emergency system restart", 1755 | "3": "System cold start", 1756 | "4": "Not starting" 1757 | }, 1758 | "solution": "4", 1759 | "explanation": null 1760 | }, 1761 | { 1762 | "question": "Which of the following works as a transfer agent?", 1763 | "answers": { 1764 | "1": "SET", 1765 | "2": "IP", 1766 | "3": "SMTP", 1767 | "4": "ASCII" 1768 | }, 1769 | "solution": "3", 1770 | "explanation": null 1771 | }, 1772 | { 1773 | "question": "There should be one role or committee that is responsible for enforcing and maintaining the change control process within a company. Which of the following functions is NOT the responsibility of this group?", 1774 | "answers": { 1775 | "1": "To properly modify the change control process depending upon the logic of the change that was requested", 1776 | "2": "To provide formal approval or rejection of the change to the requester", 1777 | "3": "To enforce strict consistent companywide procedures", 1778 | "4": "To provide clear instructions to all employees on how to initiate a change request" 1779 | }, 1780 | "solution": "1", 1781 | "explanation": null 1782 | }, 1783 | { 1784 | "question": "Which of the following is NOT considered a countermeasure to port scanning and operating system fingerprinting? ')", 1785 | "answers": { 1786 | "1": "Allow access at the perimeter network to all internal ports", 1787 | "2": "Remove as many banners as possible within operating systems and applications", 1788 | "3": "Use TCP wrappers on vulnerable services that have to be available", 1789 | "4": "Disable unnecessary ports and services" 1790 | }, 1791 | "solution": "1", 1792 | "explanation": null 1793 | }, 1794 | { 1795 | "question": "Similar activities are carried out by hackers and security professionals performing an assessment. Identifying assets in a victims network is called ------.", 1796 | "answers": { 1797 | "1": "Port scanning", 1798 | "2": "TCP wrapping", 1799 | "3": "Fingerprinting", 1800 | "4": "Man in the middle" 1801 | }, 1802 | "solution": "3", 1803 | "explanation": null 1804 | }, 1805 | { 1806 | "question": "What is Nessus used for?", 1807 | "answers": { 1808 | "1": "To identify vulnerabilities within a network", 1809 | "2": "To open network security holes", 1810 | "3": "To re-amplify a signal", 1811 | "4": "To track network connections" 1812 | }, 1813 | "solution": "1", 1814 | "explanation": null 1815 | }, 1816 | { 1817 | "question": "A reservationist at a travel agency is allowed to commit two mistakes per month without consequence. An automated system tracks these errors and alerts appropriate personnel when this limit is exceeded. What is the limit referred to as?", 1818 | "answers": { 1819 | "1": "Clipping level", 1820 | "2": "Maximum fault tolerance", 1821 | "3": "Proximate causation", 1822 | "4": "Due care" 1823 | }, 1824 | "solution": "1", 1825 | "explanation": null 1826 | }, 1827 | { 1828 | "question": "Operations departments should back up data in all of the following situations EXCEPT which of the following?", 1829 | "answers": { 1830 | "1": "Once per year", 1831 | "2": "Before a reorganization", 1832 | "3": "After a system upgrade", 1833 | "4": "For authorized on-demand requests" 1834 | }, 1835 | "solution": "1", 1836 | "explanation": null 1837 | }, 1838 | { 1839 | "question": "Generating strong magnetic fields to erase the content on a type of media is called ---------.", 1840 | "answers": { 1841 | "1": "Sniffing", 1842 | "2": "Degaussing", 1843 | "3": "Wiretapping", 1844 | "4": "Magnetizing" 1845 | }, 1846 | "solution": "2", 1847 | "explanation": null 1848 | }, 1849 | { 1850 | "question": "Which of the following refers to the data left on the media after the media has been erased?", 1851 | "answers": { 1852 | "1": "Semi-hidden", 1853 | "2": "Dregs", 1854 | "3": "Sticky bits", 1855 | "4": "Remanence" 1856 | }, 1857 | "solution": "4", 1858 | "explanation": null 1859 | }, 1860 | { 1861 | "question": "The estimated lifetime of a device or the estimated timeframe until a component within a device gives out is called _______.", 1862 | "answers": { 1863 | "1": "UPS", 1864 | "2": "MTTB", 1865 | "3": "MTTR", 1866 | "4": "MTBF" 1867 | }, 1868 | "solution": "4", 1869 | "explanation": null 1870 | }, 1871 | { 1872 | "question": "A company with highly combustible materials is trying to determine which sprinkler system type to purchase. They are not concerned with false alarms but instead are insistent that the system be effective at extinguishing large and rapidly growing fires extremely fast. Which would be the best sprinkler system for this company?", 1873 | "answers": { 1874 | "1": "Wet pipe", 1875 | "2": "Deluge", 1876 | "3": "Dry pipe", 1877 | "4": "Pre-action" 1878 | }, 1879 | "solution": "2", 1880 | "explanation": null 1881 | }, 1882 | { 1883 | "question": "What does a company need to investigate to ensure that the availability of production systems are not negatively affected for a long period of time if a new system goes down?", 1884 | "answers": { 1885 | "1": "NOA and MTTR", 1886 | "2": "SLAs and MTTR", 1887 | "3": "MTBF and NOA", 1888 | "4": "MTTR and TCSEC" 1889 | }, 1890 | "solution": "2", 1891 | "explanation": null 1892 | }, 1893 | { 1894 | "question": "Companies that offer mission-critical services to their customers have to make contingencies for potential power failures. An uninterruptible power supply (UPS) is a common alternative that companies select in situations where even one second of power interruption is unacceptable the UPS can take over the load as soon as power is lost. These UPS types have primary power continually running through them and are activated immediately if the primary source fails. What are these systems called?", 1895 | "answers": { 1896 | "1": "Standby UPS", 1897 | "2": "lnline UPS", 1898 | "3": "Ghost UPS", 1899 | "4": "Generator" 1900 | }, 1901 | "solution": "2", 1902 | "explanation": null 1903 | }, 1904 | { 1905 | "question": "What is the last line of defense in a physical security sense?", 1906 | "answers": { 1907 | "1": "People", 1908 | "2": "Interior barriers", 1909 | "3": "Exterior barriers", 1910 | "4": "Walls" 1911 | }, 1912 | "solution": "1", 1913 | "explanation": null 1914 | }, 1915 | { 1916 | "question": "Several types of fire detectors are available on the market. Which of the following detect a fire by identifying changes in a stream of light waves?", 1917 | "answers": { 1918 | "1": "Optical detector", 1919 | "2": "Thermometer detector", 1920 | "3": "Heat activated detector", 1921 | "4": "Flame activated detector" 1922 | }, 1923 | "solution": "1", 1924 | "explanation": null 1925 | }, 1926 | { 1927 | "question": "Physical security components combat all of the following main risks except:", 1928 | "answers": { 1929 | "1": "SYN flood", 1930 | "2": "Physical damage", 1931 | "3": "Theft", 1932 | "4": "Fire" 1933 | }, 1934 | "solution": "1", 1935 | "explanation": null 1936 | }, 1937 | { 1938 | "question": "Which of the following items is NOT considered a preventive physical control?", 1939 | "answers": { 1940 | "1": "Fencing", 1941 | "2": "Access logs", 1942 | "3": "Security guards", 1943 | "4": "Security dogs" 1944 | }, 1945 | "solution": "2", 1946 | "explanation": null 1947 | }, 1948 | { 1949 | "question": "Internal partitions should NOT be used in which of the following instances?", 1950 | "answers": { 1951 | "1": "To provide protection of a sensitive area", 1952 | "2": "To create storage rooms for nonsensitive material", 1953 | "3": "To create different work areas", 1954 | "4": "To create barriers between areas" 1955 | }, 1956 | "solution": "1", 1957 | "explanation": null 1958 | }, 1959 | { 1960 | "question": "Which of the following should be used to suppress the fuel supply of a fire of common combustibles?", 1961 | "answers": { 1962 | "1": "Soda Acid", 1963 | "2": "CO2", 1964 | "3": "Halon", 1965 | "4": "Freon" 1966 | }, 1967 | "solution": "1", 1968 | "explanation": null 1969 | }, 1970 | { 1971 | "question": "The classes of fire are determined by their level of combustibility . Of the materials below which does NOT have a Class A rating?", 1972 | "answers": { 1973 | "1": "Wood", 1974 | "2": "Rubber", 1975 | "3": "Oil-based paint", 1976 | "4": "Paper" 1977 | }, 1978 | "solution": "3", 1979 | "explanation": null 1980 | }, 1981 | { 1982 | "question": "A physical security mechanism consisting of a small area with two doors used to 'hold' an individual until his identity can be verified is called a _______.", 1983 | "answers": { 1984 | "1": "Turnstile", 1985 | "2": "Holding area", 1986 | "3": "Mantrap", 1987 | "4": "Man in the middle" 1988 | }, 1989 | "solution": "3", 1990 | "explanation": null 1991 | }, 1992 | { 1993 | "question": "How does an acoustical seismic device detect an intruder?", 1994 | "answers": { 1995 | "1": "Change in vibration", 1996 | "2": "Change in magnetic field", 1997 | "3": "Change in microwaves within room", 1998 | "4": "Breakage of foil strip in window" 1999 | }, 2000 | "solution": "1", 2001 | "explanation": null 2002 | }, 2003 | { 2004 | "question": "A secured computing room should have all of the following characteristics except ______.", 2005 | "answers": { 2006 | "1": "No more than two doorways", 2007 | "2": "Walls that extend from the true flooring to the true ceiling", 2008 | "3": "Comfortable sitting areas around workstations", 2009 | "4": "Strict physical access controls" 2010 | }, 2011 | "solution": "3", 2012 | "explanation": null 2013 | }, 2014 | { 2015 | "question": "Which one of the following characteristics is NOT true of an ideal data processing room?", 2016 | "answers": { 2017 | "1": "Humidity level of 50%", 2018 | "2": "Carpeting", 2019 | "3": "Room temperature around 72\u00c2\u00b0F", 2020 | "4": "Independent HVAC and ventilation systems" 2021 | }, 2022 | "solution": "2", 2023 | "explanation": null 2024 | }, 2025 | { 2026 | "question": "What is Plenum space?", 2027 | "answers": { 2028 | "1": "Open space above drop ceilings and below raised floors", 2029 | "2": "The screened subnet area within the DMZ", 2030 | "3": "The unprotected area around the security perimeter fence", 2031 | "4": "a VPN tunnel" 2032 | }, 2033 | "solution": "1", 2034 | "explanation": null 2035 | }, 2036 | { 2037 | "question": "Due to some recent after-hours altercations in a nearby parking lot Jim's company is installing new lights at the location to improve security. Jim is in charge of physical security and has done the research on lighting requirements in critical areas. One of the requirements Jim found was something called 'two foot-candles at eight feet.' What does this mean?", 2038 | "answers": { 2039 | "1": "Lights must be placed 2 feet apart", 2040 | "2": "The area being lit must be illuminated 2 feet high and 2 feet out", 2041 | "3": "This is an illumination metric used for lighting", 2042 | "4": "Each lit area must be within 2 feet of the next lit area" 2043 | }, 2044 | "solution": "3", 2045 | "explanation": null 2046 | }, 2047 | { 2048 | "question": "Jonathan's workstation is overloaded with electrical connections into a small number of outlets. He is daisy chaining power strips in order to service all of his equipment. One problem that always remains is excessive line noise and power fluctuation. He needs to address the problem but does not have a great deal of money budgeted for it. Which of the solutions below would be LEAST favorable for this specific issue?", 2049 | "answers": { 2050 | "1": "Surge protector", 2051 | "2": "Line conditioners", 2052 | "3": "Redistribute cords to other outlets", 2053 | "4": "UPS" 2054 | }, 2055 | "solution": "4", 2056 | "explanation": null 2057 | }, 2058 | { 2059 | "question": "Low levels of humidity result in static electricity. High levels of humidity create a host of problems as well. Which of the following issues pertaining to high levels of humidity is the most concerning to a security professional?", 2060 | "answers": { 2061 | "1": "Excessive moisture in the air is not an optimum condition for employees who spend their days in a computer room", 2062 | "2": "High humidity levels put strain on HVAC systems which can cause security concerns", 2063 | "3": "High humidity levels can damage or destroy computer parts", 2064 | "4": "High humidity levels make the possibility of fire more likely" 2065 | }, 2066 | "solution": "3", 2067 | "explanation": null 2068 | }, 2069 | { 2070 | "question": "Sometimes basic fencing does not provide the level of protection a company requires. Which of the following combines the functions of intrusion detection systems and fencing?", 2071 | "answers": { 2072 | "1": "PIDAS", 2073 | "2": "PERIMETER", 2074 | "3": "Closed-circuit TV", 2075 | "4": "Acoustical seismic detection system" 2076 | }, 2077 | "solution": "1", 2078 | "explanation": null 2079 | }, 2080 | { 2081 | "question": "Different organizations have different physical security protection requirements thus they need different types of controls and countermeasures. Which of the following is NOT a legitimate justification for using security guards at a facility?", 2082 | "answers": { 2083 | "1": "They are one of the best deterrence for potential intruders", 2084 | "2": "They are flexible and can be positioned randomly", 2085 | "3": "They provide judgment and understanding of different situations", 2086 | "4": "They are cheaper than most automated detection systems" 2087 | }, 2088 | "solution": "4", 2089 | "explanation": null 2090 | }, 2091 | { 2092 | "question": "Which of the following water sprinkler systems sounds an alarm and delays water release?", 2093 | "answers": { 2094 | "1": "Wet pipe system", 2095 | "2": "Pre-action system", 2096 | "3": "Deluge system", 2097 | "4": "Dry pipe system" 2098 | }, 2099 | "solution": "2", 2100 | "explanation": null 2101 | }, 2102 | { 2103 | "question": "Any of the following actions can be taken to prevent static electricity except which one?", 2104 | "answers": { 2105 | "1": "Install carpet", 2106 | "2": "Use antistatic bands when working in computer systems", 2107 | "3": "Install antistatic flooring", 2108 | "4": "Ensure proper grounding" 2109 | }, 2110 | "solution": "1", 2111 | "explanation": null 2112 | }, 2113 | { 2114 | "question": "Which protocol is described as a 'best effort delivery' protocol?", 2115 | "answers": { 2116 | "1": "TCP", 2117 | "2": "SMTP", 2118 | "3": "UDP", 2119 | "4": "ARP" 2120 | }, 2121 | "solution": "3", 2122 | "explanation": null 2123 | }, 2124 | { 2125 | "question": "Which of the following can provide up to 45 Mbps of bandwidth?", 2126 | "answers": { 2127 | "1": "BRI", 2128 | "2": "T3", 2129 | "3": "T1", 2130 | "4": "M1" 2131 | }, 2132 | "solution": "2", 2133 | "explanation": null 2134 | }, 2135 | { 2136 | "question": "Which of the following is a LAN transmission technology that is susceptible to collisions and provides a mechanism for retransmission?", 2137 | "answers": { 2138 | "1": "Ethernet", 2139 | "2": "Token Ring", 2140 | "3": "ATM", 2141 | "4": "FOOi" 2142 | }, 2143 | "solution": "1", 2144 | "explanation": null 2145 | }, 2146 | { 2147 | "question": "Why are network sniffers dangerous to an environment?", 2148 | "answers": { 2149 | "1": "They can be used to launch active attacks", 2150 | "2": "Their presence can cause many false positives", 2151 | "3": "Their presence and activities are not detectable", 2152 | "4": "They can access sensitive data within applications" 2153 | }, 2154 | "solution": "3", 2155 | "explanation": null 2156 | }, 2157 | { 2158 | "question": "Which firewall makes access decisions based only on addresses and port numbers in the header?", 2159 | "answers": { 2160 | "1": "Circuit based proxy", 2161 | "2": "Application based proxy", 2162 | "3": "Stateful", 2163 | "4": "Dual homed" 2164 | }, 2165 | "solution": "1", 2166 | "explanation": null 2167 | }, 2168 | { 2169 | "question": "ARP broadcasts messages on the LAN to find what?", 2170 | "answers": { 2171 | "1": "IP address", 2172 | "2": "MAC address", 2173 | "3": "Router", 2174 | "4": "Hostname" 2175 | }, 2176 | "solution": "2", 2177 | "explanation": null 2178 | }, 2179 | { 2180 | "question": "Which of the following TCP protocols typically works on ports 20 and 21?", 2181 | "answers": { 2182 | "1": "Telnet", 2183 | "2": "Hypertext transfer protocol (HTTP)", 2184 | "3": "File transfer protocol (FTP)", 2185 | "4": "Simple network management protocol (SNMP)" 2186 | }, 2187 | "solution": "3", 2188 | "explanation": null 2189 | }, 2190 | { 2191 | "question": "A WAN technology that uses 53 bytes cells and has low delay levels is called what?", 2192 | "answers": { 2193 | "1": "ATM", 2194 | "2": "Frame relay", 2195 | "3": "X.25", 2196 | "4": "SMDS" 2197 | }, 2198 | "solution": "1", 2199 | "explanation": null 2200 | }, 2201 | { 2202 | "question": "Which of the following devices typically works at the application layer and acts as a protocol translator for different environments?", 2203 | "answers": { 2204 | "1": "Switch", 2205 | "2": "Gateway", 2206 | "3": "Bridge", 2207 | "4": "Router" 2208 | }, 2209 | "solution": "2", 2210 | "explanation": null 2211 | }, 2212 | { 2213 | "question": "What device works at the physical layer to boost electrical signals between network segments?", 2214 | "answers": { 2215 | "1": "Switch", 2216 | "2": "Router", 2217 | "3": "Repeater", 2218 | "4": "Gateway" 2219 | }, 2220 | "solution": "3", 2221 | "explanation": null 2222 | }, 2223 | { 2224 | "question": "Which statement is not true of a dedicated line?", 2225 | "answers": { 2226 | "1": "More secure than using public networks", 2227 | "2": "Connects two locations", 2228 | "3": "Inflexible and expensive", 2229 | "4": "Uses packet switching technology" 2230 | }, 2231 | "solution": "4", 2232 | "explanation": null 2233 | }, 2234 | { 2235 | "question": "All computers are connected to a central device in which of the following topologies?", 2236 | "answers": { 2237 | "1": "Star", 2238 | "2": "Bus", 2239 | "3": "Mesh", 2240 | "4": "Tree" 2241 | }, 2242 | "solution": "1", 2243 | "explanation": null 2244 | }, 2245 | { 2246 | "question": "When a router modifies a private IP address of a computer into a registered IP address to send out through an external link it is performing ____.", 2247 | "answers": { 2248 | "1": "Network address translation", 2249 | "2": "Polling", 2250 | "3": "Address resolution protocol", 2251 | "4": "Multiplexing" 2252 | }, 2253 | "solution": "1", 2254 | "explanation": null 2255 | }, 2256 | { 2257 | "question": "Which of the following is a real threat in wireless communication?", 2258 | "answers": { 2259 | "1": "Encryption is not available in wireless technologies", 2260 | "2": "Users cannot be authenticated as they move from one AP to another", 2261 | "3": "No data integrity can be performed as users move from one AP to another", 2262 | "4": "Wardriving can uncover traffic AP and station location" 2263 | }, 2264 | "solution": "4", 2265 | "explanation": null 2266 | }, 2267 | { 2268 | "question": "A breach is generally an impermissible use or disclosure that compromises the security or privacy of the protected information. What must you do to determine if a data breach must be reported?", 2269 | "answers": { 2270 | "1": "Verify the breach in log history", 2271 | "2": "Examine existing laws and regulations", 2272 | "3": "Check with law enforcement such as the FBI", 2273 | "4": "Follow procedures in your DRP" 2274 | }, 2275 | "solution": "2", 2276 | "explanation": null 2277 | }, 2278 | { 2279 | "question": "A DDoS attack occurs when a hacker has deposited remote-controlled agents zombies or bots onto numerous secondary victims and then uses the deployed bots as a single entity to attack a primary target. What class of computer crime would this be reported as?", 2280 | "answers": { 2281 | "1": "Computer incidental crime", 2282 | "2": "Computer-resisted crime", 2283 | "3": "Computer-targeted crime", 2284 | "4": "Computer due care crime" 2285 | }, 2286 | "solution": "3", 2287 | "explanation": null 2288 | }, 2289 | { 2290 | "question": "Intellectual property is an intangible (you can't touch it) asset that is the result of creativity (the use of intellect). Which of the following U.S. laws or regulations protects intellectual proper for up to 70 years?", 2291 | "answers": { 2292 | "1": "Patent law", 2293 | "2": "Digital Rights Management", 2294 | "3": "Trademark law", 2295 | "4": "Copyright law" 2296 | }, 2297 | "solution": "4", 2298 | "explanation": null 2299 | }, 2300 | { 2301 | "question": "ISC2 code of ethics is important for a CISSP and strict adherence to this Code is a condition of certification. Which of the following would you consider to be least important?", 2302 | "answers": { 2303 | "1": "Provide diligent and competent service to principals (employers)", 2304 | "2": "Advance and protect the profession", 2305 | "3": "Act honorably honestly justly responsibly and legally", 2306 | "4": "Protect society the commonwealth (nation) and the infrastructure" 2307 | }, 2308 | "solution": "2", 2309 | "explanation": null 2310 | }, 2311 | { 2312 | "question": "Compliance is ensuring that your organization's policies follow guidelines specifications legislation or regulations including local state federal and industry-accepted regulations. In which area is compliance most important?", 2313 | "answers": { 2314 | "1": "Legislative and regulatory", 2315 | "2": "Payment Card Industry", 2316 | "3": "Privacy of your employee's information", 2317 | "4": "Guidelines for due care and due diligence." 2318 | }, 2319 | "solution": "1", 2320 | "explanation": null 2321 | }, 2322 | { 2323 | "question": "There have been some recent changes in best practices and standards. Which of the following could be considered a new stress for the CISSP exam?", 2324 | "answers": { 2325 | "1": "Asset valuation for risk management", 2326 | "2": "Plan Do Check Act", 2327 | "3": "Continuous improvement", 2328 | "4": "Employment candidate screening" 2329 | }, 2330 | "solution": "3", 2331 | "explanation": null 2332 | }, 2333 | { 2334 | "question": "Threat modeling is a systematic approach used to understand how different threats could be realized and how a successful compromise could take place. After determining and diagramming potential attacks what would typically be done next?", 2335 | "answers": { 2336 | "1": "Perform a reduction analysis", 2337 | "2": "Develop new policies", 2338 | "3": "Prepare a Gantt chart", 2339 | "4": "Identifying threats and threat agents" 2340 | }, 2341 | "solution": "1", 2342 | "explanation": null 2343 | }, 2344 | { 2345 | "question": "A data owner is an important role in the enterprise. The owner controls the process of defining IT service levels supporting the review of controls and authorizing the enforcement of security controls to protect the specified information assets of the organization. Data Owners are also responsible for determining the data's sensitivity or classification levels. To whom is the data owner typically accountable?", 2346 | "answers": { 2347 | "1": "Auditors", 2348 | "2": "Board of Directors", 2349 | "3": "Data Custodian", 2350 | "4": "CISO" 2351 | }, 2352 | "solution": "4", 2353 | "explanation": null 2354 | }, 2355 | { 2356 | "question": "A policy is high level documents which directs how things should be done. Policies are developed by management to clearly transmit the rules guiding strategy and philosophy of management to all employees An early step in developing any good policy is ___.", 2357 | "answers": { 2358 | "1": "Defining procedures", 2359 | "2": "Polyinstantiation", 2360 | "3": "Evaluation of lessons learned", 2361 | "4": "Scoping" 2362 | }, 2363 | "solution": "4", 2364 | "explanation": null 2365 | }, 2366 | { 2367 | "question": "A multi-level security model allows a computer system to process information with different sensitivities (i.e. at different security levels). It may permit simultaneous access by users with different security clearances and need-toknow. The formal model which provides for No Write Down is ____.", 2368 | "answers": { 2369 | "1": "Brewer Nash", 2370 | "2": "Biba", 2371 | "3": "Bell LaPadula", 2372 | "4": "Clark Wilson" 2373 | }, 2374 | "solution": "4", 2375 | "explanation": null 2376 | }, 2377 | { 2378 | "question": "Hashing is often used in forensic analysis. It is used to verify that an exact copy of the original media has been made for examination. Hashes can also help in finding or eliminating some specific files. During forensic analysis which algorithm would you recommend be used for determining accurate copies?", 2379 | "answers": { 2380 | "1": "SHA1", 2381 | "2": "MOS", 2382 | "3": "Quantum", 2383 | "4": "SHA2" 2384 | }, 2385 | "solution": "4", 2386 | "explanation": null 2387 | }, 2388 | { 2389 | "question": "Chain of custody is a document that indicates various details about evidence across its life cycle. It begins with the time and place of discovery and identifies who discovered the evidence who secured it who collected it who transported it who protected it while in storage and who analyzed it. Where would be the typical place a hard drive being store for evidence be placed?", 2390 | "answers": { 2391 | "1": "Bitlocker", 2392 | "2": "Vault", 2393 | "3": "Safe", 2394 | "4": "Faraday Cage" 2395 | }, 2396 | "solution": "2", 2397 | "explanation": null 2398 | }, 2399 | { 2400 | "question": "NIST developed the Risk Management Framework (RMF) to provide a more flexible dynamic approach for effective management of information systemrelated security risk in highly diverse environments and throughout the system development life cycle. The RMF identifies six steps that provide a disciplined and structured process for managing mission/business risk associated with the operation and use. What is the second step of the RMF?", 2401 | "answers": { 2402 | "1": "Perform a Business Impact Analysis", 2403 | "2": "Categorize the information system", 2404 | "3": "Assess the security controls", 2405 | "4": "Select an initial set of baseline security controls" 2406 | }, 2407 | "solution": "4", 2408 | "explanation": null 2409 | }, 2410 | { 2411 | "question": "Mary is developing an application for use in her company domain. She intends to use an RSA key exchange then switch to faster AES algorithm to transfer large amounts of data securely. What will be needed to secure the session key?", 2412 | "answers": { 2413 | "1": "Sender's Private Key", 2414 | "2": "Recipient's X509 Digital Certificate", 2415 | "3": "Sender's Public Key", 2416 | "4": "Pseudo Random Number Generator" 2417 | }, 2418 | "solution": "2", 2419 | "explanation": null 2420 | }, 2421 | { 2422 | "question": "Physical security controls are your first line of defense and should be designed so that the breach of any one will not compromise the physical security of the organization. CCTV cameras mantraps lighting guards dogs and locks are but a few of the layers of physical security. Which area would it be most appropriate to install physical detective and deterrent controls to protect Ethernet appliances?", 2423 | "answers": { 2424 | "1": "Faraday Barrier", 2425 | "2": "Wiring Closet", 2426 | "3": "Plenum Space", 2427 | "4": "HVAC" 2428 | }, 2429 | "solution": "2", 2430 | "explanation": null 2431 | }, 2432 | { 2433 | "question": "Many networking protocols operate at a single level of the OSI model. A few such as ATM and DNP3 are said to operate at multiple levels. Where would you expect to find DNP3 used?", 2434 | "answers": { 2435 | "1": "To tie together AP ls on an authentication system", 2436 | "2": "In core routers on the Internet", 2437 | "3": "In conjunction with routers running OSPF", 2438 | "4": "In a SCADA or ICS systems" 2439 | }, 2440 | "solution": "4", 2441 | "explanation": null 2442 | }, 2443 | { 2444 | "question": "802.11 wireless standard. It defines two new security protocols Temporal Key Integrity Protocol (TKIP) for symmetric key generation and the use of ____.", 2445 | "answers": { 2446 | "1": "AES for strong encryption", 2447 | "2": "A mandatory RADIUS server for strong authentication", 2448 | "3": "RC4 as a strong replacement for WEP", 2449 | "4": "Digital signatures for non-repudiation" 2450 | }, 2451 | "solution": "1", 2452 | "explanation": null 2453 | }, 2454 | { 2455 | "question": "Which type of law deals with grievances or wrongs against individuals or companies that result in damages or loss?", 2456 | "answers": { 2457 | "1": "Intellectual property", 2458 | "2": "Criminal", 2459 | "3": "Tort", 2460 | "4": "Regulatory" 2461 | }, 2462 | "solution": "3", 2463 | "explanation": null 2464 | }, 2465 | { 2466 | "question": "A distributed network is a type of computer network that is spread over different networks typically in different locations. If you were using this type of system a good way to speed access to large files would be to implement which of the following?", 2467 | "answers": { 2468 | "1": "Proxy for web caching", 2469 | "2": "Reverse proxy for load balancing", 2470 | "3": "Content Distribution Network", 2471 | "4": "Private cloud for laaS" 2472 | }, 2473 | "solution": "3", 2474 | "explanation": null 2475 | }, 2476 | { 2477 | "question": "Virtual machine is software enabling several operating systems to run simultaneously run on a single PC without interfering with each other. A hypervisor in virtualized systems can be thought of as an operating system for operating systems. You are thinking of trying virtualization for some hosts in your DMZ. What would be a best practice?", 2478 | "answers": { 2479 | "1": "Setup a Bastion Host as a decoy", 2480 | "2": "Install an IDPS to monitor for incidents", 2481 | "3": "Use a type 2 hypervisor with Linux to host guest OSs", 2482 | "4": "Use a type 1 hypervisor to host guest OSs" 2483 | }, 2484 | "solution": "4", 2485 | "explanation": null 2486 | }, 2487 | { 2488 | "question": "Physical separation (decoupling) of the network control plane of packets from the data plane (hardware) is typically accomplished by ____.", 2489 | "answers": { 2490 | "1": "Software Defined Networking", 2491 | "2": "Platform as a Service (PaaS)", 2492 | "3": "Software Defined Storage", 2493 | "4": "Implementing PVLANs" 2494 | }, 2495 | "solution": "1", 2496 | "explanation": null 2497 | }, 2498 | { 2499 | "question": "Federated Identity Management (FIM) is a model that enables companies to allow registered users of their domain to access information from other domains in a smooth way. A federation can be best defined as ____.", 2500 | "answers": { 2501 | "1": "Security Assertion Markup", 2502 | "2": "An alliance", 2503 | "3": "Single Sign On (SSO)", 2504 | "4": "An authentication system" 2505 | }, 2506 | "solution": "2", 2507 | "explanation": null 2508 | }, 2509 | { 2510 | "question": "Everyone should understand their responsibilities for achieving adequate information security and for managing information system-related security risks. Step three of the RMF stresses the need to assess the security controls using appropriate assessment procedures to determine the extent to which the controls are implemented correctly. A common assessment of the network by your administrators is called a -----.", 2511 | "answers": { 2512 | "1": "Business Impact Analysis", 2513 | "2": "Pen Test", 2514 | "3": "Vulnerability Scan", 2515 | "4": "Port Scan" 2516 | }, 2517 | "solution": "3", 2518 | "explanation": null 2519 | }, 2520 | { 2521 | "question": "An 10S/IPS can implement signature-based and/or anomaly based intrusion detection. Anomaly detection in the IDS/IPS can identify unusual and abnormal patterns of activity against an established baseline. To verify this system is working properly it is desirable to check the response to ____.", 2522 | "answers": { 2523 | "1": "Fuzzing", 2524 | "2": "XML injection", 2525 | "3": "Code review", 2526 | "4": "Synthetic Transactions" 2527 | }, 2528 | "solution": "4", 2529 | "explanation": null 2530 | }, 2531 | { 2532 | "question": "A CISSP is expected to be capable of establishing and maintaining security awareness and training to help in the prevention of ____?", 2533 | "answers": { 2534 | "1": "Social Engineering Attacks", 2535 | "2": "Lack of Due Care and Diligence", 2536 | "3": "Privilege Escalation", 2537 | "4": "Escalation from an Incident to a Disaster" 2538 | }, 2539 | "solution": "1", 2540 | "explanation": null 2541 | }, 2542 | { 2543 | "question": "Computer forensics techniques are used to search preserve and analyze information on computer systems to find potential evidence for a trial. If you are defending against a tort what would your forensics be focused on if encrypted credit card information has been stolen and used even though you had effective controls in place?", 2544 | "answers": { 2545 | "1": "E Discovery", 2546 | "2": "Criminal Investigation", 2547 | "3": "Operational Investigation", 2548 | "4": "Steganography" 2549 | }, 2550 | "solution": "3", 2551 | "explanation": null 2552 | }, 2553 | { 2554 | "question": "Which of the following involves people with the requisite experience and education evaluating threat scenarios and rating the potential loss and severity of each threat based on their experience?", 2555 | "answers": { 2556 | "1": "Data Mining", 2557 | "2": "Qualitative risk analysis", 2558 | "3": "Risk assessment", 2559 | "4": "Risk management" 2560 | }, 2561 | "solution": "2", 2562 | "explanation": null 2563 | }, 2564 | { 2565 | "question": "What are the assessment results produced by the application of an assessment procedure to a system called?", 2566 | "answers": { 2567 | "1": "Plan of Action and Milestones", 2568 | "2": "Assessment Findings", 2569 | "3": "Risk Assessment", 2570 | "4": "Vulnerability Assessment" 2571 | }, 2572 | "solution": "2", 2573 | "explanation": null 2574 | }, 2575 | { 2576 | "question": "Thresholds of acceptable user errors and suspicious activities which can trigger and alert are called?", 2577 | "answers": { 2578 | "1": "Critical path analysis", 2579 | "2": "Remote journaling", 2580 | "3": "Clipping levels", 2581 | "4": "TOC/TOU" 2582 | }, 2583 | "solution": "3", 2584 | "explanation": null 2585 | }, 2586 | { 2587 | "question": "Java security employs a(n) ___ so an applet is restricted and fairly safe.", 2588 | "answers": { 2589 | "1": "ActiveX", 2590 | "2": "Sandbox", 2591 | "3": "Artificial neural network", 2592 | "4": "Deadlock situation" 2593 | }, 2594 | "solution": "2", 2595 | "explanation": null 2596 | }, 2597 | { 2598 | "question": "The crossover error rate (CER) _____ _ _.", 2599 | "answers": { 2600 | "1": "May be hidden by a stealth virus", 2601 | "2": "Is hidden for out-of-band communication", 2602 | "3": "Is concealed in a Trojan horse program", 2603 | "4": "Is the point at which FRR and FAR are equal" 2604 | }, 2605 | "solution": "4", 2606 | "explanation": null 2607 | }, 2608 | { 2609 | "question": "This IP address A address of 2002:0000:0000:3210:0800:200C:00CF:1234 could be shortened to -----.", 2610 | "answers": { 2611 | "1": "2002: : 321 : 8: 200C:CF: 1234", 2612 | "2": "2002: : 3210: 0800: 200C:OOCF: 1234", 2613 | "3": "2002: : 3210: 800: 200C:CF: 1234", 2614 | "4": "2002: : 3210: 8: 200C:CF: 1234" 2615 | }, 2616 | "solution": "3", 2617 | "explanation": null 2618 | }, 2619 | { 2620 | "question": "A firewall can either be software configured on a computer system or a network appliance. Both are designed to block unauthorized access while permitting authorized communications. The firewall which dynamically open ports is called a?", 2621 | "answers": { 2622 | "1": "Proxy", 2623 | "2": "Stateful", 2624 | "3": "Stateless", 2625 | "4": "Packet Filter" 2626 | }, 2627 | "solution": "2", 2628 | "explanation": null 2629 | }, 2630 | { 2631 | "question": "An IPSec _____ defines how two entities have negotiated and agreed to utilize security services to communicate securely.", 2632 | "answers": { 2633 | "1": "Oakley negotiation", 2634 | "2": "Tunnel negotiation", 2635 | "3": "Security Association (SA)", 2636 | "4": "SAML (Security Association Markup Language)" 2637 | }, 2638 | "solution": "3", 2639 | "explanation": null 2640 | }, 2641 | { 2642 | "question": "Unauthorized access points created by programmers as a rescue option or malicious programs inserted by an attacker that allows an unauthorized entity to gain access into a system or program are called?", 2643 | "answers": { 2644 | "1": "Remote Access Tool", 2645 | "2": "Back Door", 2646 | "3": "Cracked Door", 2647 | "4": "Trojan Horse" 2648 | }, 2649 | "solution": "2", 2650 | "explanation": null 2651 | }, 2652 | { 2653 | "question": "Sending messages to Bluetooth-capable devices without the permission of the owner/user is a prank called ___ _.", 2654 | "answers": { 2655 | "1": "Blue Boffing", 2656 | "2": "Blue Snarfing", 2657 | "3": "Blue Fishing", 2658 | "4": "Blue Jacking" 2659 | }, 2660 | "solution": "4", 2661 | "explanation": null 2662 | }, 2663 | { 2664 | "question": "Which of the following is a proactive long term plan regarding the ability of critical business functions to continue in operation even in the face of serious threats.", 2665 | "answers": { 2666 | "1": "Incident Response Plan", 2667 | "2": "Disaster Recovery Plan", 2668 | "3": "Business Continuity Plan", 2669 | "4": "Business Resumption Plan" 2670 | }, 2671 | "solution": "3", 2672 | "explanation": null 2673 | }, 2674 | { 2675 | "question": "What is the process of storing copies of private keys by a certificate authority called?", 2676 | "answers": { 2677 | "1": "Key Continuity", 2678 | "2": "Key Journaling", 2679 | "3": "Key Escrow", 2680 | "4": "Software Escrow" 2681 | }, 2682 | "solution": "3", 2683 | "explanation": null 2684 | }, 2685 | { 2686 | "question": "A trusted authority in a network that generates asymmetric key pairs issues and manages security credentials publishes a CRL and more is a __ _.", 2687 | "answers": { 2688 | "1": "Online Certificate Status Authority", 2689 | "2": "Registration Authority", 2690 | "3": "Certification Authority", 2691 | "4": "Certificate Authority" 2692 | }, 2693 | "solution": "4", 2694 | "explanation": null 2695 | }, 2696 | { 2697 | "question": "Cloud computing can be defined as virtual servers resources applications services or anything you consume over the Internet. Which system offers a capability to the consumer to provision processing storage networks and other fundamental computing resources?", 2698 | "answers": { 2699 | "1": "MaaS", 2700 | "2": "PaaS", 2701 | "3": "laaS", 2702 | "4": "SaaS" 2703 | }, 2704 | "solution": "3", 2705 | "explanation": null 2706 | }, 2707 | { 2708 | "question": "Common Criteria (CC) was developed as an international IT evaluation criterion. Common Criteria is designed around Trusted Computing Base (TCB). EALs provide a specific level of confidence in the security functions of the system being analyzed. Which level would be most appropriate for a high security environment?", 2709 | "answers": { 2710 | "1": "EAL Level 1", 2711 | "2": "EAL Level 2", 2712 | "3": "EAL Level 4", 2713 | "4": "EAL Level 5" 2714 | }, 2715 | "solution": "4", 2716 | "explanation": null 2717 | }, 2718 | { 2719 | "question": "One way to exfiltrate data is using a secret communication path that allows data transfer in a way that violates the security policy. Such a path is called a _______.", 2720 | "answers": { 2721 | "1": "Tunnel", 2722 | "2": "Overt Channel", 2723 | "3": "Secure Channel", 2724 | "4": "Covert Channel" 2725 | }, 2726 | "solution": "4", 2727 | "explanation": null 2728 | }, 2729 | { 2730 | "question": "Server side attacks an issue when users go to the Internet. One common issue is a form of malicious code injection attack where an attacker is able to compromise a web server and inject their own malicious code into the content sent to other visitors. This is commonly called ____ _.", 2731 | "answers": { 2732 | "1": "XML Injection", 2733 | "2": "Cross Site Scripting", 2734 | "3": "Buffer Overflow", 2735 | "4": "Cross-site Request Forgery" 2736 | }, 2737 | "solution": "2", 2738 | "explanation": null 2739 | }, 2740 | { 2741 | "question": "Data remanence is data (remaining magnetism) that persists beyond means such as formatting used to delete it. This residual information may cause inadvertent disclosure of sensitive information. The best way to insure data remanence is not an issue is to ------.", 2742 | "answers": { 2743 | "1": "Destroy the circuit board of the drives", 2744 | "2": "Smash the old hard drives", 2745 | "3": "Degauss old hard drives", 2746 | "4": "Overwrite old drives three times" 2747 | }, 2748 | "solution": "3", 2749 | "explanation": null 2750 | }, 2751 | { 2752 | "question": "Lots of testing is needed during software development. Separation of duties is followed so one programmer can serve as a check on others. Which test is commonly carried out after changes to validate and verify the code?", 2753 | "answers": { 2754 | "1": "Acceptance testing", 2755 | "2": "Regression testing", 2756 | "3": "Integration testing", 2757 | "4": "Unit testing" 2758 | }, 2759 | "solution": "2", 2760 | "explanation": null 2761 | } 2762 | ] 2763 | } --------------------------------------------------------------------------------