CISSP Certification Prep 2018 Practice Test WITH CORRECT ANSWERS
Which phase of the incident response process is triggered by awareness?
A. Triage
... [Show More] Phase
B. Investigative Phase
C. Recovery Phase
D. Post-incident Phase CORRECT ANSWER
In managing security services effectively, incident management handles which of the following? (check all that apply)
A.Prioritization
B.Training
C.Automatic scanning of media and attachments
D.Protocol-anomaly-based systems CORRECT ANSWER A.Prioritization
B.Training
What is the correct order in which the ISC2 Code of Ethics should be upheld?
A. Advance and protect the profession; Provide diligent and competent service to principals; Act honorably, honestly, justly, responsibly, and legally; Protect society, the commonwealth, and the infrastructure.
B. Protect society, the commonwealth, and the infrastructure; Provide diligent and competent service to principals; Act honorably, honestly, justly, responsibly, and legally; Advance and protect the profession.
C. Protect society, the commonwealth, and the infrastructure; Act honorably, honestly, justly, responsibly, and legally; Provide diligent and competent service to principals; Advance and protect the profession.
D. Act honorably, honestly, justly, responsibly, and legally; Protect society, the commonwealth, and the infrastructure; Provide diligent and competent service to principals; Advance and protect the profession. CORRECT ANSWER C. Protect society, the commonwealth, and the infrastructure; Act honorably, honestly, justly, responsibly, and legally; Provide diligent and competent service to principals; Advance and protect the profession.
Which of the following layers of the OSI model offers reliability of transmission services?
A. Application Layer
B. Data-Link Layer
C. Transport
D. Physical Layer CORRECT ANSWER A. Application Layer
The Investigative phase of the incident response process includes detection, identification, and notification.
A. TRUE
B. FALSE CORRECT ANSWER B. FALSE
Which does NOT describe one-time pads?
A. Unbreakable by most cryptanalysis
B. Requires a key the length of the message
C. May or may not be visible; may affect quality of the original
D. Keys must be randomly generated CORRECT ANSWER C. May or may not be visible; may affect quality of the original
Information will not be disclosed to any unauthorized person on a local network via which of the following cryptographic system services?
A. Authentication
B. Non-Repudiation
C. Integrity
D. Confidentiality CORRECT ANSWER D. Confidentiality
The software development model that is designed for large mainframe systems and requires an environment where developers work directly with users is:
A. JAD
B. RAD
C. MPM
D. CASE CORRECT ANSWER A. JAD
Which software development model releases multiple beta versions and solicits frequent user feedback?
A. Iterative Development
B. Prototyping
C. Spiral
D. Cleanroom CORRECT ANSWER B. Prototyping
Wi-Fi Protected Access (WPA-2) uses Advanced Encryption Standard (AES) and Temporal Key Integrity Protocol (TKIP).
A. TRUE
B. FALSE CORRECT ANSWER A. TRUE
What are the three phases of the cryptographic lifecycle?
A. Weakened, compromised, and broken
B. Strong, weakened, and compromised
C. Operational, post-operational, and obsolete
D. Installed, used, and recovered CORRECT ANSWER B. Strong, weakened, and compromised
Polyalphabetic encryption techniques use multiple alphabets for each successive character replacement, making analysis much more difficult.
A. TRUE
B. FALSE CORRECT ANSWER A. TRUE
Which of the following attacks allow bypassing access control lists on routers and aids an aggressor in identity hiding?
A. MAC Spoofing Attack
B. DNS Cache Poisoning
C. DDos Attack
D. Mask Attack CORRECT ANSWER A. MAC Spoofing Attack
In defining and maintaining the enterprise security architecture, the gap analysis describes the security functionality in terms of generic components, component flows, and nodes.
A. TRUE
B. FALSE CORRECT ANSWER B. FALSE
Which describes the symmetric cipher "Blowfish"?
A. Extremely fast, and uses very little memory
B. Keys range from 32 to 448 bits
C. Feistal-type blocks of 64 bits in length
D. None of the above
E. All of the above CORRECT ANSWER A. Extremely fast, and uses very little memory
A digital certificate in a Public Key Infrastructure is:
A. A delegated function from the certificate authority
B. An entity that issues manages keys
C. Electronic credentials used to certify an online identity
D. A central, accessible location where public keys are stored CORRECT ANSWER C. Electronic credentials used to certify an online identity
Which of the most common Cloud service types allow applications to be created and run on remote infrastructure?
A. Infrastructure as a Service (IaaS)
B. Platform as a Service (PaaS)
C. Software as a Service (SaaS)
D. Security as a Service (SEaaS) CORRECT ANSWER B. Platform as a Service (PaaS) [Show Less]