[CCCure CISSP] Cissp Questions

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[CCCure CISSP] Cissp Questions

Zameeruddin Syed
Hello everyone,

I have few questions and need correct answers.Please help me.

Q1) Packet filtering can be applied in which layers of the OSI model ?

a) Network and Transport b) Datalink and Network layers c) session and Presentation layers d) Transport and Session layer

 

Q2) Palm Scan is what type of Control?

a) Preventive physical b) detective physical c)Preventive Technical d)Detective technical

 

Q3) Over the past 15 years, floods have occured 3 times. The cost of the Asset values are: 

Availability is 60000(A), Integrity is 10000(I), and Confidentiality(C) is 0.

Total Impact is 70000(A+I). What is ALE ?

A) 14000 B)3500 C)140000

 

Q4) Version control provides what type of security ?

a)Integrity b)Availability c)Authorization d) Confidentiality

 

Q5) When a system has Open ports and is compromised, it is subjected to what type of attack ?

a)Denial of Service b) Spoofing c) MIM Attack d) Phishing

 

Q6) Which of the following site offers high availability and more expensive ?

a) Mirror site b) Hot site 

 

Q7) Which of the following will the attacker target the most to get privilege access to the system?

a) Firewall logs b) System logs c) data logs

 

Q8) Which of the following maintenance activity is used for project Initiation, Changes and Implementation in the SDLC ?

a) Regression Testing b) User Acceptance Testing c) Integration Testing d)Unit testing

 

Q9) Acceptable usage policy contains (I wrote "Data Retention Period" as answer, can u plz let me know what they contain ? Remaining options I forgot)

a) Data Retention Period 

 

Q10) Stegnography provides 

a) Out of Band Messages b) Tunnel Encryption

 

Q11) Which of the permissions are discretionary based?

a) insert and delete b) grant and revoke c) if and then d) confidential and restricted 

 

Q12) In Extensible Authentication Protocol (EAP), Extensibility is achieved by what? (Forgot the options, but plz let me know how it can be achieved) 

 

 

Q13) TLS and SSL provides

a) Channel security on the top of Transport Layer of the IP Stack

b) Encapsulation of data over HTTP

 

Q14) An example of Acoustic Emanation security is (Remaining options I forgot, plz let me know what it is )

a) Line noise 

 

Q15) In CBC (Cipher Block Chaining) if a single bit of Cipher Text is modified, then

a) The entire data is corrupted b) only the modified bit is corrupted

 

Q16) Which of the following is the fastest way to recover the data?

a) disk array recovery b) Tape recovery 

 

Q17) If a full backup is performed on Sunday evening, and Incremental backups are performed on monday to saturday. If a system crash occurs on Sunday morning, which of the following is the best way to recover the data?

a) Replacing the disk b) Recover the disk c) Restore the disk

 

Q18) The advantages of Asymmetric Encryption include

a) Support for many users b) Support N Tier Architecture

 

Q19) What is the final step/stage in the Identity management? 

a) Implementation b)Maintenance c) Training d) documentation

 

Q20) What will the operation Security do when a system is compromised? (Only this option I remember, plz let me know what are the possibilities)

a) Install Firewall into the system 

 

Q21) Routers performs which type of Routing ?

a)Link State b)Distance Vector C)BGP D)Static

 

Q22) When a cross certification is used by Certification Authorities (CA)?

a) When a certificate is transferred from one CA to other CA

b) When a certificate is modifed by CA

 



--
Thanks & Regards,

ZAMEERUDDIN SYED


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] Cissp Questions

Doug Spindler
One can filleter on frames, data, packets which is network, sessions which is transport and PDU which is session and presentation.  I think this is a case where you need to memorize the correct answer they are expecting to get the question correct.  In my opinion none are correct.





On Mar 16, 2014, at 21:50, Zameeruddin Syed <[hidden email]> wrote:

Hello everyone,

I have few questions and need correct answers.Please help me.

Q1) Packet filtering can be applied in which layers of the OSI model ?

a) Network and Transport b) Datalink and Network layers c) session and Presentation layers d) Transport and Session layer

 

Q2) Palm Scan is what type of Control?

a) Preventive physical b) detective physical c)Preventive Technical d)Detective technical

 

Q3) Over the past 15 years, floods have occured 3 times. The cost of the Asset values are: 

Availability is 60000(A), Integrity is 10000(I), and Confidentiality(C) is 0.

Total Impact is 70000(A+I). What is ALE ?

A) 14000 B)3500 C)140000

 

Q4) Version control provides what type of security ?

a)Integrity b)Availability c)Authorization d) Confidentiality

 

Q5) When a system has Open ports and is compromised, it is subjected to what type of attack ?

a)Denial of Service b) Spoofing c) MIM Attack d) Phishing

 

Q6) Which of the following site offers high availability and more expensive ?

a) Mirror site b) Hot site 

 

Q7) Which of the following will the attacker target the most to get privilege access to the system?

a) Firewall logs b) System logs c) data logs

 

Q8) Which of the following maintenance activity is used for project Initiation, Changes and Implementation in the SDLC ?

a) Regression Testing b) User Acceptance Testing c) Integration Testing d)Unit testing

 

Q9) Acceptable usage policy contains (I wrote "Data Retention Period" as answer, can u plz let me know what they contain ? Remaining options I forgot)

a) Data Retention Period 

 

Q10) Stegnography provides 

a) Out of Band Messages b) Tunnel Encryption

 

Q11) Which of the permissions are discretionary based?

a) insert and delete b) grant and revoke c) if and then d) confidential and restricted 

 

Q12) In Extensible Authentication Protocol (EAP), Extensibility is achieved by what? (Forgot the options, but plz let me know how it can be achieved) 

 

 

Q13) TLS and SSL provides

a) Channel security on the top of Transport Layer of the IP Stack

b) Encapsulation of data over HTTP

 

Q14) An example of Acoustic Emanation security is (Remaining options I forgot, plz let me know what it is )

a) Line noise 

 

Q15) In CBC (Cipher Block Chaining) if a single bit of Cipher Text is modified, then

a) The entire data is corrupted b) only the modified bit is corrupted

 

Q16) Which of the following is the fastest way to recover the data?

a) disk array recovery b) Tape recovery 

 

Q17) If a full backup is performed on Sunday evening, and Incremental backups are performed on monday to saturday. If a system crash occurs on Sunday morning, which of the following is the best way to recover the data?

a) Replacing the disk b) Recover the disk c) Restore the disk

 

Q18) The advantages of Asymmetric Encryption include

a) Support for many users b) Support N Tier Architecture

 

Q19) What is the final step/stage in the Identity management? 

a) Implementation b)Maintenance c) Training d) documentation

 

Q20) What will the operation Security do when a system is compromised? (Only this option I remember, plz let me know what are the possibilities)

a) Install Firewall into the system 

 

Q21) Routers performs which type of Routing ?

a)Link State b)Distance Vector C)BGP D)Static

 

Q22) When a cross certification is used by Certification Authorities (CA)?

a) When a certificate is transferred from one CA to other CA

b) When a certificate is modifed by CA

 



--
Thanks & Regards,

ZAMEERUDDIN SYED

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org