CISSP test bank - Exam questions to study/review 1. Top questions with accurate answers, 100% Accurate.
11 views 0 purchase
Course
CISSP
Institution
CISSP
CISSP test bank - Exam questions to study/review 1. Top questions with accurate answers, 100% Accurate.
What law protects the right of citizens to privacy by placing restrictions on the authority granted to government agencies to search private residences and facilities?
a) Privacy act
b) Fo...
cissp test bank exam questions to studyreview 1 top questions with accurate answers
100 accurate what law protects the right of citizens to privacy by placing restrictions on the authority gr
Written for
CISSP
All documents for this subject (299)
Seller
Follow
QuickPass
Reviews received
Content preview
CISSP test bank - Exam questions to
study/review 1. Top questions with
accurate answers, 100% Accurate.
What law protects the right of citizens to privacy by placing restrictions on the authority granted to
government agencies to search private residences and facilities?
Which component of the CIA triad has the most avenue or vectors of attacks and compromise? - ✔✔-
Availability
During the de-encapsulation procedure the _______________________ layer strips out its information
and sends the message to the network layer - ✔✔-Data link
which of the following is not a feature of packet switching?
a) Bursty traffic
b) Fixed known delays
c) Sensitive to data loss
d) Supports any type of traffic - ✔✔-b) Fixed know delays.
Packet switching has unknown traffic delays. Circuit switching has fixed known delays
Data objects and their names in the OSI model - ✔✔-Datalink layer: frame
Network layer: datagram or packet
Transport layer: segment
Session, Presentation and Application: PDU (Protocol Data Unit)
,Which of the following is not a required component of a digital cerificate?
a) serial number
b) validity period
c) receiver's name
d) X.509 version - ✔✔-c) receiver's name
What regulation formalizes the prudent man rule that requires senior executive to take personal
responsibility for their actions?
a) CFAA
b) Federal Sentencing Guidelines
c) GLBA
d) Sarbanes-Oxley - ✔✔-b) Federal Sentencing Guidelines
GLBA - Gramm-Leach-Bliley Act = financial institutions and privacy
CFAA - Computer Fraude and Abuse Act
What is the foundation of user and personnel security?
a) Background checks
b) Job descriptions
c) Auditing and monitoring
d) Discretionary access control - ✔✔-b) Job descriptions
Which of the following provides the best protection against the loss of confidentiality for sensitive data:
a) Data labels
b) Data classification
c) Data handling
d) Data degaussing methods - ✔✔-b) Data classification
Data labels and proper data handling depend on data being classified correctly first.
,WHich of the following is the type of antivirus response function that removes malicious code but leave
the damage unrepaired
a) cleaning
b) removal
c) stealth
d) polymorphism - ✔✔-b) (virus) removal
cleaning removes the virus and repairs the damage
Which of the following is not a typical security concern with VOIP?
a) VLAN hopping
b) Caller ID falsification
c) Vishing
d) SPIT - ✔✔-VLAN hopping is not associated with VOIP, but a switch security issue.
SPIT = Spam over Internet Telephony
Which VPN protocol should not be used as the sole encapsulation mechanism if there is a dial-up
mechanism present between the host and the link end-point?
a) L2F
b) PPTP
c) IPSEC
d) L2TP - ✔✔-IPSec is not designed to operate naked over a dial-up segment. It should be encapsulated
with L2TP for example
A tunnel mode VPN is used to connect which types of systems?
a) Hosts and servers
b) Clients and terminals
c) Hosts and networks
d) Servers and domain controllers - ✔✔-c) Hosts and networks
, Tunnel mode VPNs are used to connect Networks to Networks and Hosts to Networks
Transport mode VPN is used to connect Hosts to Hosts.
Host, server, client, terminal and domain controller are all synonyms in this context
UDP:
a) bits
b) logical addressing
c) data reformatting
d) simplex - ✔✔-UDP is a simplex protocol at the Transport layer
UDP provides application multiplexing (via port numbers) and integrity verification (via checksum) of the
header and payload.
Abnormal or unauthorized activities detectable by IDS (select all that apply)
a) External connection attempts
b) Execution of malicious code
c) Access to controlled object
d) none of the above - ✔✔-a, b and c
The question does not specify NIDS (network IDS) nor HIDS (Host ISD). Therefore assume both types.
WiFi technique using a form of serial communication:
a) Spread Spectrum
b) FHSS
c) DSSS
d) OFDM - ✔✔-b) FHSS (Frequency Hopping Spread Spectrum) is an early implementation of frequency
spread spectrum. Instead of sending data in a parallel fashion, it transmits data in a series while
constantly changing the frequency in use.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller QuickPass. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.
