100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISSP – PRACTICE QUESTIONS AND ANSWERS WITH SOLUTIONS 2024 $15.49   Add to cart

Exam (elaborations)

CISSP – PRACTICE QUESTIONS AND ANSWERS WITH SOLUTIONS 2024

 7 views  0 purchase
  • Course
  • CISSP
  • Institution
  • CISSP

CISSP – PRACTICE QUESTIONS AND ANSWERS WITH SOLUTIONS 2024

Preview 4 out of 48  pages

  • August 16, 2024
  • 48
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CISSP
  • CISSP
avatar-seller
Performance
CISSP – PRACTICE QUESTIONS AND
ANSWERS WITH SOLUTIONS 2024
Data Remanence - ANSWER The remains of partial or even the entire data set of digital information



Disaster Recovery Planning (DRP) - ANSWER Deals with restoring normal business operations after the
disaster takes place...works to get the business back to normal



Maximum tolerable downtime - ANSWER The maximum period of time that a critical business function
can be inoperative before the company incurs significant and long-lasting damage.



802.5 - ANSWER IEEE standard defines the Token Ring media access method



Recovery Time Objective - ANSWER The balance against the cost of recover and the cost of disruption



Resource Requirements - ANSWER portion of the BIA that lists the resources that an organization needs in
order to continue operating each critical business function.



Checklist - ANSWER Test is one in which copies of the plan are handed out to each functional area to
ensure the plan deal with their needs



Information Owner - ANSWER The one person responsible for data, its classification and control setting



Job Rotation - ANSWER To move from location to location, keeping the same function



Differential power analysis - ANSWER A side-channel attack carry-out on smart cards that examining the
power emission release during processing



Mitigate - ANSWER Defined as real-time monitoring and analysis of network activity and data for potential
vulnerabilities and attacks in

progress.

,Electromagnetic analysis - ANSWER A side-channel attack on smart cards that examine the frequencies
emitted and timing



Analysis - ANSWER Systematic assessment of threats and vulnerabilities that provides a basis for effective
management of risk.



Change Control - ANSWER Maintaining full control over requests, implementation, traceability, and proper
documentation of changes.



Containment - ANSWER Mitigate damage by isolating compromised systems from the network.



30 to 90 Days - ANSWER Most organizations enforce policies to change password ranging from



Isochronous - ANSWER Process must within set time constrains, applications are video related where audio
and video must match perfectly



Detection - ANSWER Identification and notification of an unauthorized and/or undesired action



Electronic Vaulting - ANSWER Periodic, automatic and transparent backup of data in bulk.



Fault Tolerance - ANSWER Mitigation of system or component loss or interruption through use of backup
capability.



Incremental - ANSWER A backup method use when time and space are a high importance



Secure HTTP - ANSWER Protocol designed to same individual message securely



Criminal - ANSWER Conduct that violates government laws developed to protect society

,Class C - ANSWER Has 256 hosts



RAID 0 - ANSWER Creates one large disk by using several disks



Trade secrets - ANSWER Deemed proprietary to a company and often include information that provides a
competitive edge, the information is protected as long the owner takes protective actions



X.400 - ANSWER Active Directory standard



Prevention - ANSWER Controls deployed to avert unauthorized and/or undesired actions.



Redundant Array Of Independent Drives (RAID) - ANSWER A group of hard drives working as one storage
unit for the purpose of speed and fault tolerance



Proprietary - ANSWER Define the way in which the organization operates.



Gateway - ANSWER Used to connect two networks using dissimilar protocols at different layers of the OSI
model



Classification - ANSWER The assignment of a level of sensitivity to data (or information) that results in the
specification of controls for each level of classification.



Data Integrity - ANSWER The property that data meet with a priority expectation of quality and that the
data can be relied upon.



Alarm Filtering - ANSWER The process of categorizing attack alerts produced from an IDS in order to
distinguish false positives from actual attacks



Coaxial Cable - ANSWER A cable consisting of a core, inner conductor that is surrounding by an insulator,
an outer cylindrical conductor

, Concentrator - ANSWER Layer 1 network device that is used to connect network segments together, but
provides no traffic control (a hub).



Digital Signature - ANSWER An asymmetric cryptography mechanism that provides authentication.



Eavesdropping - ANSWER A passive network attack involving monitoring of traffic.



E-Mail Spoofing - ANSWER Forgery of the sender's email address in an email header.



Emanations - ANSWER Potentially compromising leakage of electrical or acoustical signals.



Fiber Optics - ANSWER Bundles of long strands of pure glass that efficiently transmit light pulses over long
distances. Interception without detection is difficult.



Fraggle - ANSWER A Denial of Service attack initiated by sending spoofed UDP echo request to IP broadcast
addresses.



Hijacking - ANSWER Interception of a communication session by an attacker.



Hub - ANSWER Layer 1 network device that is used to connect network segments together, but provides
no traffic control (a concentrator).



Injection - ANSWER An attack technique that exploits systems that do not perform input validation by
embedding partial SQL queries inside input.



Interception - ANSWER Unauthorized access of information (e.g. Tapping, sniffing, unsecured wireless
communication, emanations)



IP Address Spoofing - ANSWER Forging of an IP address.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Performance. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $15.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

82013 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$15.49
  • (0)
  Add to cart