CISSP Final Review Exam Questions And
Accurate Answers
What are valid SQL Commands - Answer SELECT, DELETE, GRANT, UPDATE, INSERT
What are applications that use UDP - Answer NFS, TFTP, SNMP
What is a method to ensure the entire transaction (db) is executed to ensure integrity -
Answer Two-phase commit
What is the order of volatility in collecting evidence - Answer 1. Memory
2. Network Process
3. System Process
4. Hard Drives
5. Backup Tapes
6. DVDs
What would you use to ensure that selected messages from the web are sent securely?
-Answer S-HTTP
What's used to secure an entire sections of a website -Answer HTTPS
What is a technology developed to provide security for credit card transactions -Answer
SET
What is the change control process -Answer 1. Request
,2. Analyze
3. Log
4. Submit for approval
5. Implement
6. Report
What cloud service would perform user account and password management? ANSWER
Identity as a Service-IDaaS.
What is the cloud service to perform development, execution, and governance of
integration flows? ANSWER Integration Platform as a Service- iPaaS.
What is a Cloud service that enables customers/users to develop, run and manage web
Apps? ANSWER Platform as a Service-PaaS.
What facility feature poses the most risk to facility infrastructure in terms of security -
Answer Drop Ceilings
What kind of gap analysis is used in order to identify and match the data content
required by HIPAA - Answer Gap Analysis for Transactions
What information does a computer need to know before communicating to the internet -
Answer IP address, default gateway and subnet mask
What kind of password is easiest to remember - Answer Pass phrase
What are the advantages of a passphrase? Answer This password type is not
susceptible to brute force or dictionary attacks because they are more complex
What are the advantages and disadvantages of passwords? Answer This is least
,expensive access control to implement but are also the least secure
What would you characteristics of a multipart virus be? - Answer It can infect both the
executable files and boot sectors of a hard drive
What is the WAP Gap? - Answer It occurs in versions of WAP prior to version 2.0 when
the gateway decrypts WTLS transmissions and re-encrypts it with TLS/SSL
What would you do to design a physical security program? - Answer 1. Identify the team
2. Risk analysis
3. Determine acceptable risk levels
4. Baselines of risk levels
5. Develop countermeasures metrics
6. Define protection and performance level required
7. Choose and then apply
Which device prevents access to hard drives and unused ports on a computer -
Answer Port control
Which one is a device that prevents access to power switches -
Answer Switch Lock
What is a device attached to a computer and a stationary component by a cable
attached to a free expansion slot - Answer Slot lock
What is a device that locks an input/output device by connecting them via a cable to
lockable unit - Answer Cable trap
What is the term in crime that refers to when and where the crime occurred - Answer
Opportunity
, Which of the following terms related to crime refers to how a criminal committed a crime
- Answer Means
Which of the following terms related to crime refers to why a crime was committed -
Answer Motive
What three basic crime principles are investigated when a crime has been committed -
Answer Motive, Opportunity, Means (MOM)
What are the features of circuit switching networks -Answer Traffic is constant,
connection-oriented links are implemented, delays are fixed in length and more often it
carry voice comms
What are features of packet switching networks - Answer These use dynamic paths,
traffic is bursty in nature, delays are variable and more often carry data
You must use to investigate the sessions that hang intermittently -Answer Packet
Capture
What are the advantages of RBAC? Answer It is a low cost access control model and is
easy to implement. It is a popular control model used in commercial apps and large
networked apps
What are the advantages of MAC? Answer It is considered a highly secure access
control model because every subject and object is assigned a security label
What methods will improve accountability on a network - Answer Audit logs and ACLs
What method improves user authentication for your network - Answer Passwords
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Easton. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.