CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWE
CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWE
CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWE
Exam (elaborations)
CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWERS
7 views 0 purchase
Course
CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWE
Institution
CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWE
CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWERS
NIST SP800-53 discusses a set of security controls as what type of security tool?
A. A configuration list
B. A threat management strategy
C. A baseline
D. The CIS standard Correct answer- C
Ed has been tasked with identifying a ...
cissp 2021 sybex test prep 475 questions and answers
nist sp800 53 discusses a set of security controls as what type of security tool
ed has been tasked with identifying a service that will provide a
Written for
CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWE
CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWE
CISSP 2021 SYBEX TEST PREP 475 QUESTIONS AND ANSWE
All documents for this subject (1)
Seller
Follow
Classroom
Reviews received
Content preview
CISSP 2021 SYBEX TEST PREP 475
QUESTIONS AND ANSWERS
NIST SP800-53 discusses a set of security controls as what type of security tool?
A. A configuration list
B. A threat management strategy
C. A baseline
D. The CIS standard Correct answer- C
Ed has been tasked with identifying a service that will provide a low-latency,
highperformance, and high-availability way to host content for his employer. What
type of solution should he seek out to ensure that his employer's customers around
the world can access their content quickly, easily, and reliably?
A. A hot site
B. A CDN
C. Redundant servers
D. A P2P CDN Correct answer- B
Which one of the following is not a function of a forensic disk controller?
A. Preventing the modification of data on a storage device
B. Returning data requested from the device
C. Reporting errors sent by the device to the forensic host
D. Blocking read commands sent to the device Correct answer- D
Mike is building a fault-tolerant server and wishes to implement RAID 1. How
many physical disks are required to build this solution? A. 1
B. 2
C. 3
D. 5 Correct answer- B
Which Kerberos service generates a new ticket and session keys and sends them to
the client?
A. KDC
B. TGT
C. AS
D. TGS Correct answer- D
,Communication systems that rely on start and stop flags or bits to manage data
transmission are known as what type of communication?
A. Analog
B. Digital
C. Synchronous
D. Asynchronous Correct answer- D
What type of motion detector uses high microwave frequency signal transmissions
to identify potential intruders?
A. Infrared
B. Heat-based
C. Wave pattern
D. Capacitance Correct answer- C
Susan sets up a firewall that keeps track of the status of the communication
between two systems and allows a remote system to respond to a local system after
the local system starts communication. What type of firewall is Susan using?
A. A static packet filtering firewall
B. An application-level gateway firewall
C. A stateful packet inspection firewall
D. A circuit-level gateway firewall Correct answer- C
Ben owns a coffeehouse and wants to provide wireless Internet service for his
customers. Ben's network is simple and uses a single consumer-grade wireless
router and a cable modem connected via a commercial cable data contract.
How can Ben provide access control for his customers without having to provision
user IDs before they connect while also gathering useful contact information for
his business purposes?
A. WPA2 PSK
B. A captive portal
C. Require customers to use a publicly posted password like "BensCoffee."
D. Port security Correct answer- B
,Ben owns a coffeehouse and wants to provide wireless Internet service for his
customers. Ben's network is simple and uses a single consumer-grade wireless
router and a cable modem connected via a commercial cable data contract.
Ben intends to run an open (unencrypted) wireless network. How should he
connect his business devices?
A. Run WPA2 on the same SSID.
B. Set up a separate SSID using WPA2.
C. Run the open network in Enterprise mode.
D. Set up a separate wireless network using WEP. Correct answer- B
Ben owns a coffeehouse and wants to provide wireless Internet service for his
customers. Ben's network is simple and uses a single consumer-grade wireless
router and a cable modem connected via a commercial cable data contract.
After implementing the solution from the first question, Ben receives a complaint
about users in his cafe hijacking other customers' web traffic, including using their
usernames and passwords. How is this possible?
A. The password is shared by all users, making traffic vulnerable.
B. A malicious user has installed a Trojan on the router.
C. A user has ARP spoofed the router, making all traffic broadcast to all users.
D. Open networks are unencrypted, making traffic easily sniffable. Correct answer-
D
Which one of the following is not a mode of operation for the Data Encryption
Standard?
A. CBC
B. CFB
C. OFB
D. AES Correct answer- D
Tom is tuning his security monitoring tools in an attempt to reduce the number of
alerts received by administrators without missing important security events. He
decides to configure the system to only report failed login attempts if there are five
failed attempts to access the same account within a one-hour period of time. What
term best describes the technique that Tom is using?
A. Thresholding
, B. Sampling
C. Account lockout
D. Clipping Correct answer- D
Sally has been tasked with deploying an authentication, authorization, and
accounting server for wireless network services in her organization and needs to
avoid using proprietary technology.
What technology should she select?
A. OAuth
B. RADIUS
C. XTACACS
D. TACACS+ Correct answer- B
An accounting clerk for Christopher's Cheesecakes does not have access to the
salary information for individual employees but wanted to know the salary of a
new hire. He pulled total payroll expenses for the pay period before the new person
was hired and then pulled the same expenses for the following pay period. He
computed the difference between those two amounts to determine the individual's
salary.
What type of attack occurred?
A. Aggregation
B. Data diddling
C. Inference
D. Social engineering Correct answer- C
Alice would like to have read permissions on an object and knows that Bob already
has those rights and would like to give them to herself. Which one of the rules in
the TakeGrant protection model would allow her to complete this operation if the
relationship exists between Alice and Bob?
A. Take rule
B. Grant rule
C. Create rule
D. Remote rule Correct answer- A
During a log review, Danielle discovers a series of logs that show login failures:
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Classroom. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.