(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests. Mike ChappleЧитать онлайн книгу.
listing each user individually. What did Adam create?An access control listAn access control entryRole-based access controlMandatory access control
41 Betty is concerned about the use of buffer overflow attacks against a custom application developed for use in her organization. What security control would provide the strongest defense against these attacks?FirewallIntrusion detection systemParameter checkingVulnerability scanning
42 Which one of the following combinations of controls best embodies the defense in depth principle?Encryption of email and network intrusion detectionCloud access security brokers (CASB) and security awareness trainingData loss prevention and multifactor authenticationNetwork firewall and host firewall
43 James is working with a Department of Defense system that is authorized to simultaneously handle information classified at the Secret and Top Secret levels. What type of system is he using?Single stateUnclassifiedCompartmentedMultistate
44 Kyle is being granted access to a military computer system that uses System High mode. What is not true about Kyle's security clearance requirements?Kyle must have a clearance for the highest level of classification processed by the system, regardless of his access.Kyle must have access approval for all information processed by the system.Kyle must have a valid need to know for all information processed by the system.Kyle must have a valid security clearance.
45 Gary intercepts a communication between two individuals and suspects that they are exchanging secret messages. The content of the communication appears to be the image shown here. What type of technique may the individuals use to hide messages inside this image?Visual cryptographySteganographyCryptographic hashingTransport layer security
46 Philip is developing a new security tool that will be used by individuals in many different subsidiaries of his organization. He chooses to use Docker to deploy the tool to simplify configuration. What term best describes this approach?VirtualizationAbstractionSimplificationContainerization
47 In the ring protection model shown here, what ring contains the operating system's kernel?Ring 0Ring 1Ring 2Ring 3
48 In an infrastructure as a service (IaaS) environment where a vendor supplies a customer with access to storage services, who is normally responsible for removing sensitive data from drives that are taken out of service?Customer's security teamCustomer's storage teamCustomer's vendor management teamVendor
49 During a system audit, Casey notices that the private key for her organization's web server has been stored in a public Amazon S3 storage bucket for more than a year. Which one of the following actions should she take first?Remove the key from the bucket.Notify all customers that their data may have been exposed. Request a new certificate using a new key.Nothing, because the private key should be accessible for validation.
50 Which one of the following systems assurance processes provides an independent third-party evaluation of a system's controls that may be trusted by many different organizations?CertificationDefinitionVerificationAccreditation
51 Darcy's organization is deploying serverless computing technology to better meet the needs of developers and users. In a serverless model, who is normally responsible for configuring operating system security controls?Software developerCybersecurity professionalCloud architectVendor
52 Harold is assessing the susceptibility of his environment to hardware failures and would like to identify the expected lifetime of a piece of hardware. What measure should he use for this?MTTRMTTFRTOMTO
53 Chris is designing a cryptographic system for use within his company. The company has 1,000 employees, and they plan to use an asymmetric encryption system. They would like the system to be set up so that any pair of arbitrary users may communicate privately. How many total keys will they need?5001,0002,0004,950
54 Gary is concerned about applying consistent security settings to the many mobile devices used throughout his organization. What technology would best assist with this challenge?MDMIPSIDSSIEM
55 Alice sent a message to Bob. Bob would like to demonstrate to Charlie that the message he received definitely came from Alice. What goal of cryptography is Bob attempting to achieve?AuthenticationConfidentialityNonrepudiationIntegrity
56 Rhonda is considering the use of new identification cards for physical access control in her organization. She comes across a military system that uses the card shown here. What type of card is this?Smart cardProximity cardMagnetic stripe cardPhase three card
57 Gordon is concerned about the possibility that hackers may be able to use the Van Eck radiation phenomenon to remotely read the contents of computer monitors in a restricted work area within his facility. What technology would protect against this type of attack?TCSECSCSIGHOSTTEMPEST
58 Jorge believes that an attacker has obtained the hash of the Kerberos service account from one of his organization's Active Directory servers. What type of attack would this enable?Golden ticketKerberoastingPass the ticketBrute force
59 Sherry conducted an inventory of the cryptographic technologies in use within her organization and found the following algorithms and protocols in use. Which one of these technologies should she replace because it is no longer considered secure?MD5AESPGPWPA3
60 Robert is investigating a security breach and discovers the Mimikatz tool installed on a system in his environment. What type of attack has likely taken place?Password crackingPass the hashMAC spoofingARP poisoning
61 Tom is a cryptanalyst and is working on breaking a cryptographic algorithm's secret key. He has a copy of an intercepted message that is encrypted, and he also has a copy of the decrypted version of that message. He wants to use both the encrypted message and its decrypted plaintext to retrieve the secret key for use in decrypting other messages. What type of attack is Tom engaging in?Chosen ciphertextChosen plaintextKnown plaintextBrute force
62 A hacker recently violated the integrity of data in James's company by modifying a file using a precise timing attack. The attacker waited until James verified the integrity of a file's contents using a hash value and then modified the file between the time that James verified the integrity and read the contents of the file. What type of attack took place?Social engineeringTOCTOUData diddlingParameter checking
63 Carl is deploying a set of video sensors that will be placed in remote locations as part of a research project. Due to connectivity limitations, he would like to perform as much image processing and computation as possible on the device itself before sending results back to the cloud for further analysis. What computing model would best meet his needs?Serverless computingEdge computingIaaS computingSaaS computing
64 What action can you take to prevent accidental data disclosure due to wear leveling on an SSD device before reusing the drive?ReformattingDisk encryptionDegaussingPhysical destruction
65 Johnson Widgets strictly limits access to total sales volume information, classifying it as a competitive secret. However, shipping clerks have unrestricted access to order records to facilitate transaction completion. A shipping clerk recently pulled all of the individual sales records for a quarter from the database and totaled them up to determine the total sales volume. What type of attack occurred?Social engineeringInferenceAggregationData diddling
66 What physical security control broadcasts false emanations constantly to mask the presence of true electromagnetic emanations from computing equipment?Faraday cageCopper-infused windowsShielded cablingWhite noise
67 In a software as a service cloud computing environment, who is normally responsible for ensuring that appropriate firewall controls are in place to protect the application?Customer's security teamVendorCustomer's networking teamCustomer's infrastructure management team
68 Alice has read permissions on an object, and she would like Bob to have those same rights. Which one of the rules in the Take-Grant protection model would allow her to complete this operation?Create ruleRemove ruleGrant ruleTake rule
69 As part of his incident response process, Charles securely wipes the drive of a compromised machine and reinstalls the operating system (OS) from original media. Once he is done, he patches the machine fully and applies his organization's security templates before reconnecting the system to the network. Almost immediately after the system is returned to service, he discovers