156-110 : Check Point Certified Security Principles Associate (CCSPA) : Part 04
-
Which of the following best describes an external intrusion attempt on a local-area network (LAN)?
- Internal users try to gain unauthorized access to information assets outside the organizational perimeter.
- External-intrusion attempts from sources outside the LAN are not granted permissions or rights to an organization’s information assets
- External users attempt to access public resources.
- External intruders attempt exploitation of vulnerabilities, to remove their own access.
- Internal users perform inappropriate acts on assets to which they have been given rights or permissions.
-
_________ intrusion detection involves comparing traffic to known characteristics of malicious traffic, known as attack signatures.
- Pattern matching
- Statistical anomaly
- Behavioral analysis
- Host
- Network
-
Which of the following is NOT an auditing function that should be performed regularly?
- Reviewing IDS alerts
- Reviewing performance logs
- Reviewing IDS logs
- Reviewing audit logs
- Reviewing system logs
-
Which of the following is an integrity requirement for Remote Offices/Branch Offices (ROBOs)?
- Private data must remain internal to an organization.
- Data must be consistent between ROBO sites and headquarters.
- Users must be educated about appropriate security policies.
- Improvised solutions must provide the level of protection required.
- Data must remain available to all remote offices.
-
Operating-svstem fingerprinting uses all of the following, EXCEPT ______, to identify a target operating system.
- Sequence Verifier
- Initial sequence number
- Address spoofing
- Time to Live
- IP ID field
-
Internal intrusions are loosely divided into which categories? (Choose TWO.)
- Attempts by insiders to perform appropriate acts, on information assets to which they have been given rights or permissions.
- Attempts by insiders to access resources, without proper access rights
- Attempts by insiders to access external resources, without proper access rights.
- Attempts by insiders to perform inappropriate acts, on external information assets to which they have been given rights or permissions.
- Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions.
-
Which of the following is NOT a restriction, for partners accessing internal corporate resources through an extranet?
- Preventing modification of restricted information
- Using restricted programs, to access databases and other information resources
- Allowing access from any location
- Preventing access to any network resource, other than those explicitly permitted
- Viewing inventory levels for partner products only
-
Which type of Business Continuity Plan (BCP) test involves practicing aspects of the BCP, without actually interrupting operations or bringing an alternate site on-line?
- Structured walkthrough
- Checklist
- Simulation
- Full interruption
- Parallel
-
Which of the following equations results in the Single Loss Expectancy for an asset?
- Asset Value x % Of Loss From Realized Exposure
- Asset Value x % Of Loss From Realized Threat
- Annualized Rate of Occurrence / Annualized Loss Expectancy
- Asset Value x % Of Loss From Realized Vulnerability
- Annualized Rate of Occurrence x Annualized Loss Expectancy
-
Which type of Business Continuity Plan (BCP) test involves shutting down z on-line, and moving all operations to the alternate site?
- Parallel
- Full interruption
- Checklist
- Structured walkthrough
- Simulation
-
What must system administrators do when they cannot access a complete i testing?
- Extrapolate results from a limited subset.
- Eliminate the testing phase of change control.
- Request additional hardware and software.
- Refuse to implement change requests.
- Deploy directly to the production environment.
-
To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000.
At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?
- ABC Company will never recoup the cost of this safeguard.
- Less than 7 years
- Less than 3 years
- Less than 1 year
- Less than 5 years
-
_________ occurs when an individual or process acquires a higher level of privilege. Or access, than originally intended.
- Security Triad
- Privilege aggregation
- Need-to-know
- Privilege escalation
- Least privilege
-
Which encryption algorithm has the highest bit strength?
- AES
- Blowfish
- DES
- CAST
- Triple DES
-
How is bogus information disseminated?
- Adversaries sort through trash to find information.
- Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.
- Adversaries use movement patterns as indicators of activity.
- Adversaries take advantage of a person’s trust and goodwill.
- Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.
-
A(n) ___________ is the first step for determining which technical information assets should be protected.
- Network diagram
- Business Impact Analysis
- Office floor plan
- Firewall
- Intrusion detection system
-
Which of the following statements about the maintenance and review of information security policies is NOT true?
- The review and maintenance of security policies should be tied to the performance evaluations of accountable individuals.
- Review requirements should be included in the security policies themselves.
- When business requirements change, security policies should be reviewed to confirm that policies reflect the new business requirements.
- Functional users and information custodians are ultimately responsible for the accuracy and relevance of information security policies.
- In the absence of changes to business requirements and processes, information-security policy reviews should be annual.
-
_________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.
- Symmetric-key exchange
- Steganography
- Transposition cipher
- Asymmetric-key encryption
- Simple substitution cipher
-
Which of the following is an example of a simple, physical-access control?
- Lock
- Access control list
- Background check
- Token
- Firewall
-
Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)
- Accidental or intentional data deletion
- Severe weather disasters
- Employee terminations
- Employee administrative leave
- Minor power outages
Subscribe
0 Comments
Newest