156-110 : Check Point Certified Security Principles Associate (CCSPA) : Part 04

  1. Which of the following best describes an external intrusion attempt on a local-area network (LAN)?

    • Internal users try to gain unauthorized access to information assets outside the organizational perimeter.
    • External-intrusion attempts from sources outside the LAN are not granted permissions or rights to an organization’s information assets
    • External users attempt to access public resources.
    • External intruders attempt exploitation of vulnerabilities, to remove their own access.
    • Internal users perform inappropriate acts on assets to which they have been given rights or permissions.
  2. _________ intrusion detection involves comparing traffic to known characteristics of malicious traffic, known as attack signatures.

    • Pattern matching
    • Statistical anomaly
    • Behavioral analysis
    • Host
    • Network
  3. Which of the following is NOT an auditing function that should be performed regularly?

    • Reviewing IDS alerts
    • Reviewing performance logs
    • Reviewing IDS logs
    • Reviewing audit logs
    • Reviewing system logs
  4. Which of the following is an integrity requirement for Remote Offices/Branch Offices (ROBOs)?

    • Private data must remain internal to an organization.
    • Data must be consistent between ROBO sites and headquarters.
    • Users must be educated about appropriate security policies.
    • Improvised solutions must provide the level of protection required.
    • Data must remain available to all remote offices.
  5. Operating-svstem fingerprinting uses all of the following, EXCEPT ______, to identify a target operating system.

    • Sequence Verifier
    • Initial sequence number
    • Address spoofing
    • Time to Live
    • IP ID field
  6. Internal intrusions are loosely divided into which categories? (Choose TWO.)

    • Attempts by insiders to perform appropriate acts, on information assets to which they have been given rights or permissions.
    • Attempts by insiders to access resources, without proper access rights
    • Attempts by insiders to access external resources, without proper access rights.
    • Attempts by insiders to perform inappropriate acts, on external information assets to which they have been given rights or permissions.
    • Attempts by insiders to perform inappropriate acts, on information assets to which they have been given rights or permissions.
  7. Which of the following is NOT a restriction, for partners accessing internal corporate resources through an extranet?

    • Preventing modification of restricted information
    • Using restricted programs, to access databases and other information resources
    • Allowing access from any location
    • Preventing access to any network resource, other than those explicitly permitted
    • Viewing inventory levels for partner products only
  8. Which type of Business Continuity Plan (BCP) test involves practicing aspects of the BCP, without actually interrupting operations or bringing an alternate site on-line?

    • Structured walkthrough
    • Checklist
    • Simulation
    • Full interruption
    • Parallel
  9. Which of the following equations results in the Single Loss Expectancy for an asset?

    • Asset Value x % Of Loss From Realized Exposure
    • Asset Value x % Of Loss From Realized Threat
    • Annualized Rate of Occurrence / Annualized Loss Expectancy
    • Asset Value x % Of Loss From Realized Vulnerability
    • Annualized Rate of Occurrence x Annualized Loss Expectancy
  10. Which type of Business Continuity Plan (BCP) test involves shutting down z on-line, and moving all operations to the alternate site?

    • Parallel
    • Full interruption
    • Checklist
    • Structured walkthrough
    • Simulation
  11. What must system administrators do when they cannot access a complete i testing?

    • Extrapolate results from a limited subset. 
    • Eliminate the testing phase of change control.
    • Request additional hardware and software.
    • Refuse to implement change requests.
    • Deploy directly to the production environment.
  12. To protect its information assets, ABC Company purchases a safeguard that costs $60,000. The annual cost to maintain the safeguard is estimated to be $40,000. The aggregate Annualized Loss Expectancy for the risks the safeguard is expected to mitigate is $50,000.

    At this rate of return, how long will it take ABC Company to recoup the cost of the safeguard?

    • ABC Company will never recoup the cost of this safeguard.
    • Less than 7 years
    • Less than 3 years
    • Less than 1 year
    • Less than 5 years
  13. _________ occurs when an individual or process acquires a higher level of privilege. Or access, than originally intended.

    • Security Triad
    • Privilege aggregation
    • Need-to-know
    • Privilege escalation
    • Least privilege
  14. Which encryption algorithm has the highest bit strength?

    • AES
    • Blowfish
    • DES
    • CAST
    • Triple DES
  15. How is bogus information disseminated?

    • Adversaries sort through trash to find information.
    • Adversaries use anomalous traffic patterns as indicators of unusual activity. They will employ other methods, such as social engineering, to discover the cause of the noise.
    • Adversaries use movement patterns as indicators of activity.
    • Adversaries take advantage of a person’s trust and goodwill.
    • Seemingly, unimportant pieces of data may yield enough information to an adversary, for him to disseminate incorrect information and sound authoritative.
  16. A(n) ___________ is the first step for determining which technical information assets should be protected.

    • Network diagram
    • Business Impact Analysis
    • Office floor plan
    • Firewall
    • Intrusion detection system
  17. Which of the following statements about the maintenance and review of information security policies is NOT true?

    • The review and maintenance of security policies should be tied to the performance evaluations of accountable individuals.
    • Review requirements should be included in the security policies themselves.
    • When business requirements change, security policies should be reviewed to confirm that policies reflect the new business requirements.
    • Functional users and information custodians are ultimately responsible for the accuracy and relevance of information security policies.
    • In the absence of changes to business requirements and processes, information-security policy reviews should be annual.
  18. _________ is a type of cryptography, where letters of an original message are systematically rearranged into another sequence.

    • Symmetric-key exchange
    • Steganography
    • Transposition cipher
    • Asymmetric-key encryption
    • Simple substitution cipher
  19. Which of the following is an example of a simple, physical-access control?

    • Lock
    • Access control list
    • Background check
    • Token
    • Firewall
  20. Which of the following should be included in an enterprise Business Continuity Plan (BCP)? (Choose THREE.)

    • Accidental or intentional data deletion
    • Severe weather disasters
    • Employee terminations
    • Employee administrative leave
    • Minor power outages
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments