CISSP : Certified Information Systems Security Professional : Part 09

A Denial of Service (DoS) attack on a syslog server exploits weakness in which of the following protocols?
- Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
- Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
- Address Resolution Protocol (ARP) and Reverse Address Resolution Protocol (RARP)
- Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
In a High Availability (HA) environment, what is the PRIMARY goal of working with a virtual router address as the gateway to a network?
- The second of two routers can periodically check in to make sure that the first router is operational.
- The second of two routers can better absorb a Denial of Service (DoS) attack knowing the first router is present.
- The first of two routers fails and is reinstalled, while the second handles the traffic flawlessly.
- The first of two routers can better handle specific traffic, while the second handles the rest of the traffic seamlessly.
How does Encapsulating Security Payload (ESP) in transport mode affect in the Internet Protocol (IP)?
- Authenticates the IP payload and selected portions of the IP header
- Encrypts and optionally authenticates the complete IP packet
- Encrypts and optionally authenticates the IP header, but not the IP payload
- Encrypts and optionally authenticates the IP payload, but not the IP header
A company receives an email threat informing of an Imminent Distributed Denial of Service (DDoS) attack targeting its web application, unless ransom is paid. Which of the following techniques BEST addresses that threat?
- Deploying load balancers to distribute inbound traffic across multiple data centers
- Set Up Web Application Firewalls (WAFs) to filter out malicious traffic
- Implementing reverse web-proxies to validate each new inbound connection
- Coordinate with and utilize capabilities within Internet Service Provider (ISP)
The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data
- through a firewall at the Session layer
- through a firewall at the Transport layer
- in the Point-to-Point Protocol (PPP)
- in the Payload Compression Protocol (PCP)
What protocol is often used between gateway hosts on the Internet?
- Exterior Gateway Protocol (EGP)
- Border Gateway Protocol (BGP)
- Open Shortest Path First (OSPF)
- Internet Control Message Protocol (ICMP)
From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?
- Disable all recursive queries on the name servers
- Limit zone transfers to authorized devices
- Configure secondary servers to use the primary server as a zone forwarder
- Block all Transmission Control Protocol (TCP) connections
“Stateful” differs from “Static” packet filtering firewalls by being aware of which of the following?
- Difference between a new and an established connection
- Originating network location
- Difference between a malicious and a benign packet payload
- Originating application session
Which of the following provides the MOST comprehensive filtering of Peer-to-Peer (P2P) traffic?
- Application proxy
- Port filter
- Network boundary router
- Access layer switch
What can happen when an Intrusion Detection System (IDS) is installed inside a firewall-protected internal network?
- The IDS can detect failed administrator logon attempts from servers.
- The IDS can increase the number of packets to analyze.
- The firewall can increase the number of packets to analyze.
- The firewall can detect failed administrator login attempts from servers
A security practitioner is tasked with securing the organization’s Wireless Access Points (WAP). Which of these is the MOST effective way of restricting this environment to authorized users?
- Enable Wi-Fi Protected Access 2 (WPA2) encryption on the wireless access point
- Disable the broadcast of the Service Set Identifier (SSID) name
- Change the name of the Service Set Identifier (SSID) to a random value not associated with the organization
- Create Access Control Lists (ACL) based on Media Access Control (MAC) addresses
Access to which of the following is required to validate web session management?
- Log timestamp
- Live session traffic
- Session state variables
- Test scripts
Which of the following would an attacker BEST be able to accomplish through the use of Remote Access Tools (RAT)?
- Reduce the probability of identification
- Detect further compromise of the target
- Destabilize the operation of the host
- Maintain and expand control
Digital certificates used in Transport Layer Security (TLS) support which of the following?
- Information input validation
- Non-repudiation controls and data encryption
- Multi-Factor Authentication (MFA)
- Server identity and data confidentially
During examination of Internet history records, the following string occurs within a Unique Resource Locator (URL):

http://www.companysite.com/products/products.asp?productid=123 or 1=1
What type of attack does this indicate?
- Directory traversal
- Structured Query Language (SQL) injection
- Cross-Site Scripting (XSS)
- Shellcode injection
Which testing method requires very limited or no information about the network infrastructure?
- White box
- Static
- Black box
- Stress
Which of the following will an organization’s network vulnerability testing process BEST enhance?
- Firewall log review processes
- Asset management procedures
- Server hardening processes
- Code review procedures
Which of the following provides the MOST secure method for Network Access Control (NAC)?
- Media Access Control (MAC) filtering
- 802.1X authentication
- Application layer filtering
- Network Address Translation (NAT)
Individual access to a network is BEST determined based on:
- risk matrix
- value of the data
- business need
- data classification
A security professional should consider the protection of which of the following elements FIRST when developing a defense-in-depth strategy for a mobile workforce?
- Network perimeters
- Demilitarized Zones (DMZ)
- Databases and back-end servers
- End-user devices

CISSP : Certified Information Systems Security Professional : All Parts
CISSP Part 01	CISSP Part 08	CISSP Part 15	CISSP Part 22
CISSP Part 02	CISSP Part 09	CISSP Part 16	CISSP Part 23
CISSP Part 03	CISSP Part 10	CISSP Part 17	CISSP Part 24
CISSP Part 04	CISSP Part 11	CISSP Part 18	CISSP Part 25
CISSP Part 05	CISSP Part 12	CISSP Part 19	CISSP Part 26
CISSP Part 06	CISSP Part 13	CISSP Part 20	CISSP Part 27
CISSP Part 07	CISSP Part 14	CISSP Part 21	CISSP Part 28

CISSP : Certified Information Systems Security Professional : All Parts
CISSP Part 01	CISSP Part 08	CISSP Part 15	CISSP Part 22
CISSP Part 02	CISSP Part 09	CISSP Part 16	CISSP Part 23
CISSP Part 03	CISSP Part 10	CISSP Part 17	CISSP Part 24
CISSP Part 04	CISSP Part 11	CISSP Part 18	CISSP Part 25
CISSP Part 05	CISSP Part 12	CISSP Part 19	CISSP Part 26
CISSP Part 06	CISSP Part 13	CISSP Part 20	CISSP Part 27
CISSP Part 07	CISSP Part 14	CISSP Part 21	CISSP Part 28

CISSP : Certified Information Systems Security Professional : Part 09

A Denial of Service (DoS) attack on a syslog server exploits weakness in which of the following protocols?

In a High Availability (HA) environment, what is the PRIMARY goal of working with a virtual router address as the gateway to a network?

How does Encapsulating Security Payload (ESP) in transport mode affect in the Internet Protocol (IP)?

A company receives an email threat informing of an Imminent Distributed Denial of Service (DDoS) attack targeting its web application, unless ransom is paid. Which of the following techniques BEST addresses that threat?

The MAIN use of Layer 2 Tunneling Protocol (L2TP) is to tunnel data

What protocol is often used between gateway hosts on the Internet?

From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?

“Stateful” differs from “Static” packet filtering firewalls by being aware of which of the following?

Which of the following provides the MOST comprehensive filtering of Peer-to-Peer (P2P) traffic?

What can happen when an Intrusion Detection System (IDS) is installed inside a firewall-protected internal network?

A security practitioner is tasked with securing the organization’s Wireless Access Points (WAP). Which of these is the MOST effective way of restricting this environment to authorized users?

Access to which of the following is required to validate web session management?

Which of the following would an attacker BEST be able to accomplish through the use of Remote Access Tools (RAT)?

Digital certificates used in Transport Layer Security (TLS) support which of the following?

During examination of Internet history records, the following string occurs within a Unique Resource Locator (URL):

http://www.companysite.com/products/products.asp?productid=123 or 1=1 What type of attack does this indicate?

Which testing method requires very limited or no information about the network infrastructure?

Which of the following will an organization’s network vulnerability testing process BEST enhance?

Which of the following provides the MOST secure method for Network Access Control (NAC)?

Individual access to a network is BEST determined based on:

A security professional should consider the protection of which of the following elements FIRST when developing a defense-in-depth strategy for a mobile workforce?

http://www.companysite.com/products/products.asp?productid=123 or 1=1
What type of attack does this indicate?