CISSP : Certified Information Systems Security Professional : Part 11
CISSP : Certified Information Systems Security Professional : Part 11
-
What type of attack sends Internet Control Message Protocol (ICMP) echo requests to the target machine with a larger payload than the target can handle?
- Man-in-the-Middle (MITM)
- Denial of Service (DoS)
- Domain Name Server (DNS) poisoning
- Buffer overflow
-
An audit of an application reveals that the current configuration does not match the configuration of the originally implemented application. Which of the following is the FIRST action to be taken?
- Recommend an update to the change control process
- Verify the approval of the configuration change
- Roll back the application to the original configuration
- Document the changes to the configuration
-
Configuring a Wireless Access Point (WAP) with the same Service Set Identifier (SSID) as another WAP in order to have users unknowingly connect is referred to as which of the following?
- Jamming
- Man-in-the-Middle (MITM)
- War driving
- Internet Protocol (IP) spoofing
-
Which of the following attacks is dependent upon the compromise of a secondary target in order to reach the primary target?
- Spear phishing
- Address Resolution Protocol (ARP) poisoning
- Watering hole
- Brute force
-
How is Remote Authentication Dial-In User Service (RADIUS) authentication accomplished?
- It uses clear text and firewall rules
- It relies on Virtual Private Networks (VPN)
- It uses clear text and shared secret keys
- It relies on asymmetric encryption keys
-
A project requires the use of an authentication mechanism where playback must be protected and plaintext secret must be used. Which of the following should be used?
- Password Authentication Protocol (PAP)
- Challenge Handshake Authentication Protocol (CHAP)
- Extensible Authentication Protocol (EAP)
- Secure Hash Algorithm (SHA)
-
Which of the following MOST applies to Session Initiation Protocol (SIP) security?
- It reuses security mechanisms derived from existing protocols
- It supports end-to-end security natively
- It leverages Hypertext Transfer Protocol (HTTP) over Transport Layer Security (TLS)
- It requires a Public Key Infrastructure (PKI)
-
Which of the following is the BEST way to reduce the impact of an externally sourced flood attack?
- Block the source address at the firewall
- Have the service provider block the source address
- Have the source service provider block the address
- Block all inbound traffic until the flood ends
-
Which is the RECOMMENDED configuration mode for sensors for an Intrusion Prevention System (IPS) if the prevention capabilities will be used?
- Active
- Inline
- Passive
- Span
-
Which of the following techniques is effective to detect taps in fiber optic cables?
- Taking baseline signal level of the cable
- Measuring signal through external oscillator solution devices
- Outlining electromagnetic field strength
- Performing network vulnerability scanning
-
Which of the following is a peer entity authentication method for Point-to-Point Protocol (PPP)?
- Challenge Handshake Authentication Protocol (CHAP)
- Message Authentication Code (MAC)
- Transport Layer Security (TLS) handshake protocol
- Challenge-response authentication mechanism
-
Which of the following is a standard Access Control List (ACL) element that enables a router to filter Internet traffic?
- Media Access Control (MAC) address
- Internet Protocol (IP) address
- Security roles
- Device needs
-
Which of the following is an advantage of Secure Shell (SSH)?
- It operates at the network layer
- It encrypts transmitted User ID and passwords
- It uses challenge-response to authenticate each party
- It uses the International Data Encryption Algorithm (IDEA) for data privacy
-
Why are packet filtering routers used in low-risk environments?
- They are high-resolution source discrimination and identification tools
- They are fast and flexible, and protect against Internet Protocol (IP) spoofing
- They are fast, flexible, and transparent
- They enforce strong user authentication and audit log generation
-
Which of the following is critical if an employee is dismissed due to violation of an organization’s Acceptable Use Policy (AUP)?
- Privilege suspension
- Appropriate documentation
- Internet access logs
- Proxy records
-
The Secure Shell (SSH) version 2 protocol supports
- availability, accountability, compression, and integrity
- authentication, availability, confidentiality, and integrity
- accountability, compression, confidentiality, and integrity
- authentication, compression, confidentiality, and integrity
-
Which of the following is the MOST secure protocol for remote command access to the firewall?
- Secure Shell (SSH)
- Trivial File Transfer Protocol (TFTP)
- Hypertext Transfer Protocol Secure (HTTPS)
- Simple Network Management Protocol (SNMP) v1
-
Which of the following is the reason that transposition ciphers are easily recognizable?
- Key
- Block
- Stream
- Character
-
When developing the entitlement review process, which of the following roles is responsible for determining who has a need for the information?
- Data Custodian
- Data Owner
- Database Administrator
- Information Technology (IT) Director
-
Which of the following BEST describes botnets?
- Computer systems on the Internet that are set up to trap people who attempt to penetrate other computer systems
- Set of related programs that protects the resources of a private network from other networks
- Small network inserted in a neutral zone between an organization’s private network and the outside public network
- Groups of computers that are used to launch destructive attacks