CISSP : Certified Information Systems Security Professional : Part 19
CISSP : Certified Information Systems Security Professional : Part 19
-
What is a characteristic of Secure Sockets Layer (SSL) and Transport Layer Security (TLS)?
- SSL and TLS provide a generic channel security mechanism on top of Transmission Control Protocol (TCP).
- SSL and TLS provide nonrepudiation by default.
- SSL and TLS do not provide security for most routed protocols.
- SSL and TLS provide header encapsulation over HyperText Transfer Protocol (HTTP).
-
How does a Host Based Intrusion Detection System (HIDS) identify a potential attack?
- Examines log messages or other indications on the system.
- Monitors alarms sent to the system administrator
- Matches traffic patterns to virus signature files
- Examines the Access Control List (ACL)
-
From a cryptographic perspective, the service of non-repudiation includes which of the following features?
- Validity of digital certificates
- Validity of the authorization rules
- Proof of authenticity of the message
- Proof of integrity of the message
-
Which of the following BEST represents the concept of least privilege?
- Access to an object is denied unless access is specifically allowed.
- Access to an object is only available to the owner.
- Access to an object is allowed unless it is protected by the information security policy.
- Access to an object is only allowed to authenticated users via an Access Control List (ACL).
-
Which of the following is an advantage of on-premise Credential Management Systems?
- Lower infrastructure capital costs
- Control over system configuration
- Reduced administrative overhead
- Improved credential interoperability
-
Which of the following approaches is the MOST effective way to dispose of data on multiple hard drives?
- Delete every file on each drive.
- Destroy the partition table for each drive using the command line.
- Degauss each drive individually.
- Perform multiple passes on each drive using approved formatting methods.
-
Which of the following BEST describes Recovery Time Objective (RTO)?
- Time of application resumption after disaster
- Time of application verification after disaster.
- Time of data validation after disaster.
- Time of data restoration from backup after disaster.
-
Which of the following is the PRIMARY benefit of a formalized information classification program?
- It minimized system logging requirements.
- It supports risk assessment.
- It reduces asset vulnerabilities.
- It drives audit processes.
-
Which of the following is the BEST method to reduce the effectiveness of phishing attacks?
- User awareness
- Two-factor authentication
- Anti-phishing software
- Periodic vulnerability scan
-
The PRIMARY purpose of accreditation is to:
- comply with applicable laws and regulations.
- allow senior management to make an informed decision regarding whether to accept the risk of operating the system.
- protect an organization’s sensitive data.
- verify that all security controls have been implemented properly and are operating in the correct manner.
-
Which of the following is a weakness of Wired Equivalent Privacy (WEP)?
- Length of Initialization Vector (IV)
- Protection against message replay
- Detection of message tampering
- Built-in provision to rotate keys
-
When writing security assessment procedures, what is the MAIN purpose of the test outputs and reports?
- To force the software to fail and document the process
- To find areas of compromise in confidentiality and integrity
- To allow for objective pass or fail decisions
- To identify malware or hidden code within the test results
-
Which of the following is the MAIN reason for using configuration management?
- To provide centralized administration
- To reduce the number of changes
- To reduce errors during upgrades
- To provide consistency in security controls
-
Which of the following is BEST suited for exchanging authentication and authorization messages in a multi-party decentralized environment?
- Lightweight Directory Access Protocol (LDAP)
- Security Assertion Markup Language (SAML)
- Internet Mail Access Protocol
- Transport Layer Security (TLS)
-
Which of the following is MOST important when deploying digital certificates?
- Validate compliance with X.509 digital certificate standards
- Establish a certificate life cycle management framework
- Use a third-party Certificate Authority (CA)
- Use no less than 256-bit strength encryption when creating a certificate
-
A user sends an e-mail request asking for read-only access to files that are not considered sensitive. A Discretionary Access Control (DAC) methodology is in place. Which is the MOST suitable approach that the administrator should take?
- Administrator should request data owner approval to the user access
- Administrator should request manager approval for the user access
- Administrator should directly grant the access to the non-sensitive files
- Administrator should assess the user access need and either grant or deny the access
-
How should an organization determine the priority of its remediation efforts after a vulnerability assessment has been conducted?
- Use an impact-based approach.
- Use a risk-based approach.
- Use a criticality-based approach.
- Use a threat-based approach.
-
Which of the following is the MOST important consideration when developing a Disaster Recovery Plan (DRP)?
- The dynamic reconfiguration of systems
- The cost of downtime
- A recovery strategy for all business processes
- A containment strategy
-
A proxy firewall operates at what layer of the Open System Interconnection (OSI) model?
- Transport
- Data link
- Network
- Application
-
Which of the following restricts the ability of an individual to carry out all the steps of a particular process?
- Job rotation
- Separation of duties
- Least privilege
- Mandatory vacations