CISSP-ISSAP : Information Systems Security Architecture Professional : Part 02
-
Which of the following is an entry in an object’s discretionary access control list (DACL) that grants permissions to a user or group?
- Access control entry (ACE)
- Discretionary access control entry (DACE)
- Access control list (ACL)
- Security Identifier (SID)
-
Which of the following Incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an enterprise?
- Eradication phase
- Recovery phase
- Containment phase
- Preparation phase
- Identification phase
-
Single Loss Expectancy (SLE) represents an organization’s loss from a single threat. Which of the following formulas best describes the Single Loss Expectancy (SLE)?
- SLE = Asset Value (AV) * Exposure Factor (EF)
- SLE = Asset Value (AV) * Annualized Rate of Occurrence (ARO)
- SLE = Annualized Loss Expectancy (ALE) * Annualized Rate of Occurrence (ARO)
- SLE = Annualized Loss Expectancy (ALE) * Exposure Factor (EF)
-
You are responsible for security at a defense contracting firm. You are evaluating various possible encryption algorithms to use. One of the algorithms you are examining is not integer based, uses shorter keys, and is public key based. What type of algorithm is this?
- Symmetric
- None – all encryptions are integer based.
- Elliptic Curve
- RSA
-
You are the Network Administrator for a bank. In addition to the usual security issues, you are concerned that your customers could be the victim of phishing attacks that use fake bank Web sites. Which of the following would protect against this?
- MAC
- Mutual authentication
- Three factor authentication
- Two factor authentication
-
Which of the following are man-made threats that an organization faces? Each correct answer represents a complete solution. Choose three.
- Theft
- Employee errors
- Strikes
- Frauds
-
In which of the following access control models, owner of an object decides who is allowed to access the object and what privileges they have?
- Access Control List (ACL)
- Mandatory Access Control (MAC)
- Role Based Access Control (RBAC)
- Discretionary Access Control (DAC)
-
Which of the following describes the acceptable amount of data loss measured in time?
- Recovery Consistency Objective (RCO)
- Recovery Time Objective (RTO)
- Recovery Point Objective (RPO)
- Recovery Time Actual (RTA)
-
Which of the following methods for identifying appropriate BIA interviewees’ includes examining the organizational chart of the enterprise to understand the functional positions?
- Executive management interviews
- Overlaying system technology
- Organizational chart reviews
- Organizational process models
-
Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?
- Spoofing
- Packet sniffing
- Tunneling
- Packet filtering
-
You work as a Network Administrator for Net Soft Inc. You are designing a data backup plan for your company’s network. The backup policy of the company requires high security and easy recovery of data. Which of the following options will you choose to accomplish this?
- Take a full backup daily and use six-tape rotation.
- Take a full backup on Monday and a differential backup on each of the following weekdays. Keep Monday’s backup offsite.
- Take a full backup daily with the previous night’s tape taken offsite.
- Take a full backup on alternate days and keep rotating the tapes.
- Take a full backup on Monday and an incremental backup on each of the following weekdays. Keep Monday’s backup offsite.
- Take a full backup daily with one tape taken offsite weekly.
-
Which of the following is a network service that stores and organizes information about a network users and network resources and that allows administrators to manage users’ access to the resources?
- SMTP service
- Terminal service
- Directory service
- DFS service
-
Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?
- CHAP
- PAP
- Kerberos
- TACACS
-
Which of the following are types of asymmetric encryption algorithms? Each correct answer represents a complete solution. Choose two.
- RSA
- AES
- ECC
- DES
-
Which of the following LAN protocols use token passing for exchanging signals among various stations on the network? Each correct answer represents a complete solution. Choose two.
- Ethernet (IEEE 802.3)
- Token ring (IEEE 802.5)
- Fiber Distributed Data Interface (FDDI)
- Wireless LAN (IEEE 802.11b)
-
You are the Network Administrator at a large company. Your company has a lot of contractors and other outside parties that come in and out of the building. For this reason you are concerned that simply having usernames and passwords is not enough and want to have employees use tokens for authentication. Which of the following is not an example of tokens?
- Smart card
- USB device with cryptographic data
- CHAP
- Key fob
-
Which of the following attacks allows the bypassing of access control lists on servers or routers, and helps an attacker to hide? Each correct answer represents a complete solution. Choose two.
- DNS cache poisoning
- MAC spoofing
- IP spoofing attack
- DDoS attack
-
Which of the following heights of fence deters only casual trespassers?
- 8 feet
- 3 to 4 feet
- 2 to 2.5 feet
- 6 to 7 feet
-
In which of the following types of tests are the disaster recovery checklists distributed to the members of disaster recovery team and asked to review the assigned checklist?
- Parallel test
- Simulation test
- Full-interruption test
- Checklist test
-
SIMULATION
Fill in the blank with the appropriate security method. ____________ is a system, which enables an authority to control access to areas and resources in a given physical facility, or computer- based information system.
Access control
Subscribe
0 Comments
Newest