Examen:

CISSP - (ISC)2 Certified Information Systems Security Professional - Assesment Test

1.-Which of the following types of access control seeks to discover evidence of unwanted, unauthorized, or illicit behavior or activity?
A. Preventive
B. Deterrent
C. Detective
D. Corrective

2.-Define and detail the aspects of password selection that distinguish good password choices from ultimately poor password choices.
A. Is difficult to guess or unpredictable
B. Meets minimum length requirements
C. Meets specific complexity requirements
D. All of the above

3.-Some adversaries use DoS attacks as their primary weapon to harm targets, whereas others may use them as weapons of last resort when all other attempts to intrude on a target fail
A. Host-based IDS
B. Network-based IDS
C. Vulnerability scanner
D. Penetration testing

Unfortunately, attackers have many options of attacks to perform against their targets.

4.-Which of the following is considered a denial-of-service (DoS) attack?
A. Pretending to be a technical manager over the phone and asking a receptionist to change their password
B. While surfing the web, sending to a web server a malformed URL that causes the system to consume 100 percent of the CPU
C. Intercepting network traffic by copying the packets as they pass through a specific subnet
D. Sending message packets to a recipient who did not request them, simply to be annoying

Hardware networking devices operate within the protocol stack just like protocols themselves. Thus, hardware networking devices can be associated with an OSI model layer related to the protocols they manage or control

5.-At which layer of the OSI model does a router operate?
D. Layer
A. Network layer
B. Layer 1
C. Transport layer

6.-Which type of firewall automatically adjusts its filtering rules based on the content and context of the traffic of existing sessions?
A. Static packet filtering
B. Application-level gateway
C. Circuit-level gateway
D. Stateful inspection firewall

A VPN can be a significant security improvement for many communication links

7.-A VPN can be established over which of the following?
A. Wireless LAN connection
B. Remote access dial-up connection
C. WAN link
D. All of the above

Adversaries will use any and all means to harm their targets. This includes mixing attack concepts together to make a more effective campaign

8.-What type of malware uses social engineering to trick a victim into installing it?
A. Virus
B. Worm
C. Trojan horse
D. Logic bomb

Security is established by understanding the assets of an organization that need protection and understanding the threats that could cause harm to those assets. Then, controls are selected that provide protection for the CIA Triad of the assets at risk

9.-The CIA Triad consists of what elements?
A. Contiguousness, interoperable, arranged
B. Authentication, authorization, accountability
C. Capable, available, integral
D. Availability, confidentiality, integrity

The security concept of AAA services describes the elements that are necessary to establish subject accountability

10.-Which of the following is not a required component in the support of accountability?
A. Logging
B. Privacy
C. Identification verification
D. Authorization

Collusion is when two or more people work together to commit a crime or violate a company policy

11.-Which of the following is not a defense against collusion?
A. Separation of duties
B. Restricted job responsibilities
C. Group user accounts
D. Job rotation

12.-A data custodian is responsible for securing resources after ______________ has assigned the resource a security label
A. Senior management
B. The data owner
C. An auditor
D. Security staff

13.-In what phase of the Capability Maturity Model for Software (SW-CMM) are quantitative measures used to gain a detailed understanding of the software development process?
A. Repeatable
B. Defined
C. Managed
D. Optimizing

14.-Which one of the following is a layer of the ring protection scheme design concept that is not normally implemented?
A. Layer 0
B. Layer 1
C. Layer 3
D. Layer 4

TCP operates at the Transport layer and is a connection-oriented protocol. It uses a special process to establish a session each time a communication takes place

15.-What is the last phase of the TCP three-way handshake sequence?
A. SYN flagged packet
B. ACK flagged packet
C. FIN flagged packet
D. SYN/ACK flagged packet

The lack of secure coding practices has enabled an uncountable number of software vulnerabilities that hackers have discovered and exploited

16.-Which one of the following vulnerabilities would be best countered by adequate parameter checking?
A. Time-of-check to time-of-use
B. Buffer overflow
C. SYN flood
D. Distributed denial of service (DDoS)

Computers are based on binary mathematics. All computer functions are derived from the basic set of Boolean operations

X: 0 1 1 0 1 0
Y: 0 0 1 1 0 1
___________________
X Å Y: ?

17.-What is the value of the logical operation shown here?
A. 0 1 0 1 1 1
B. 0 0 1 0 0 0
C. 0 1 1 1 1 1
D. 1 0 0 1 0 1

(Choose all that apply.)
18.-Which of the following are considered standard data type classifications used in either a government/military or a private sector organization?
A. Public
B. Healthy
C. Private
D. Internal
E. Sensitive
F. Proprietary
G. Essential
H. Certified
I. Critical
J. Confidential
K. For Your Eyes Only

The General Data Protection Regulation (GDPR) has defined several roles in relation to the protection and management of personally identifiable information (PII)

19.-Which of the following statements is true?
A. A data processor is the entity assigned specific responsibility for a data asset in order to ensure its protection for use by the organization.
B. A data custodian is the entity that performs operations on data.
C. A data controller is the entity that makes decisions about the data they are collecting.
D. A data owner is the entity assigned or delegated the day-to-day responsibility of proper storage and transport as well as protecting data, assets, and other organizational objects.

20.-If Renee receives a digitally signed message from Mike, what key does she use to verify that the message truly came from Mike?
A. Renee’s public key
B. Renee’s private key
C. Mike’s public key
D. Mike’s private key

A systems administrator is setting up a new data management system. It will be gathering data from numerous locations across the network, even from remote offsite locations.
The data will be moved to a centralized facility, where it will be stored on a massive RAID array.
The data will be encrypted on the storage system using AES-256, and most files will be signed as well.
The location of this data warehouse is secured so that only authorized personnel can enter the room and all digital access is limited to a set of security administrators.

21.-Which of the following describes the data?
A. The data is encrypted in transit.
B. The data is encrypted in processing.
C. The data is redundantly stored.
D. The data is encrypted at rest.

22.-The __________ is the entity assigned specific responsibility for a data asset in order to ensure its protection for use by the organization.
A. Data owner
B. Data controller
C. Data processor
D. Data custodian

A security auditor is seeking evidence of how sensitive documents made their way out of the organization and onto a public document distribution site.
It is suspected that an insider exfiltrated the data over a network connection to an external server, but this is only a guess.

(Choose two.)
23.-Which of the following would be useful in determining whether this suspicion is accurate?
A. NAC
B. DLP alerts
C. Syslog
D. Log analysis
E. Malware scanner reports
F. Integrity monitoring

A new Wireless Application Protocol (WAP) is being installed to add wireless connectivity to the company network. The configuration policy indicates that WPA3 is to be used and thus only newer or updated endpoint devices can connect. The policy also states that ENT authentication will not be implemented.

24.-What authentication mechanism can be implemented in this situation?
A. IEEE 802.1X
B. IEEE 802.1q
C. Simultaneous authentication of equals (SAE)
D. EAP-FAST

(Choose all that apply.)
25.-When securing a mobile device, what types of authentication can be used that depend on the user’s physical attributes?
A. Fingerprint
B. TOTP (time-based one-time password)
C. Voice
D. SMS (short message service)
E. Retina
F. Gait
G. Phone call
H. Facial recognition
I. Smartcard
J. Password

A recently acquired piece of equipment is not working properly. Your organization does not have a trained repair technician on staff, so you have to bring in an outside expert.

26.-What type of account should be issued to a trusted third-party repair technician?
A. Guest account
B. Privileged account
C. Service account
D. User account

Security should be designed and integrated into the organization as a means to support and maintain the business objectives. However, the only way to know if the implemented security is sufficient is to test it.

27.-Which of the following is a procedure designed to test and perhaps bypass a system’s security controls?
A. Logging usage data
B. War dialing
C. Penetration testing
D. Deploying secured desktop workstations

Security needs to be designed to support the business objectives, but it also needs to be legally defensible. To defend the security of an organization, a log of events and activities must be created.

28.-Auditing is a required factor to sustain and enforce what?
A. Accountability
B. Confidentiality
C. Accessibility
D. Redundancy

Risk assessment is a process by which the assets, threats, probabilities, and likelihoods are evaluated in order to establish criticality prioritization.

29.-What is the formula used to compute the ALE?
A. ALE = AV * EF * ARO
B. ALE = ARO * EF
C. ALE = AV * ARO
D. ALE = EF * ARO

Incident response plans, business continuity plans, and disaster recovery plans are crafted when implementing business-level redundancy. These plans are derived from the information obtained when performing a business impact assessment (BIA).

30.-What is the first step of the BIA process?
A. Identification of priorities
B. Likelihood assessment
C. Risk identification
D. Resource prioritization

Many events can threaten the operation, existence, and stability of an organization. Some of those threats are human caused, whereas others are from natural events.

31.-Which of the following represent natural events that can pose a threat or risk to an organization?
A. Earthquake
B. Flood
C. Tornado
D. All of the above

32.-What kind of recovery facility enables an organization to resume operations as quickly as possible, if not immediately, upon failure of the primary facility?
A. Hot site
B. Warm site
C. Cold site
D. All of the above

During an account review, an auditor provided the following report:
User Last Login Length Lass Password Change
Bob 4 hours 87 days
Sue 3 hours 38 days
John 1 hour 935 days
Kesha 3 hours 49 days
The security manager reviews the account policies of the organization and takes note of the following requirements:
- Passwords must be at least 12 characters long.
- Passwords must include at least one example of three different character types.
- Passwords must be changed every 180 days.
- Passwords cannot be reused.

33.-Which of the following security controls should be corrected to enforce the password policy?
A. Minimum password length
B. Account lockout
C. Password history and minimum age
D. Password maximum age

Any evidence to be used in a court proceeding must abide by the Rules of Evidence to be admissible.

34.-What type of evidence refers to written documents that are brought into court to prove a fact?
A. Best evidence
B. Parol evidence
C. Documentary evidence
D. Testimonial evidence

DevOps manager John is concerned with the CEO’s plan to minimize his department and outsource code development to a foreign programming group. John has a meeting scheduled with the board of directors to encourage them to retain code development in house due to several concerns.

(Choose all that apply.)
35.-Which of the following should John include in his presentation?
A. Code from third parties will need to be manually reviewed for function and security.
B. If the third party goes out of business, existing code may need to be abandoned.
C. Third-party code development is always more expensive.
D. A software escrow agreement should be established.

36.-When TLS is being used to secure web communications, what URL prefix appears in the web browser address bar to signal this fact?
A. SHTTP://
B. TLS://
C. FTPS://
D. HTTPS://

A new update has been released by the vendor of an important software product that is an essential element of a critical business task. The chief security officer (CSO) indicates that the new software version needs to be tested and evaluated in a virtual lab, which has a cloned simulation of many of the company’s production systems.
Furthermore, the results of this evaluation must be reviewed before a decision is made as to whether the software update should be installed and, if so, when to install it.

37.-What security principle is the CSO demonstrating?
A. Business continuity planning (BCP)
B. Onboarding
C. Change management
D. Static analysis

38.-What type of token device produces new time-derived passwords on a specific time interval that can be used only a single time when attempting to authenticate?
A. HOTP
B. HMAC
C. SAML
D. TOTP

When evaluating a cloud service provider (CSP), which of the following is the most important security concern?

39.-Your organization is moving a significant portion of their data processing from an on-premises solution to the cloud.
A. Data retention policy
B. Number of customers
C. Hardware used to support VMs
D. Whether they offer MaaS, IDaaS, and SaaS

Most software vulnerabilities exist because of a lack of secure or defensive coding practices used by the developers.

(Choose all that apply.)
40.-Which of the following is not considered a secure coding technique?
A. Using immutable systems
B. Using stored procedures
C. Using code signing
D. Using server-side validation
E. Optimizing file sizes
F. Using third-party software libraries