CISSP Practice Test 1 250 (A+ Graded 100% Verified)

CISSP Practice Test 1 250 (A+ Graded 100% Verified) Baseline NIST SP 800-53 discusses security control baselines as a list of security controls. CIS releases security baselines, and a baseline is a useful part of a threat management strategy and may contain a list of acceptable configuration items. *Content Distribution Network (CDN) is designed to provide reliable, low-latency, geographically distributed content distribution. In this scenario, a CDN is an ideal solution. A P2P CDN like BitTorrent isn't a typical choice for a commercial entity, whereas redundant servers or a hot site can provide high availability but won't provide the remaining requirements. Blocking read commands sent to the device A forensic disk controller performs four functions. One of those, write blocking, intercepts write commands sent to the device and prevents them from modifying data on the device. The other three functions include returning data requested by a read operation, returning access-significant information from the device, and reporting errors from the device back to the forensic host. The controller should not prevent read commands from being sent to the device because those commands may return crucial information. RAID 1 Disk mirroring, requires two physical disks that will contain copies of the same data. TGS, or Ticket-Granting Service (which is usually on the same server as the KDC) receives a TGT from the client. It validates the TGT and the user's rights to access the service they are requesting to use. The TGS then issues a ticket and session keys to the client. The AS serves as the authentication server, which forwards the username to the KDC. *Asynchronous X communications rely on a a built-in stop and start flag or bit. This makes asynchronous communications less efficient than synchronous communications, but better suited to some types of communication. *Wave pattern X motion detectors transmit ultrasonic or microwave signals into the monitor area, watching for changes in the returned signals bouncing off objects. A stateful packet inspection firewall X, also known as dynamic packet filtering firewalls, track the state of a conversation, and can allow a response from a remote system based on an internal system being allowed to start the communication. Static packet filtering and circuit level gateways only filter based on source, destination, and ports, whereas application-level gateway firewalls proxy traffic for specific applications. A captive portal X can require those who want to connect to and use Wi-Fi to provide an email address to connect. This allows Ben to provide easy-to-use wireless while meeting his business purposes. WPA2 PSK is the preshared key mode of WPA and won't provide information about users who are given a key. Sharing a password doesn't allow for data gathering either. Port security is designed to protect wired network ports based on MAC addresses. *Set up a separate SSID using WPA2. Many modern wireless routers can provide multiple SSIDs. Ben can create a private, secure network for his business operations, but he will need to make sure that the customer and business networks are firewalled or otherwise logically separated from each other. Running WPA2 on the same SSID isn't possible without creating another wireless network and would cause confusion for customers (SSIDs aren't required to be unique). Running a network in Enterprise mode isn't used for open networks, and WEP is outdated and incredibly vulnerable. Open networks are unencrypted, making traffic easily sniffable. Unencrypted open networks broadcast traffic in the clear. This means that unencrypted sessions to websites can be easily captured with a packet sniffer. Some tools like FireSheep have been specifically designed to capture sessions from popular websites. Fortunately, many now use TLS by default, but other sites still send user session information in the clear. Shared passwords are not the cause of the vulnerability, ARP spoofing isn't an issue with wireless networks, and a Trojan is designed to look like safe software, not to compromise a router. *AES The DES modes of operation are Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR). The Advanced Encryption Standard (AES) is a separate encryption algorithm. Clipping X is an analysis technique that only reports alerts after they exceed a set threshold. It is a specific form of sampling, which is a more general term that describes any attempt to excerpt records for review. Thresholding is not a commonly used term. Administrators may choose to configure automatic or manual account lockout after failed login attempts but that is not described in the scenario. RADIUS X is a common AAA technology used to provide services for dial-up, wireless networks, network devices, and a range of other systems. OAuth is an authentication protocol used to allow applications to act on a user's behalf without sharing the password, and is used for many web applications. While both XTACACS and TACACS+ provide the functionality Sally is looking for, both are Cisco proprietary protocols. Inference In an X attack, the attacker uses several pieces of generic nonsensitive information to determine a specific sensitive value. *Take rule The X allows a subject to take the rights belonging to another object. If Alice has take rights on Bob, she can give herself the same permissions that Bob already possesses. A brute-force attack X attacks try every possible password. In this attack, the password is changing by one letter at each attempt, which indicates that it is a brute-force attack. A dictionary attack would use dictionary words for the attack, whereas a man-in-the-middle or pass-the-hash attack would most likely not be visible in an authentication log except as a successful login. *Isolation X requires that transactions operate separately from each other. Atomicity ensures that if any part of a database transaction fails, the entire transaction must be rolled back as if it never occurred. Consistency ensures that all transactions are consistent with the logical rules of the database, such as having a primary key. Durability requires that once a transaction is committed to the database it must be preserved. *Worm X have built-in propagation mechanisms that do not require user interaction, such as scanning for systems containing known vulnerabilities and then exploiting those vulnerabilities to gain access. Viruses and Trojan horses typically require user interaction to spread. Logic bombs do not spread from system to system but lie in wait until certain conditions are met, triggering the delivery of their payload. *Teardrop In a X attack, the attacker fragments traffic in such a way that the system is unable to reassemble them. Modern systems are not vulnerable to this attack if they run current operating systems, but the concept of this attack illustrates the danger of relying upon users following protocol specifications instead of performing proper exception handling. SYN, SYN/ACK, ACK The TCP three-way handshake consists of initial contact via a SYN, or synchronize flagged packet, which receives a response with a SYN/ACK, or synchronize and acknowledge flagged packet, which is acknowledged by the original sender with an ACK, or acknowledge packet. RST is used in TCP to reset a connection, PSH is used to send data immediately, and FIN is used to end a connection. *Assuming control of a nonregistered BYOD mobile device MDM products do not have the capability of assuming control of a device not currently managed by the organization. This would be equivalent to hacking into a device owned by someone else and might constitute a crime. Identity as a Service X provides an identity platform as a third-party service. This can provide benefits, including integration with cloud services and removing overhead for maintenance of traditional on-premise identity systems, but can also create risk due to third-party control of identity services and reliance on an offsite identity infrastructure. *Advance and protect the profession Gina's actions harm the CISSP certification and information security community by undermining the integrity of the examination process. While Gina also is acting dishonestly, the harm to the profession is more of a direct violation of the code of ethics ALE The annualized loss expectancy is the amount of damage that the organization expects to occur each year as the result of a given risk. Whitelisting The X approach to application control allows users to install only those software packages specifically approved by administrators.. This would be an appropriate approach in a scenario where application installation needs to be tightly controlled. Denial of service This is a clear example of a X attack—denying legitimate users authorized access to the system through the use of overwhelming traffic. It goes beyond a reconnaissance attack because the attacker is affecting the system, but it is not a compromise because the attacker did not attempt to gain access to the system. There is no reason to believe that a malicious insider was involved. Company ID The X is likely unique for each row in the table, making it the best choice for a primary key. There may be multiple companies that share the same name or ZIP code. Similarly, a single sales representative likely serves more than one company, making those fields unsuitable for use as a unique identifier. PII Personally Identifiable Information X includes data that can be used to distinguish or trace that person's identity, and also includes information like their medical, educational, financial, and employment information. PHI is personal health information, EDI is electronic data interchange, and proprietary data is used to maintain an organization's competitive advantage. 129.53.44.124 129.53.44.124 is a valid public IP address and a legitimate destination for traffic leaving Bob's network. 12.8.195.15 is a public address on Bob's network and should not be a destination address on a packet leaving the network. 10.8.15.9 and 192.168.109.55 are both private IP addresses that should not be routed to the Internet. *64 Binary keyspaces contain a number of keys equal to 2 raised to the power of the number of bits. Two to the sixth power is 64, so a 6-bit keyspace contains 64 possible keys. The number of viable keys is usually smaller in most algorithms due to the presence of parity bits and other algorithmic overhead or security issues that restrict the use of some key values. *The built-in erase commands are not completely effective on some SSDs. Research has shown that traditional methods of sanitizing files on SSDs were not reliable. SSDs remap data sectors as part of wear leveling, and erase commands are not consistently effective across multiple SSD brands. Zero fills can be performed on SSDs but may not be effective, much like erase commands. Degaussing doesn't work on SSDs because they are flash media, rather than magnetic media. SSDs don't have data remanence issues, but that doesn't create the need to destroy them. Encrypting the files Encrypting the files reduces the probability that the data will be successfully stolen, so it is an example of risk mitigation. Deleting the files would be risk avoidance. Purchasing insurance would be risk transference. Taking no action would be risk acceptance. Sampling should be conducted randomly. X to avoid human bias. Choosing a timeframe may miss historic issues or only account for the current administrator's processes. Sampling is an effective process if it is done on a truly random sample of sufficient size to provide effective coverage of the userbase. *Notice, choice, onward transfer, security, data integrity, access, enforcement The European Data Protection Directive's seven primary tenets are Notice Choice Onward transfer Security Data integrity Access Enforcement White box In a X test, the attacker has access to full implementation details of the system, including source code, prior to beginning the test. In gray-box testing, the attacker has partial knowledge. In black-box testing, the attacker has no knowledge of the system and tests it from a user perspective. Blue boxes are a phone hacking tool and are not used in software testing. *Application log The file clearly shows HTTP requests, as evidenced by the many GET commands. Therefore, this is an example of an application log from an HTTP server. *A blue box A blue box was used to generate the 2600 Hz tones that trunking systems required. White boxes included a dual-tone, multifrequency generator to control phone systems. Black boxes were designed to steal long-distance service by manipulating line voltages, and red boxes simulated the tones of coins being deposited into payphones. Social engineering X exploits humans to allow attacks to succeed. Since help desk employees are specifically tasked with being helpful, they may be targeted by attackers posing as legitimate employees. Trojans are a type of malware, whereas phishing is a targeted attack via electronic communication methods intended to capture passwords or other sensitive data. Whaling is a type of phishing aimed at high-profile or important targets. *Out-of-band identity proofing Identity proofing that relies on a type of verification outside of the initial environment that required the verification is out-of-band identity proofing. This type of verification relies on the owner of the phone or phone number having control of it but removes the ability for attackers to use only Internet-based resources to compromise an account. Knowledge-based authentication relies on answers to preselected information, whereas dynamic knowledge-based authentication builds questions using facts or data about the user. Risk-based identity proofing uses risk-based metrics to determine whether identities should be permitted or denied access. It is used to limit fraud in financial transactions, such as credit card purchases. This is a valid form of proofing but does not ne-cessairly use an out-of-band channel, such as SMS. *MOD The modulo function is the remainder value left over after an integer division operation takes place. Hybrid A X authentication service can provide authentication services in both the cloud and on-premise, ensuring that service outages due to interrupted links are minimized. An onsite service would continue to work during an Internet outage but would not allow the e-commerce website to authenticate. A cloud service would leave the corporate location offline. Outsourcing authentication does not indicate whether the solution is on or off-premise, and thus isn't a useful answer. Federation X links identity information between multiple organizations. Federating with a business partner can allow identification and authorization to occur between them, making integration much easier. Single sign-on would reduce the number of times a user has to log in but will not facilitate the sharing of identity information. Multifactor can help secure authentication, but again, doesn't help integrate with a third party. Finally, an Identity as a Service provider might provide federation but doesn't guarantee it. SAML Security Assertion Markup Language X is frequently used to integrate cloud services and provides the ability to make authentication and authorization assertions. Active Directory integrations are possible but are less common for cloud service providers, and RADIUS is not typically used for integrations like this. Service Provisioning Markup Language (SPML) is used to provision users, resources, and services, not for authentication and authorization. *Salting Rainbow tables use precomputed password hashes to conduct cracking attacks against password files. They may be frustrated by the use of salting, which adds a specified value to the password prior to hashing, making it much more difficult to perform precomputation. Password expiration policies, password complexity policies, and user education may all contribute to password security, but they are not direct defenses against the use of rainbow tables. Honeypot A X is a decoy computer system used to bait intruders into attacking. A honeynet is a network of multiple honeypots that creates a more sophisticated environment for intruders to explore. A pseudoflaw is a false vulnerability in a system that may attract an attacker. A darknet is a segment of unused network address space that should have no network activity and, therefore, may be easily used to monitor for illicit activity. CER X is the point where both the false acceptance rate and the false rejection rate cross. CER and ERR, or equal error rate, mean the same thing and are used interchangeably. Type 2 A X is something you have, like a smartcard or hardware token. A type 1 authentication factor is something you know. A type 3 authentication factor is something you are, like a biometric identifier. There is no such thing as a type 4 authentication factor. Steganography X is the art of using cryptographic techniques to embed secret messages within other content. Steganographic algorithms work by making invisible alterations to files, such as modifying the least significant bits of the many bits that make up image files. VPNs may be used to obscure secret communications, but they provide protection in transit and can't be used to embed information in an image. Watermarking does embed information in an image but with the intent of protecting intellectual property. A still image would not be used for a covert timing channel because it is a fixed file. JavaScript X is an interpreted language so the code is not compiled prior to execution, allowing Roger to inspect the contents of the code. C, C++, and Java are all compiled languages—a compiler produces an executable file that is not human-readable. x When a system is configured to use shadowed passwords, the /etc/passwd file contains only the character x in the place of a password. It would not contain any passwords, in either plain-text, encrypted, or hashed form. ICMP Internet Control Message Protocol X is used for normal pings, as well as Pings of Death. Ping of Death describes attacks that were used to overflow poorly implemented ICMP handlers; smurf attacks, which spoof broadcast pings to create huge amounts of traffic on a network; and ping floods, which are a type of denial-of-service attack. *Due diligence The due care principle states that an individual should react in a situation using the same level of care that would be expected from any reasonable person. It is a very broad standard. The due diligence principle is a more specific component of due care that states an individual assigned a responsibility should exercise due care to complete it accurately and in a timely manner. Broadband ISDN, cable modems, DSL, and T1 and T3 lines are all examples of broadband technology that can support multiple simultaneous signals. They are analog, not digital, and are not broadcast technologies. Social engineering 2 Social engineering is the best answer, as it can be useful to penetration testers who are asked to assess whether staff members are applying security training and have absorbed the awareness messages the organization uses. Port and vulnerability scanning find technical issues that may be related to awareness or training issues but that are less likely to be directly related. Discovery can involve port scanning or other data-gathering efforts, but is also less likely to be directly related to training and awareness. Raid Level 5 X is also known as disk striping with parity. It uses three or more disks, with one disk containing parity information used to restore data to another disk in the event of failure. When used with three disks, RAID 5 is able to withstand the loss of a single disk. Physical The Physical layer deals with the electrical impulses or optical pulses that are sent as bits to convey data. Maintaining the hypervisor In an IaaS server environment, the customer retains responsibility for most server security operations under the shared responsibility model. This includes managing OS security settings, maintaining host firewalls, and configuring server access control. The vendor would be responsible for all security mechanisms at the hypervisor layer and below. *Proactive Proactive monitoring, aka synthetic monitoring, uses recorded or generated traffic to test systems and software. Passive monitoring uses a network span, tap, or other device to capture traffic to be analyzed. Reactive and replay are not industry terms for types of monitoring. Process isolation X ensures that the operating system allocates a separate area of memory for each process, preventing processes from seeing each other's data. This is a requirement for multilevel security systems Proximity card The use of an eletcromagnetic coil inside the card indicates that this is a X. Parallel test During a X