Escrito por estudiantes que aprobaron Inmediatamente disponible después del pago Leer en línea o como PDF ¿Documento equivocado? Cámbialo gratis 4,6 TrustPilot
logo-home
Examen

CISSP - EXAM PRACTICE/STUDY QUESTIONS AND ANSWERS 100%

Puntuación
-
Vendido
-
Páginas
29
Grado
A+
Subido en
25-10-2023
Escrito en
2023/2024

CISSP - EXAM PRACTICE/STUDY What is the most effective defense against cross-site scripting attacks? a) Limiting account privileges b)User Authentication c) Input validation d) Encryption - ANSWER c) Input validation prevents cross-site scripting attacks by limiting user input to a predefined range. This prevents the attacker from including the HTML ˂SCRIPT˃ tag in the input. What phase of the Electronic Discovery Reference Model puts evidence in a format that may be shared with others? a) production b) processing c) revice d) presentation - ANSWER a) Production places the information in a format that may be shared with others. What form of security planning is designed to focus on timeframes of approximately one year and may include scheduling of tasks, assignment of responsibilities, hiring plans, maintenance plans, and even acquisition plans? a)strategic b) operational c) tactical d)administrative - ANSWER c.) tactical planning is designed to focus on timeframes of approximately one year and may include scheduling of tasks, assignment of responsibilities, hiring plans, maintenance plans, and even acquisition plans. Which is not a part of an electronic access control lock? A. An electromagnet B. A credential reader C. A door sensor D. A biometric scanner - ANSWER d -An electronic access control (EAC) lock comprises three elements: an electromagnet to keep the door closed, a credential reader to authenticate subjects and to disable the electromagnet, and a door-closed sensor to reenable the electromagnet. Which one of the following items is a characteristic of hot sites but not a characteristic of warm sites? a.Communications circuits B. Workstations C. Servers D. Current data - ANSWER d- current data Which one of the following Data Encryption Standard (DES) operating modes can be used for large messages with the assurance that an error early in the encryption/decryption process won't spoil results throughout the communication? A. Cipher Block Chaining (CBC) B. Electronic Code Book (ECB) C. Cipher Feedback (CFB) D. Output feedback (OFB) - ANSWER d -Output feedback (OFB) mode prevents early errors from interfering with future encryption/decryption. Cipher Block Chaining and Cipher Feedback modes will carry errors throughout the entire encryption/decryption process. Electronic Code Book (ECB) operation is not suitable for large amounts of data. Which one of the following items is not a critical piece of information in the chain of evidence? A. General description of the evidence B. Name of the person collecting the evidence C. Relationship of the evidence to the crime D. Time and date the evidence was collected - ANSWER c -The chain of evidence does not require that the evidence collector know or document the relationship of the evidence to the crime. Which firewall type looks exclusively at the message header to determine whether to transmit or drop data? A. Static packet filtering B. Application-level gateway C. Stateful inspection D. Dynamic packet filtering - ANSWER a -A static packet-filtering firewall filters traffic by examining data from a message header. What type of information is used to form the basis of an expert system's decision-making process? A. A series of weighted layered computations B. Combined input from a number of human experts, weighted according to past performance C. A series of "if/then" rules codified in a knowledge base D. A biological decision-making process that simulates the reasoning process used by the human mind - ANSWER c -Expert systems use a knowledge base consisting of a series of "if/then" statements to form decisions based on the previous experience of human experts. What type of cryptographic attack rendered Double DES (2DES) no more effective than standard DES encryption? A. Birthday attack B. Chosen ciphertext attack C. Meet-in-the-middle attack D. Man-in-the-middle attack - ANSWER c -The meet-in-the-middle attack demonstrated that it took relatively the same amount of computation power to defeat 2DES as it does to defeat standard DES. This led to the adoption of Triple DES (3DES) as a standard for government communication. Which of the following is most directly associated with providing or supporting perfect forward secrecy? A. PBKDF2 B. ECDHE C. HMAC D. OCSP - ANSWER B- Elliptic Curve Diffie-Hellman Ephemeral, or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE), implements perfect forward secrecy through the use of elliptic curve cryptography (ECC). PBKDF2 is an example of a key-stretching technology not directly supporting perfect forward secrecy. HMAC is a hashing function. OCSP is used to check for certificate revocation. What is the best way to understand the meaning of the term 100-year flood plain? A. A flood that occurs once every 100 years B. A flood larger than any recorded in the past 100 years C. A very serious but very unlikely flood event D. A very serious flood that has a probability of 1 in 100 (1%) of occurring in any single calendar year - ANSWER D-Flood levels rated in years (100-year, 500-year, 1,000-year, and so forth) basically reflect estimates of the probability of their occurrence. An area rated as a 100-year flood plain has a 1 in 100 chance of occurring in any given calendar year (1%), a 500-year flood has a 1 in 500 chance of occurring in any given calendar year, and so forth. Options A and B misrepresent the meaning of the 100-year interval mentioned, while option C fails to address its probabilistic intent. What is the formula used to compute the ALE? A. ALE = AV * EF * ARO B. ALE = ARO * EF C. ALE = AV * ARO D. ALE = EF * ARO - ANSWER a -The Annualized Loss Expectancy (ALE) is computed as the product of the asset value (AV) times the exposure factor (EF) times the annualized rate of occurrence (ARO). This is the longer form of the formula ALE = SLE * ARO. The other formulas displayed here do not accurately reflect this calculation. Matthew and Richard want to communicate with each other using a public key cryptosystem. What is the total number of keys they must have to successfully communicate? A. 1 B. 2 C. 3 D. 4 - ANSWER To use public key cryptography, Matthew and Richard must each have their own pair of public and private cryptographic keys.

Mostrar más Leer menos
Institución
CISSP - Certified Information Systems Security Professional
Grado
CISSP - Certified Information Systems Security Professional










Ups! No podemos cargar tu documento ahora. Inténtalo de nuevo o contacta con soporte.

Escuela, estudio y materia

Institución
CISSP - Certified Information Systems Security Professional
Grado
CISSP - Certified Information Systems Security Professional

Información del documento

Subido en
25 de octubre de 2023
Número de páginas
29
Escrito en
2023/2024
Tipo
Examen
Contiene
Preguntas y respuestas

Temas

$15.59
Accede al documento completo:

¿Documento equivocado? Cámbialo gratis Dentro de los 14 días posteriores a la compra y antes de descargarlo, puedes elegir otro documento. Puedes gastar el importe de nuevo.
Escrito por estudiantes que aprobaron
Inmediatamente disponible después del pago
Leer en línea o como PDF


Documento también disponible en un lote

Conoce al vendedor

Seller avatar
Los indicadores de reputación están sujetos a la cantidad de artículos vendidos por una tarifa y las reseñas que ha recibido por esos documentos. Hay tres niveles: Bronce, Plata y Oro. Cuanto mayor reputación, más podrás confiar en la calidad del trabajo del vendedor.
NURS3RD Sprott Shaw College
Seguir Necesitas iniciar sesión para seguir a otros usuarios o asignaturas
Vendido
24
Miembro desde
3 año
Número de seguidores
18
Documentos
110
Última venta
1 año hace
NURS3RD

For students who want to achieve the best grades, I have quality reading materials for you , there are assignments, case studies, research, essay questions and answers, discussions and all topics 100% verified. quality guaranteed,feel free to contat me if you need assistance. Kindly rate the document after purchase to help me serve you better.

4.0

2 reseñas

5
1
4
0
3
1
2
0
1
0

Recientemente visto por ti

Por qué los estudiantes eligen Stuvia

Creado por compañeros estudiantes, verificado por reseñas

Calidad en la que puedes confiar: escrito por estudiantes que aprobaron y evaluado por otros que han usado estos resúmenes.

¿No estás satisfecho? Elige otro documento

¡No te preocupes! Puedes elegir directamente otro documento que se ajuste mejor a lo que buscas.

Paga como quieras, empieza a estudiar al instante

Sin suscripción, sin compromisos. Paga como estés acostumbrado con tarjeta de crédito y descarga tu documento PDF inmediatamente.

Student with book image

“Comprado, descargado y aprobado. Así de fácil puede ser.”

Alisha Student

Preguntas frecuentes