CISSP CC 250

A risk is the likelihood of a threat source taking advantage of a vulnerability to an information system. Risks left over after implementing safeguards is known as:

Copyright provides what form of protection:

As an information systems security professional, what is the highest amount would you recommend to a corporation to invest annually on a countermeasure for protecting their assets valued at $1 million from a potential threat that has an annualized rate of occurrence (ARO) of once every five years and an exposure factor (EF) of 10% :

Which of the following describes the first step in establishing an encrypted session using a Data Encryption Standard (DES) key?

In a typical information security program, what is the primary responsibility of information (data) owner?

Which of the following is not a component of “chain of evidence”:

When an employee transfers within an organization …

A system security engineer is evaluation methods to store user passwords in an information system, so what may be the best method to store user passwords and meeting the confidentiality security objective?

What is the inverse of confidentiality, integrity, and availability (C.I.A.) triad in risk management?

A CISSP may face with an ethical conflict between their company’s policies and the (ISC)2 Code of Ethics. According to the (ISC)2 Code of Ethics, in which order of priority should ethical conflicts be resolved?

Company X is planning to implement rule based access control mechanism for controlling access to its information assets, what type of access control is this usually related to?

In the Common Criteria Evaluation and Validation Scheme (CCEVS), requirements for future products are defined by:

As an information systems security manager (ISSM), how would you explain the purpose for a system security policy?

Configuration management provides assurance that changes…?

Under what circumstance might a certification authority (CA) revoke a certificate?

Which of the following entity is ultimately responsible for information security within an organization?

What type of cryptanalytic attack where an adversary has the least amount of information to work with?

In business continuity planning, which of the following is an advantage of a “hot site” over a “cold site”

Which of the following is the most effective method for reducing security risks associated with building entrances?

All of the following methods ensure the stored data are unreadable except…?

Prior to installation of an intrusion prevention system (IPS), a network engineer would place a packet sniffer on the network, what is the purpose for using a packet sniffer?

What determines the assignment of data classifications in a mandatory access control (MAC) philosophy?

A type cryptographic attack where it is based on the probability of two different messages using the same hash function to produce the same message digest is?

An access control system that grants users only those rights necessary for them to perform their work is operating on which security principle?

Which of the following is the primary goal of a security awareness program?

Which of the following evidence collection method is most likely accepted in a court case?

Which of the following characteristics is not of a good stream cipher?

When a security administrator wants to conduct regular test on the strength of user passwords, what may be the best setup for this test?

When engaging an external contractor for a software development project, source code escrow can be used to protect against…?

Which answer lists the proper steps required to develop a disaster recovery and business continuity plan (DRP/BCP)?

Which of the followings is an example of simple substitution algorithm?

An information security program should include the following elements:

Which of the following refers to a series of characters used to verify a user’s identity?

Which e-mail standard relies on “Web of Trust”?

Security of an automated information system is most effective and economical if the system is…?

Act of obtaining information of a higher level of sensitivity by combining information from lower level of sensitivity is called?

Which of the following virus types changes its characteristics as it spreads?

It is important that information about an ongoing computer crime investigation be…?

Which answer is not true for Diffie-Hellman algorithm?

After signing out a laptop computer from the company loaner pool, you discovered there is a memorandum stored in the loaner laptop written to a competitor containing sensitive information about a new product your company is about to release. Based on the (ISC)2 Code of Ethics, what is the first action you should take?

Job rotation…?

Which of the following is the least important information to record when logging a security violation?

Which of the following mechanism is used to achieve non-repudiation of a message delivery?

What is the trusted registry that guarantees the authenticity of client and server public keys?

The concept that all accesses must be mediated, protected from unauthorized modification, and verifiable as correct is implemented through what?

For what reason would a network administrator leverages promiscuous mode on a network interface?

Which has the flag used for a TCP 3-way handshake?

During a disaster or emergency, how does a closed-circuit television (CCTV) help management and security to minimize loss?

The goal of cryptanalysis is to…?

Which one of the followings cannot be identified by a business impact analysis (BIA)?

The three primary methods for authenticating users to a system or network are…?

Pretty Good Privacy (PGP) provides…?

Which of the following can be identified when exceptions occur using operations security detective controls?

When downloading software from Internet, why do vendors publish MD5 hash values when they provide software to customers?

From a legal perspective, which rule must be addressed when investigating a computer crime?

Before powering off a computer system, a computer crime investigator should record contents of the monitor and…?

Which of the following transaction processing properties ensures once a transaction completes successfully (commits), the updates survive even if there is a system failure?

Which of the following is not a symmetric key algorithm?

A security planning process must defines: how security will be managed, who will be responsible, and…?

A security policy provides a way to…?

Which of the following feature does a digital signature provide?

Computer security is generally considered to be the responsibility of…?

The practice of embedding a message in a document, image, video or sound recording so that its very existence is hidden is called?

What characteristic of Digital Encryption Standard (DES) used in Electronic Code Book (ECB) mode makes it unsuitable for long messages?

Separation of duties should be…?

What is the advantage of Rivest, Shamir, Adelman (RSA) public key system over the Digital Signature Algorithm (DSA)?

In IPsec, what is the standard format that helps to establish and manage the security association (SA) between two internetworking entities?

When securing Internet connections which of the following should be used to protect internal routing and labeling schemes?

Which of the following describes the step prior to an encrypted session using Data Encryption Standard (DES)?

What is a set of step-by-step instructions used to satisfy control requirements called?

The accounting branch of a large organization requires an application to process expense vouchers. Each voucher must be input by one of many accounting clerks, verified by the clerk’s applicable supervisor, then reconciled by an auditor before the reimbursement check is produced. Which access control technique should be built into the application to best serve these requirements?

What principle recommends division of responsibilities so that one person cannot commit an undetected fraud?

In what situation would TEMPEST risks and technologies be of most interest?

Which of the following is true about information that is designated with the highest level of confidentiality in a private sector organization?

When verifying key control objectives of a system design, the security specialist should ensure that the…?

What type of controls is not utilized to achieve management directives to protect company assets?

All of the followings are hashing algorithms except…?

Security management practice focuses on the continual protection of:

The likelihood of a threat source taking advantage of a vulnerability is called?

An instance of being exposed to losses is called?

Reference monitor requires which of the following conditions?

A person in possession of a sample of ciphertext and corresponding plaintext is capable of what type of attack?

Methods of handling risk include all of the followings except:

Which of the following is not true regarding security policy?

Which of the following describes the activities that assure protection mechanisms are maintained and operational?

When there is a “separation of duties”, parts of tasks are assigned to different people so that:

Which of the following is not a generally accepted benefit of security awareness, training and education?

Which statement below is an incorrect description of a security control?

Physical security is accomplished through proper facility construction, fire and water protection, anti-theft mechanisms, intrusion detection systems, and security procedures that are adhered to and enforced. Which of the following is not a component that achieves this type of security?

In a typical information security program, who would be responsible for providing reports to the corporate executives and senior management on the effectiveness of the instituted program controls?

What is the difference between quantitative and qualitative risk analysis?

If risk is defined as “the potential that a given threat will exploit vulnerabilities of an asset or group of assets to cause loss or damage to the assets” the risk has all of the following elements except?

Which statement below most accurately reflects the goal of risk mitigation?

Risk analysis allows you to do all of the following except:

Which of the following is not true with respect to qualitative risk analysis?

Which choice below is an accurate statement about standards?

A memory address location specified in a program instruction that contains the address of final memory location is known as:

Which one of the following hardware devices can be re-programmed?
1.  Read Only Memory (ROM).
2.  Programmable Read Only Memory (PROM).
3.  Erasable Programmable Read Only Memory (EPROM).
4.  Electrically Erasable Programmable Read Only Memory (EEPROM).

A processing methodology that executes two or more tasks on a single processor is known as:

Which of the following is a high-level language?

Which of the followings are security concerns with distributed systems?

Trusted Computing Base (TCB) is comprised of what combination of system components?
1.   Hardware.
2.   Firmware.
3.   Software.

Reference monitor _______.

Which security mode best defines where users have both the required clearance and the need-to-know for all data on a system?

Otherwise known as a “trap door”, this vulnerability is often built into a system.

What criteria went into the Common Criteria standard?

Which of the following is the European evaluation criteria standard?

In the following top-down Common Criteria evaluation process, what is the missing component:
Protection Profile  Target of Evaluation  <???>  Security Functionality/Assurance Requirements  Evaluation  Evaluation Assurance Level
A.  Certification Domain.
B.  Integrity Assessment.
C.  Security Domain.
D.  Security Target.

A cipher that scrambles letters into different positions is referred to as what?

The HAVAL algorithms perform what function?

Which security model focuses on confidentiality only?

Which of the following includes the definition of procedures for emergency response?

Which of the following team should be part of the disaster recovery procedures?

A characteristic of security model that enforces information flow in only one direction is:

The business continuity planning (BCP) project management and initiation phase does not involve?

In what way does the RSA algorithm differs from the Data Encryption Standard (DES)?

Information flow models:

Which type of network is more likely to include Frame Relay, Switched Multi-megabit Data Services (SMDS), and X.25?

Which device can Forward, Filter, and Flood?

Which of the following is not a good description of Pretty Good Privacy (PGP)?

Match the correct network connection speed to the correct standard.
Standard  Speed
802.11            ?
802.11b          ?
802.11g          ?
1.  1 & 2 Mbps
2.  4 & 8 Mbps
3.  11 Mbps
4.  54 Mbps

Which is not a type of service available with ATM?

MAC (Media Access Control) and LLC (Logical Link Control) have been designated to which layer by the IEEE?

____ is when a layer 3 packet is modified to fit into a layer 2 network with different characteristics.

What is the role of asymmetric key cryptography in public key infrastructure (PKI) applications?

Which routing protocol is used to allow hosts to participate in multicasting?

ARP and RARP are used to map which?

Use the unique response from a given system to identify the operating system running on a host is also known as _____.

Which is the best defense against network sniffing?

A Smurf attack takes advantage of which of the following?

Which is not true about fair cryptosystems?

A system where a user authenticates, is disconnected, and the receiving system connects back to a number in a pre-defined database is also known as which?

What does Advanced Encryption Standard (AES) do?

A Sockets (SOCKS) gateways can be classified as which type of firewall?

RFC 1918 extended IPv4 with the introduction of non-routable addresses in support of which technology below?

In configuration management, a configuration item is?

In software development life cycle, the Waterfall Model assumes that…?

What does the Spiral SDLC Model depicts?

What can best be described as an abstract machine which it must mediate all access of subjects to objects?

Which provides a physical connection between the network cabling and the computer’s internal bus?

What is defined as the hardware, firmware and software elements of a trusted computing base that implement the reference monitor concept?

Critical areas should be lighted:

The percentage of loss a realized threat could have on a certain asset is known as the:

Referential integrity requires that for any foreign key attribute, the referenced relation must have a tuple with the same value for which of the following?

Referential integrity requires that for any foreign key attribute, the referenced relation must have a tuple with the same value for which of the following?

What type of malware is self-contained and it does not need to be part of another computer program to propagate?

Which of the following represents a prolonged high voltage?

What type of malware that is capable of infect a file with an encrypted copy of itself, then modify itself when decoded to make almost impossible to detect by signature-based virus scanner?

A timely review of system access records would be an example of which basic security function?

Which of the following is a reasonable response from the intrusion detection system when it detects Internet Protocol (IP) packets where the IP source address is the same as the IP destination address?

A major disadvantage of single sign-on (SSO) is:

Which of the following can be identified when exceptions occur using operations security detective controls?

An access system that grants users only those rights necessary for them to perform their work is operating on follows which security principle?

Three principal schemes that provide a framework for managing access control are

When a communication link is subject to monitoring, what is the advantage for using an end-to-end encryption solution over link encryption solution?

To which form of access control is a rule based control mechanism usually related?

Which of the following does a digital signature provide?

What role does biometrics have in logical access control?

When establishing a violation tracking and analysis process, which one of the following parameters is used to keep the quantity of data to manageable levels?

The accounting branch of a large organization requires an application to process expense vouchers. Each voucher must be input by one of many accounting clerks, verified by the clerk’s applicable supervisor, then reconciled by an auditor before the reimbursement check is produced. What access control technique should be built into the application to meet the information protection needs?

What best describes two-factor authentication?

A timely review of system access records would be an example of which basic security function?

Which protocol makes use of an electronic wallet on a customer’s PC and sends encrypted credit card information to merchant’s Web server, which digitally signs it and sends it on to its processing bank?

Risk management helps you do all of the followings except:

Which of the following identifies the encryption algorithm selected by NIST for the new Advanced Encryption Standard (AES)?

What is the role of internet key exchange (IKE) within the IPsec protocol?

Which type of attack is based on the probability of two different messages using the same hash function producing a common message digest?

Which of the following encryption methods is considered unbreakable?

The Clipper Chip utilizes which concept in public key cryptography?

Public Key algorithms are:

Cryptography does not concern itself with:

Which of the following protects Kerberos against replay attacks?

Which network topology offers the highest reliability and availability?

A public key algorithm that does both encryption and digital signature is which of the following?

Which of the following is the correct calculation?

Copies of the original discs and other media are considered as what type of evidence?

Which of the following statement is most accurate of digital signature?

The Diffie-Hellman algorithm is primarily used to provide which of the following?

Of the following, which is most true?

Which security model addresses integrity?
1.  Bell-LaPadula.
2.  Clark-Wilson.
3.  Biba.
4.  Chinese Wall.

Of the followings, which is the best description of a digital signature?

What encryption operation is used when AES uses S-boxes during the process of encryption?

Which item is the responsibility of key management?

How many bits make up the effective Data Encryption Standard (DES) key?

The estimated frequency a threat will occur within a year is known as the:

What is the Clipper Chip key size?

When an organization is determining which data is sensitive, it must consider all of the following except:

Data Encryption Standard (DES) uses which algorithm?

To speed up RAID disk access, an organization can:

Which choice below most accurately describes the organization’s responsibilities during an unfriendly termination?

The concept of least privilege…?

Which is most likely to help a company detect fraudulent activity:

Clipping level is all of the followings except:

Proper change control management involves:

All of the followings are acceptable for sanitizing data except:

Trusted recovery may be defined as:

Which of the following is incorrect with respect to a system cold start:

Which of the following statements is incorrect:

____ tunnels NetBEUI and IPX protocols.

Which of the following statements regarding session hijacking is incorrect:

Separation of duty can be defeated by:

Recovery controls attempt to:

Which of the following questions is less likely to help in assessing physical and environmental protection?

Security guards are appropriate whenever the function required by the security program involves which of the following?

______ communications rely on clocking systems at the sending and receiving ends to sync, rather than stop and start bits.

Which of the following is a “Class A” fire?

This IPsec mode encapsulates the entire IP packet between IPsec nodes.

A momentary power outage is a:

Which security measure would be the best deterrent to the theft of corporate information from a laptop which was left in a hotel room?

Which of the following is not EPA-approved replacements for Halon?

Which of the following statements pertaining to fire suppression systems is true?

Which of the following suppresses combustion through a chemical reaction that kills the fire?

Which of the following is a “Class C” fire?

When handling electronic evidence, what is the implementation principle for chain of custody that documents the evidence life cycle?

Which of the following is a proximity identification device that does not require action by the user and works by responding with an access code to signals transmitted by a reader?

A momentary high voltage is a:

A device that supplies power when the commercial utility power system fails is called?

The ideal operating humidity range is defined as 40 percent to 60 percent. Low humidity (less than 40 percent) can produce what type of problem on computer parts?

While referring to physical security, what does positive pressurization means?

Which of the following question is less likely to help in assessing physical access controls?

The National Institute of Standards and Technology (NIST) standard pertaining to perimeter protection states that critical areas should be illuminated up to?

Which of the following is true about a “dry pipe” sprinkler system?

The followings are fire detector types except:

Which of the following asymmetric encryption algorithm is based on the difficulty of factoring large numbers?

Under what conditions would the use of a Class C fire suppression system be preferable to the use of a Class A fire suppression system?

Which of the following recovery issue must be considered in disaster recovery planning (DRP)?

A business continuity plan (BCP) should have a structure that includes:

What should take place in order to restore a server, its files and data after a major system failure?

It is recommended that your disaster recovery plan (DRP) and business continuity plan (BCP) be tested at a minimum of what intervals?

In addition to preventing loss of life and further injury, what other reason is there to immediately initiate an emergency plan after a disaster?

When shopping for an off-site backup facility that will ultimately be used to store all your backup media, what is the most important factor to consider?

What is the primary reason for using one-way hashing algorithms on user passwords?

What is the most critical factor in the development of a disaster recovery plan (DRP)?

What is the best description of a structured walk through test?

Which of the following backup facility is most expensive?

A business impact analysis would not likely include which of the following tasks?

What is the effective length of a secret key in the Data Encryption Standard (DES) algorithm?

If a site needed sporadic access to another network, which would be the best choice?

Resuming critical business functions includes:

The admissibility rule requires that evidence must be excluded if:

Chain of custody is primarily used to:

A unique packaging method or symbol is a:

Why is computer crime difficult to investigate:

Privacy laws generally include which of the following provisions:

What is the minimum and customary practice of responsible protection of assets that affects a community or societal norm?

What is the best description of a stream cipher?

Evidence may be not detected through:

Which of the following is not a valid X.509 V.3 certificate field?

Which network protocol uses a “connected” session?

What are the objectives of emergency actions taken at the beginning stage of a disaster? Preventing injuries, loss of life, and …