Free CISSP Exam Prep Practice Test

Use Simplilearn’s CISSP practice exam to test yourself in information security concepts. With these CISSP exam questions, you can define all aspects of IT security. These CISSP sample questions are free and represent the real certification. For professionals who like to study systematically, the practice sample questions are for you. You can take them multiple times and map your progress as you complete your course. Try it today!

250 Questions,
360 Minutes

Related course

CISSP^®- Certified Information Systems Security Professional

The Certified Information Systems Security Professional (CISSP) certification is considered the gold standard in the field of informatio ...

GO TO COURSE

Instructions:

1. This is a FREE test and can be attempted multiple times. But it is recommended to take the test when you are ready for best practice experience.

2. Test Duration: 360 Minutes

3. Number of questions: 250 Multiple Choice Questions

4. Each question has multiple options out of which one or more may be correct

5. You can pause the test in between and you are allowed to re-take the test later. Your test will resume from where you left, but the test time will be reduced by the amount of time you've taken in the previous attempt.

Please fill the form below to start the Practice Test

Name^*

Email^*

+91-

Phone Number^*

By providing your contact details, you agree to our Privacy Policy

Pause

Resume

{{seconds | secondsToDate | date:'HH:mm:ss'}} Time remaining

Finish

1. Which attack is used to understand the type of network topology implemented at the target?

Scanning

Land

Teardrop

Spoofing

2. The opposing forces to Confidentiality, Integrity, and Availability are:

Disclosure, alteration, and destruction

Disclosure, alteration, and detection

Degaussing, alteration, and destruction

Disclosure, detection, and destruction

3. The primary goal of a security awareness program is:

A platform for disclosing exposure and risk analysis

To make everyone aware of potential risk and exposure

Platform for disclosing exposure and risk analysis.

A way for communicating security procedures

4. Theft of Personally Identifiable Information (PII), such as credit card information is an example of which type of attack?

Integrity

Authenticity

Confidentiality

Availability

5. Ensuring -------- includes preventing denial-of-service attacks.

Availability

Authenticity

Confidentiality

Integrity

6. Which of the following information security policies are violated in most computer attacks?

Availability

Confidentiality

Integrity and control

All of the choices

7. The Health Insurance Portability and Accountability Act (HIPAA), requires that medical providers keep which information private?

Medical

Personal

Personal and medical

Insurance

8. Fault tolerance safeguards help us to combat threats to -----------

Design backbone

Online backups

Design countermeasures

Data reliability

9. What is the term used to describe a component, which in case of failure automatically responds in way that causes no or minimum harm?

Fail open

Fail safe

Fail proof

Fail resilient

10. Which one of the following is a major part of Trusted Computer Base?

The software

The security subsystem

The operating system software

The reference monitor

11. Who mediates all access relationship between subjects and objects of a system?

Firewall

Reference kernel

Security kernel

Information flow model

12. Which operating system allows multiple users to access a computer system at the same time?

Multi User

Multi Tasking

Multi Processing

Multi Threading

13. What provides network link redundancy?

Mirroring

Shadowing

Dual backbones

Duplexing

14. When a computer uses more than one CPU in parallel to execute instructions it is known as -------------.

Multiprocessing

Multitasking

Multithreading

Parallel running

15. Which of the following questions employees should desist from answering to outsiders?

What are the actions that need to be performed in case of a disaster?

Where is the organization training and awareness policy defined?

Who is involved in establishing the security policy?

Who is responsible for monitoring compliance to the organization security policy?

16. Which attack involves an employee shaving off pennies from multiple accounts and depositing the funds into his own bank account?

Data fiddling

Data diddling

Brute force

Salami

17. One method to simplify the administration of access controls is to group it in

Subjects and Objects

Capabilities and privileges

Programs and access

Superuser and user

18. Cryptography does not answer the concerns of:

Availability of information

Integrity of information

Confidentiality of information

Authenticity of information

19. Insiders are mostly responsible for kind of attack

IP spoofing

Password sniffing

Data diddling

Denial of Service (DOS)

20. You are using RAID 5 for fault tolerance, if one of the disks in it becomes corrupted, when can you take it out?

System is up and running

System is down and running

System is in-between and running

System is idle and running

21. Which function specifies access rights to resources?

Identification

Authorization

Authentication

Accounting

22. Which method provides a baseline for our system to Restore?

Full backup method

Incremental backup method

Differential backup method

Tape backup method

23. What states that a process, a user or a program must be able to access only the information and resources that are necessary to perform its authorized task?

Principle of aggregate privilege

Principle of all privilege

Principle of effective privilege

Principle of least privilege

24. Which of the following is not included in ISC2 Code of Ethics?

Protect society, the commonwealth, and the infrastructure.

Act honorably, honestly, justly, irresponsibly, and illegally

Provide diligent and competent service to the principals

Advance and protect the profession

25. Orange Book is based on which one of the following models?

Bell-LaPadula

Biba Model

Clarke Wilson

Tempest

26. Why debugging programs are used?

To create random data that can be used to test programs before implementing them

To ensure that program coding flaws and bugs are detected and corrected.

To check the functionality of program

To compare source code versions before transferring to the test environment.

27. At which layer of OSI model encryption is not possible?

Network layer

Physical layer

Session layer

Data link layer

28. Which DES modes can best be used for authentication?

Cipher Block Chaining and Electronic Code Book.

Cipher Block Chaining and Output Feedback.

Output Feedback and Electronic Code Book.

Cipher Block Chaining and Cipher Feedback.

29. Which security model is dependent on security labels?

Discretionary access control

Label-based access control

Mandatory access control

Non-discretionary access control

30. Which firewall inspects the state and context of the incoming data packets, and helps to track the connectionless protocols?

First generation firewall systems

Second generation firewall systems

Third generation firewall systems

Fourth generation firewall systems

31. Which RAID Level technique creates exact copy (or mirror) of a set of data on two disks?

RAID 1

RAID 4

RAID 2

RAID 3

32. A server cluster looks like a

Single server from the user's point of view

Dual server from the user's point of view

Tripe server from the user's point of view

Quadrille server from the user's point of view

33. Why would a database be denormalized?

To ensure data integrity

To increase processing efficiency

To prevent duplication of data

To save storage space

34. Managers of which department are ideal of development of information security policy for a large organization?

Business operations

Information Technology

Purchase

Human Resource

35. Why does buffer overflows?

Because buffers can only hold so much data.

Because input data is not checked for appropriate length at time of input.

Because they are an easy weakness to exploit.

Because of insufficient system memory.

36. Which type of firewall can be used to track connectionless protocols such as UDP and RPC?

Statefull inspection firewalls

Packet filtering firewalls

Application level firewalls

Circuit level firewalls

37. E-mail directory should not have this as a best practice?

Drafts of documents.

Copies of documents.

Permanent documents

Temporary documents

38. Which of the following should be used for IPsec to work in gateway-gateway or host-gateway mode?

Only tunnel mode can be used

Only transport mode can be used

Encapsulating Security Payload (ESP) authentication must be used

Both tunnel and transport mode can be used

39. Which of the following phase requires the involvement of Information Security Analyst?

System requirements definition

System design

Program development

Program testing

40. Security Controls are implemented to?

Eliminate risk and reduce the potential for loss

Mitigate risk and eliminate the potential for loss

Mitigate risk and reduce the potential for loss

Eliminate risk and the potential for loss

41. One advantage of circuit level gateway compared to an application level firewall is, it is:

Easier to maintain

More difficult to maintain

More secure

Slower

42. Which one is not implemented at the Internet layer of the TCP/IP protocol model?

User datagram protocol (UDP)

Internet protocol (IP)

Address resolution protocol (ARP)

Internet control message protocol (ICMP)

43. Which of the following is true about network sniffers?

Sniffers alter the source address of a computer to disguise

Sniffers allow an attacker to monitor data passing across a network.

Sniffers blocks network connections.

Sniffers send IP fragments to a system that overlap with each other

44. How a subject gets access to an object in Multi-Level Security Policy?

The subject's sensitivity label must dominate the object's sensitivity label.

The subject's sensitivity label subordinates the object's sensitivity label.

The subject's sensitivity label is subordinated by the object's sensitivity label.

The subject's sensitivity label is dominated by the object's sensitivity label

45. A contingency plan should address which of the following?

Potential risks

Residual risks

Identified risks

All of the above

46. Which of the following statements is not true about Application Control?

It limits end users of applications in such a way that only particular screens are visible.

Is non-transparent to the endpoint applications so changes are needed to the applications involved

Particular uses of the application can be recorded for audit purposes.

Only specific records can be requested choice

47. Which one is a meta-model that incorporates a number of the software development models?

The Waterfall model

The modified Waterfall model

The Spiral model

The Critical Patch Model (CPM)

48. Secure Electronic Transaction Protocol (SET) works in which layer of OSI/ISO model?

Application

Network

Presentation

Session

49. Which of the following statements are not true for pre-shared key authentication within IKE / IPsec protocol?

Pre-shared key authentication is normally based on simple passwords

Needs a PKI to work

Only one pre-shared key for all VPN connections is needed

Costly key management on large user groups

50. Which of the following characteristics are not included in TCP protocol?

Connection

Sequencing

Flow control

Connection less

51. What is the purpose of using Virtual Private Network (VPN)?

Secure remote access into a network

Securely connect two networks together

Secure data tunnel within a network

All of above

52. How the Information Security function should be handled in an organization?

Be a subset od IT function

Report directly to a specialized business unit such as legal, corporate security or insurance.

Chief Security Officer should lead and report directly to the CEO.

Be independent but report to the Information Systems function.

53. By using which of the following attack a person can illegally capture network user passwords?

Data diddling

Sniffing

Spoofing

Smurfing

54. What is generally concerned with personnel security?

Management controls

Operational controls

Technical controls

Human resources controls

55. What is the action to make sure that your security policy is being enforced through the use of procedures and standards?

Due care

Due concern

Due diligence

Due practice

56. Computer center fires are generally caused by:

AC equipment

Electrical distribution systems

Heating systems

Natural causes

57. Which one uses a key of the same length as the message?

Running key cipher

One-time pad

Steganography

Cipher block chaining

58. Which of the following is not an Access Control techniques?

Relevant Access Controls

Discretionary Access Control

Mandatory Access Control

Lattice Based Access Control

59. Which of the following is not of VPN protocol standards?

L2TP (combination of PPTP and L2F)

L2TP and PPTP

L2PP

PPTP

60. While deciding on implementing a new biometric system which of the following characteristics is of prime concern?

Accuracy

Storage

Speed

Reliability

61. Business continuity plan development is based mostly on:

Directives of Senior Management

Business Impact Analysis (BIA)

BCP Team

Skills of BCP committee

62. Which of the following is an advantage to security guards?

Human judgment

Flexibility

Roaming

All of the choices

63. Preventive control includes:

Motion detectors

Guard dogs

Audit logs

Intrusion detection systems

64. What is comparatively least responsible for the downtime?

Hardware failure

Natural disaster

Human error

Software failure

65. Which of the following can be considered as bad practice when it comes to secure information processing facilities?

Walls should have an acceptable fire rating.

Windows should be protected by bars.

Doors must resist forcible entry.

Location and type of fire suppression systems should be known.

66. What is another name for the Orange Book?

The Trusted Computer System Evaluation Criteria (TCSEC)

The Trusted Computing Base (TCB)

The Information Technology Security Evaluation Criteria (ITSEC)

The Common Criteria (CC)

67. During which phase of SDLC should Security and access controls be incorporated?

Coding

Product design

Software plans and requirements

Detailed design

68. Which of the following model provides foundation for specifying and analyzing an integrity policy for a computing system?

The Biba model

The Bell-LaPadula model

The Clark-Wilson model

The information flow model

69. Which of the following is not an example of auditing tools?

Filesystem integrity checking

Configuration checking

Log analyzers

Orange book

70. The two types of ciphers are:

Transposition and Permutation

Transposition and Shift

Transposition and Substitution

Substitution and Replacement

71. Cat5 and Cat6 Categories are examples of

Coaxial cables

Fiber Optic cables

Axial cables

Twisted Pair cables

72. When the cost of the countermeasures outweighs the cost of the risk, the best way to handle the risk is:

Reject the risk

Transfer risk

Accept the risk

Reduce the risk

73. Clipping levels refers to:

Setting Allowable Thresholds On A Reported Activity

Limiting Access To Top Management Staff

Limiting User Authority Limits Based On Need-To-Know Basis

Setting Encryption Of Data

74. What are Two types of integrity?

Data integrity and system integrity

Data integrity and personnel integrity

Data integrity and server integrity

Network integrity and system integrity

75. Which of the following term is another name for VPN?

Tunnel

One-Time Password

Pipeline

Bypass

76. What addresses situations where users need to log on multiple times to access different resources?

Single Sign-On (SSO) systems

Dual Sign-On (DSO) systems

Double Sign-On (DS0) systems

Triple Sign-On (TSO) systems

77. Which of the following recovery strategies is difficult to implement?

Hot Site

Warm site

Duplicate information processing facilities

Reciprocal agreement

78. Why using two routers connect your trusted internal LAN to your DMZ is not considered a good design?

Network congestion might cause the routers to pass data from your private network through

the demilitarized zone

This provides attackers with multiple paths to access your trusted network

There is a substantial increase in cost with only a nominal increase in security

79. Most of the time, computer-generated evidence is considered as:

Best evidence

Second hand evidence

Demonstrative evidence

Direct evidence

80. IPv4 address is:

32 bits long

64 bits long

128 bits long

16 bits long

81. Evidence like printed business records, manuals, and, printouts are classified as:

Direct evidence

Real evidence

Documentary evidence

Demonstrative evidence

82. To be admissible in court the evidence must be:

Relevant

Annotated

Printed

Clear

83. Active attack includes:

Traffic analysis

Masquerading

Eavesdropping

Shoulder surfing

84. Which of the following statements is not true about Trade secrets?

For a company to have a resource qualify as a trade secret, it must provide the company with some type of competitive value or advantage

The Trade Secret Law normally protects the expression of the idea of the resource.

Many companies require their employees to sign nondisclosure agreements regarding the protection of their trade secrets

A resource can be protected by law if it is not generally known and if it requires special skill, ingenuity, and/or expenditure of money and effort to develop it

85. Executives of any organization can be held liable for losses that result from computer system breaches as per the principle of culpable negligence if:

They have not exercised due care protecting computing resources

The company is not registered

The company is multinational

The company does not prosecute the hacker that caused the breach

86. Decompiling vendor code is a form of:

Inverse Engineering

Backward Engineering

Subvert Engineering

Reverse Engineering

87. The primary functions of an operating system includes

Process management, access management

Resource management, communication management

Event management

All of the choices

88. Which one is fraudulent use of telephone services?

Warzing

Wardriving

Wardialing

Phreaking

89. A connection-orientated protocol is------

UDP

TCP

ICMP

90. In which network topology uses a three byte frame that travels around ring?

Broadband

Star

Tree

Token

91. A commercial application of steganography that is used to identify documents or verify their authenticity is ----

A digital checksum

A MD5 hash

A digital signature

A watermark

92. Job rotation is important because:

It increases productivity

It increases job satisfaction

It reduces the opportunity for fraud

None of the above

93. What is ARP poisoning?

Inserting a bogus IP and MAC address in the ARP table

A denial of service that uses the DNS death ping

Poisoning DNS records

Flooding of a switched network

94. Which of the following management type focuses on establishing and maintaining consistency of a system's or product's performance and its functional and physical attributes with its requirements, design, and operational information throughout its life?

Configuration Management

Change management

Issue management

Problem management

95. Security class is also known as:

Control factor

Security label

Mandatory number

Serial ID

96. Allowing access to resources based on permitted IP addresses is definition of:

MAC

ACL

DAC

None of the choices

97. Access control model is:

A formal description of access control ID specification.

A formal description of security policy.

A formal description of a sensibility label.

None of the choices.

98. Which of the following biometrics can last for lifetime?

Iris pattern

Voice pattern

Signature dynamics

Retina pattern

99. Which are the two major factors to measure biometric performance?

FRR and FAR

FAC and ERR

IER and FAR

FRR and GIC

100. Which of the following is most important while selecting a biometric system for securing critical assets?

FAR

FRR

ARO

MAD

101. Installing malicious software on the system to allow future backdoor access, leads to violation of the---------- integrity

Data

System

User

Network

102. In which biometric system Dwell time and flight time metrics are used?

Keyboard dynamics

Signature dynamics

Gait

Voice print

103. A confidential number to verify a user's identity is

userid

password

challenge

104. Which of the following is a major security issue in memory card?

High cost to develop.

High cost to operate.

Physically infeasible.

Easy to counterfeit.

105. Which protocol provides centralized Authentication, Authorization, management for systems to connect and use a network service?

IPSec

RADIUS

L2TP

PPTP

106. What addresses the protection of computers and components from EMI and RF emissions?

TEMPEST

ISO 9000

Hardening

IEEE 802.2

107. Ethernet LAN in a bus topology is prone to unauthorized disclosure than switched Ethernet in a star topology because

IEEE 802.5 protocol for Ethernet cannot support encryption.

Ethernet is a broadcast technology.

Star connections are highly multiplexed.

TCP/IP is an insecure protocol

108. How many password combinations are possible when a system uses a numeric password with 1-4 digits?

1024

10000

100000

1000000

109. To carry out dictionary attack the attacker need not have:

access to the target system.

read access to the password file.

write access to the password file.

the password encryption mechanism and key variable.

110. The cost of an exhaustive attack can be increased by:

Increasing the age of a password.

Increasing the length of a password.

None of the choices.

Increasing the history of a password.

111. Which attack involves faking someone's identity?

Fraggle

Social engineering

Spoofing

Teardrop

112. Mandatory Access Control can be considered as:

Opportunistic

Prohibitive

Preventive

Permissive

113. Under MAC, which of the following is true?

All that is expressly permitted is forbidden.

All that is not expressly permitted is forbidden.

All that is not expressly permitted is not forbidden.

None of the choices

114. What can provide for required backup computing capacity through a hot site or a cold site?

A dial-up services program.

An off-site storage replacement.

An online backup program.

random backups

115. What is backup of all files that are new or modified since the last full backup?

Incremental backup

Online backup

Differential backup

Full backup

116. Which virus type changes some of its characteristics as it spreads?

boot sector

parasitic

stealth

polymorphic

117. Which virus can infect both program files and boot sectors?

Polymorphic

Multipartite

Stealth

boot sector

118. Why are macro viruses are very easy to create?

Macro virus infects lot of applications

The underlying language is simple and intuitive to apply.

Only a few assembler instructions are needed to do damage.

Office templates are fully API compliant

119. Security issues related to Java applets include:

Their transport can interrupt the secure distribution of World Wide Web pages over the Internet by removing SSL and S-HTTP

Java interpreters do not provide the ability to limit system access that an applet could have on a client system

Executable from the Internet may attempt an intentional attack when they are downloaded on a client system

Java does not check the bytecode at runtime or provide other safety mechanisms for program isolation from the client system.

120. Media reuse posses security threat of:

Degaussing

Data remanence

Media destruction

Purging

121. When IDS detects Internet Protocol (IP) packets whose source address is the same as the IP destination address, it should:

Allow the packet to be processed by the network and record the event.

Record selected information about the item and delete the packet.

Resolve the destination address and process the packet.

Translate the source address and drop the packet.

122. When any intrusion is detected what should be your first step?

Eliminate all means of intruder access

Contain the intrusion

Determine to what extent systems and data are compromised

Communicate with relevant parties

123. Which of the following technique is generally not used for monitoring purposes?

Penetration testing

Intrusion detection

Violation processing

Countermeasures testing

124. Network Intrusion Detection System (NIDS) includes all except:

Recognizes and report alterations to data files

Detects intruders attempting unauthorized activities.

Determines the source ip of incoming packets

Alerts to known intrusion patterns.

125. What monitors network traffic in real time?

network-based IDS

host-based IDS

application-based IDS

firewall-based IDS

126. Which of the following parameter establishes a baseline or threshold for violation activities for user errors?

Quantity baseline

Maximum log size

Circular logging

Clipping levels

127. What determines the period of time logs should be maintained?

Administrator preferences.

MTTR

Retention polices

MTTF

128. Which of the following enables applications to share data by providing IPIt is based on the client/server model and enables two programs to send commands to each of them directly?

DDE

OLE

ODBC

DCOM

129. Which of the following is not an spam blocking architecture?

Email server based

Client based

Appliance based

Mail blocking service

130. Major security issue related to aggregation in a database is:

Polyinstantiation

Inference

Partitioning

Data swapping

131. Which of the following is not a countermeasure for Object Reuse?

Server Virtualization

Antispam

Developer training

Application Isolation

132. Which of the following entities has characteristics of reusing code and reduced maintenance?

Object-Oriented Data Bases (OODB)

Object-Relational Data Bases (ORDB)

Relational Data Bases

Data Base management systems (DBMS)

133. Which of these is not a best practice in data warehousing?

Monitoring summary tables for regular use.

Controlling meta data from being used interactively.

Monitoring the data deletion plan.

Reconciling data moved between the operations environment and data warehouse

134. Once a Change is approved it should be

Audited to verify intent.

Tested to ensure correctness.

Implemented into production systems.

Within established performance criteria.

135. Which of the following control is required in an application, which process incentives for employees such that the incentive for any one employee cannot exceed $500?

sequence check

check digit

limit check

record check

136. The primary step in SDLC is:

Cost-benefit analysis

System design review

Executive project approval

Project status summary

137. Buffer overflow and boundary condition errors are examples of:

Race condition errors

Access validation errors

Exceptional condition handling errors

Input validation errors

138. In which of the following RAID level, the drive array continues to operate even if any disk or any path to any disk fails?

RAID Level 7

RAID Level 1

RAID Level 3

RAID Level 5

139. Ideally, usernames should be?

Non-descriptive

Descriptive

Same as user's name

None of the above

140. If you are an information security manager for a company ABC Inc. with a human resources database, which of the following you may be authorized to view ?

Accounts data

Own data

CEO salary

Business data

141. MAC systems are usually focused on preserving the --------- of data.

Confidentiality

Integrity

Availability

None of the above

142. Which of the following statements highlight the importance of Job rotation?

All of the choices.

Reduces monotony for employees

Protects organization against fraud.

Gives cross functional training to employees.

143. Which of the following is not a data destruction method?

Degaussing

Wiping

Shredding

TEMPEST

144. In the context of Information security, the records management includes all except?

Data Classification

Data Destruction

Backups

None of the choices

145. Which one is not an example of an operation control?

Backup and recovery

Audit trails

Contingency planning

Operations procedures

146. Which of these is not a detective technical control?

Intrusion detection system

Violation reports

Honeypot

None of the choices

147. Which one is not considered a technical control?

Access Control software

Man trap

Passwords

Antivirus Software

148. Fencing of ------------- can stop a determined intruder.

3' to 4' high

6' to 7' high

8' high and above with strands of barbed wire

No fence can stop a determined intruder

149. Which one is not a physical control for physical security?

Lighting

Fences

One time pad

Facility construction materials

150. Motion detector is an example of:

Corrective Logical Controls.

Logical Physical Controls.

Corrective Physical Controls.

Detective Physical Controls.

151. What is the major advantage of Dry Pipe System?

it minimizes chances of accidental discharge of water

It maximizes chances of accidental discharge of water

It is a substitute for carbon dioxide systems

It uses less water than 'wet pipe' systems

152. Which incident is characterized by obtaining an increased level of privilege?

Worm

Denial of service

Compromise

Scanning

153. Technologies used to store firmware includes

PROM (Programmable Read-Only Memory)

EPROM (Erasable Programmable Read-Only Memory)

EEPROM (Electrically Erasable Programmable Read-Only Memory)

All of the choices.

154. Which of the following causes Injection attacks?

Abort

Arbitrary code execution

Elevation of privileges

Incorrect filtering of user input

155. Why Log files should not be deleted?

An incident may not be discovered for several days and valuable evidence could be lost.

Disk space is cheap and log files are used frequently.

Log files are protected and cannot be altered.

Any information in a log file is useless after it is several hours old.

156. Ethics are:

Mandatory actions required to fulfill job requirements

Professional standards of regulations

Regulations set forth by a professional organization

Rules of personal behavior

157. According to RFC 1087, 'Ethics and the Internet,' which of the following statement is considered unethical?

Actions that compromise the privacy of classified information

Actions that compromise the privacy of users

Actions that disrupt organizational activities

Actions in which a computer is used in a manner inconsistent with a stated security policy

158. The first law to implement penalties for the creators of viruses, worms, and other types of malicious code that cause harm to computer system is ------

Computer Security Act

National Infrastructure Protection Act

Computer Fraud and Abuse Act

Electronic Communications Privacy Act

159. Which law requires mandatory periodic training for all persons involved in the management, use, or operation of federal computer systems that contain sensitive information?

Computer Security Act

National Infrastructure Protection Act

Computer Fraud and Abuse Act

Electronic Communications Privacy Act

160. Which law consist of the policies, procedures, and regulations promulgated by agencies of the executive branch of government?

Criminal law

Common law

Civil law

Administrative law

161. Which of these is not a deterrent control?

Signs

Guards

Antivirus

Barbed wire and razor wire

162. Examples of data remanence includes all except?

Deleted hard drive files

Data on slack space

Erased hard drive files

Discarded monitors

163. Which type of protection is best suited for a unique computer program developed?

Trademark

Patent

Trade Secret

164. The law that prevents government agencies from disclosing personal information that an individual supplies to the government under protected circumstances is -----

Privacy Act

Electronic Communications Privacy Act

Health Insurance Portability and Accountability Act

Gramm-Leach-Bliley Act

165. Which are not a valid reason for processing personal information, as defined by the European Union privacy directive?

Contract

Legal obligation

Marketing needs

Consent

166. What must be either uniquely identified by a witness or authenticated through a documented chain of custody?

Documentary evidence

Testimonial evidence

Real evidence

Hearsay evidence

167. Which of the following rules states that a written contract is assumed to contain all of the terms of an agreement?

Material evidence

Best evidence

Parol evidence

Relevant evidence

168. Which one test fully evaluates operations at the backup facility but does not shift primary operations responsibility from the main site?

Structured walk-through

Simulation

Full-interruption

Parallel

169. Fastest backup restoration time is provided by combination

Full backups and differential backups

Partial backups and incremental backups

Full backups and incremental backups

Incremental backups and differential backups

170. Fastest backup creation time is provided by combination

Full backups and differential backups

Partial backups and incremental backups

Full backups and incremental backups

Incremental backups and differential backups

171. Which backup involves always storing copies of all files modified since the most recent full backup?

Differential

Incremental

Partial

Full

172. What can be used to protect an organization against the failure of a critical software firm to provide appropriate support for their products?

Full backups

Differential backups

Incremental backups

Software escrow agreement

173. What type of document provides a high-level view of the entire organization's disaster recovery efforts?

Executive summary

Technical guides

Department-specific plans

Checklists

174. Which of the following statements does not describe Business Continuity Planning and Disaster Recovery Planning?

Business Continuity Planning is focused on keeping business functions uninterrupted when a disaster strikes

Organizations can choose whether to develop Business Continuity Planning or Disaster Recovery Planning plans.

Business Continuity Planning starts after Disaster Recovery Planning leaves off

Disaster Recovery Planning guides an organization through recovery of normal operations at the primary facility

175. Which industry made drastic changes in DRP/BCP activities after September 11, 2001 terrorist attacks?

Insurance

Banking

Tourism

Airline

176. Disaster Recovery Planning's objective is:

Preventing business interruption

Setting up temporary business operations

Restoring normal business activity

Minimizing the impact of a disaster

177. Access to audit reports be controlled and restricted because:

They contain copies of confidential data stored on the network.

They contain information about the vulnerabilities of the system.

They are useful only to upper management.

They include the details about the configuration of security controls

178. Which of the following is not a preventive control?

Firewalls

Encryption.

Log

Bollards

179. Audit trails are ------ type of security controls.

Preventive

Corrective

Passive

Active

180. Failure of which of the following can result in the perception that due care is not being maintained?

Periodic security audits

Deployment of all available safeguards

Performance reviews

Creating audit reports for shareholders

181. Which of the following factor determines the frequency of Information security audit in any given environment?

Asset value

Management discretion

Risk

Level of realized threats

182. What records lists actions that have occurred on a system?

Security policies

Log files

Audit reports

Incident management

183. Monitoring cannot be used to:

Detect availability of new software patches

Detect malicious actions by subjects

Detect attempted intrusions

Detect system failures

184. An examination of the management controls within an IT infrastructure is-------

Violation Analysis

Auditing

Risk analysis

Risk treatment

185. Calculate Single Loss Expectancy (SLE) for Jet Industries which expects that it would lose $40 million, if flash floods struck its aircraft operations facility.

0.04

40000000

400000

0.4

186. Which of the following is difficult to measure in quantitative analysis in BIA?

Loss of a office building

Damage to a car

Negative publicity

Power outage

187. When designing continuity plan provisions and processes what should be protected first?

Building

Infrastructure

Financial records

Human Life

188. Which of the following task of BCP bridges the gap between the BIA and the Continuity Planning phases?

Resource prioritization

Likelihood assessment

Strategy development

Provisions and processes

189. Intangible concerns, such as loss of brand value are dealt in which BIA process?

Continuity strategy

Quantitative analysis

Likelihood assessment

Qualitative analysis

190. Longest time a business function can be unavailable without causing irreparable harm to the organization is known as?

SLE

MTD

ARO

191. Which of the following should be used to assign quantitative values to assets in the priority identification phase of the BIA?

Monetary

Utility

Importance

Time

192. Which of the following resource is utilized most during the BCP phase?

Hardware

Software

Processing time

Personnel

193. Which of the following states the responsibility of senior management to ensure safety and protection of their resources during any disaster?

Corporate responsibility

Disaster requirement

Due diligence

Going concern responsibility

194. Activities that require special access to be performed within a secured IT environment are:

Privileged operations functions

Logging and auditing

Maintenance responsibilities

User account management

195. One of the effective means of preventing and detecting the installation of unauthorized application is:

Workstation change

Separation of duties

Discretionary access control

Job responsibility restrictions

196. Antivirus protection is best implemented by

Multiple solutions on each system

A single solution throughout the organization

Concentric circles of different solutions

One-hundred-percent content filtering at all border gateways

197. Who needs to be informed, when records about their activities on a system are being recorded and retained?

Administrators

Normal users

Temporary guest visitors

Everyone

198. What should be used in areas where technical controls cannot be used to control virus infections?

Security baselines

Awareness training

Traffic filtering

Network design

199. More vulnerabilities like virus infections are added to the system by

Length of time the system is operating

The classification level of the primary user

Installation of software

Use of roaming profiles

200. Which of the following correctly describes IPsec?

All possible security classifications for a specific configuration

A framework for setting up a secure communication channel

The valid transition states in the Biba model

TCSEC security categories

201. Which one of the following is an insecure encryption algorithm?

El Gamal

RSA

Skipjack

Merkle-Hellman Knapsack

202. Certificate Revocation List has the major disadvantage of:

Key management

Latency

Record keeping

Vulnerability to brute force attacks

203. What was created to support the use of stored-value payment cards?

SET

IPsec

MONDEX

PGP

204. Which attack depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations?

Birthday

Chosen ciphertext

Meet-in-the-middle

Man-in-the-middle

205. Which one of the following Data Encryption Standard (DES) operating modes has better error correcting codes?

Cipher Block Chaining (CBC)

Electronic Codebook (ECB)

Cipher Feedback (CFB)

Output Feedback (OFB)

206. For a secure two-way communications using asymmetric key cryptography what is the minimum number of cryptographic keys required?

One

Two

Three

Four

207. The different types of Cryptanalysis includes all Except

Differential

Linear

Integral

Spherical

208. The cipher which operates on large pieces of a message rather than individual bit of a message is known as:

Stream cipher

Caesar cipher

Block cipher

ROT3 cipher

209. What is the only cryptosystem not vulnerable to attacks if correctly implemented?

Transposition cipher

Substitution cipher

Advanced Encryption Standard

One-time pad

210. What type of cipher relies on variety of techniques to reorder the characters within a message?

Stream cipher

Transposition cipher

Block cipher

Substitution cipher

211. What is the length of cryptographic key in Digital Encryption Standard (DES)?

56 bits

128 bits

192 bits

256 bits

212. Best countermeasure against new threats of malicious code objects exploiting known vulnerabilities is to:

Update antivirus definitions monthly

Install anti-worm filters on the proxy server

Apply security patches as they are released

Prohibit Internet use on the corporate network

213. Which viruses modify their own code each time they infect a system?

Polymorphism

Stealth

Encryption

Multipartitism

214. Which attack relies upon the timing of the execution of two events?

Smurf

TOCTTOU

Land

Fraggle

215. Standard TCP/IP handshaking process has how many phases?

One

Two

Three

Four

216. What is the size of the Master Boot Record on a system?

256 bytes

512 bytes

1,024 bytes

2,048 bytes

217. Which of the following terms is not used to describe the main RAM of a typical computer system?

Nonvolatile

Sequential access

Real memory

Primary memory

218. The key used to enforce referential integrity between database tables.

Candidate

Primary

Foreign

Super

219. Which of the following provides access control based on value of an attribute of the object?

Content-dependent

Context-dependent

Semantic integrity mechanisms

Perturbation

220. Which DBMS primarily supports the establishment of many-to-many relationships?

Relational

Hierarchical

Mandatory

Distributed

221. The software program that acts on behalf of a user in their absence to carry out certain operations is known as

Agent

Worm

Applet

Browser

222. What is the most probable malicious code object that might be inserted in an application by a disgruntled software developer with the purpose of destroying system data upon the deletion of the developer's account?

Virus

Worm

Trojan horse

Logic bomb

223. Which of the following is not a routing protocol?

OSPF

BGP

RPC

RIP

224. Which of these is not a feature of firewalls?

They are able to log traffic information.

They are able to block viruses.

They are able to issue alarms based on suspected attacks.

They are unable to prevent internal attacks.

225. Which type of firewalls block unauthorized users and activities by examining source and destination address, application usage, source of origin, and the relationship between current packets with the previous packets of the same session?

Static packet-filtering

Application-level gateway

Statefull inspection

Circuit-level gateway

226. Example of a connectionless protocol is:

TCP

UDP

FTP

227. A TCP wrapper is:

An encapsulation protocol used by switches

An application that can serve as a basic firewall by restricting access based on user IDs or system IDs

A security protocol used to protect TCP/IP traffic over WAN links

A mechanism to tunnel TCP/IP through non-IP networks

228. Which of the following cables has the most twists per inch?

STP

UTP

100Base-T

1000Base-T

229. Which of the following cable types is the least resistant to EMI?

Thinnet

10Base-T UTP

10Base5

Coaxial cable

230. Layer 6 of the OSI model is

Presentation

Network

Data Link

Transport

231. Physical access controls cannot prevent:

Piggybacking

Espionage

Masquerading

Abuse

232. What is not a typical type of alarm that can be triggered for physical security.

Preventative

Deterrent

Repellant

Notification

233. Which of the following type of detector can detect variations in electrical or magnetic field around any object?

Wave

Photoelectric

Heat

Capacitance

234. The most popular and inexpensive form of physical access control device is:

Lighting

Security guard

Key lock

Fences

235. The most common reason of failure for a water-based fire suppression system is attributed to:

Water shortage

Human error

Ionization detectors

Placement of detectors in drop ceilings

236. For an organization a critical application must always:

Remain operational for the organization to survive.

Undergo code review

Undergo regular risk assessments

Monitored by developers

237. Information classification systems has a major limitation of:

Limiting the number of classifications.

Generating internal labels on diskettes.

Declassifying information when appropriate.

Establishing information ownership.

238. Security policy does not include:

Definition of the issue and statement of relevant terms.

Statement of roles and responsibilities

Statement of applicability and compliance requirements.

Statement of performance of characteristics and requirements

239. Which of the following is important characteristics of information security policy?

Requires the identification of information owners

Quantifies the effect of the loss of the information.

Identifies major functional areas of information

Lists applications that support the business function

240. Which one has the major function of ensuring the integrity of business information?

Encryption Security

Procedural Security.

Logical Security

On-line Security

241. Which of the following is not required to maintain server room in most efficient and secured way?

It must be human compatible.

It must include the use of non-water fire suppressants.

The humidity must be kept between 40 and 60 percent.

The temperature must be kept between 60 and 75 degrees Fahrenheit

242. Which of the following perimeter defining choices is most commonly used as deterrent for casual trespassers?

Gates

Fencing

Security guards

Motion detectors

243. What is the most common form of perimeter security devices or mechanisms?

Security guards

Fences

CCTV

Lighting

244. Types of Input Attacks includes

Buffer overflow

SQL injection

Cross-site scripting (XSS)

All of the choices.

245. What is true about the padded cells?

The data offered by the padded cell is what originally attracts the attacker.

Padded cells are a form of entrapment.

The intruder is seamlessly transitioned into the padded cell once they are detected.

Padded cells are used to test a system for known vulnerabilities.

246. What is a trial and error method to obtain password for user accounts by using different combination of characters?

Brute force attack

Spoofing attack

Man-in-the-middle attack

Denial of service attack

247. A system can be protected from Brute force and dictionary attacks by all except:

Enforce strong passwords through a security policy.

Maintain strict control over physical access.

Require all users to log in remotely.

Use two-factor authentication

248. What is not a denial of service attack?

Teardrop

Smurf

Ping of death

Spoofing

249. A SYN flood attack can be carried out by

Exploiting a packet processing glitch in Windows 95

Using an amplification network to flood a victim with packets

Exploiting the three-way handshake used by TCP/IP

Sending oversized ping packets to a victim

250. Which of the following is responsible for setting user clearances to computer-based information?

Operators

Data owners

Security administrators

Data custodians

{{ seconds | secondsToDate | date:'HH:mm:ss'}} Time remaining

NOTE

All test progress will be lost in case you close the browser without finishing the test. Please finish the test to access your results.

Pause

Explanations

Questions

Correct Answers

%Correct Answers

1. Which attack is used to understand the type of network topology implemented at the target?

Scanning

Land

Teardrop

Spoofing

Explanation:

Answer: (a) Scanning is done to understand the type of network topology implemented at the target

2. The opposing forces to Confidentiality, Integrity, and Availability are:

Disclosure, alteration, and destruction

Disclosure, alteration, and detection

Degaussing, alteration, and destruction

Disclosure, detection, and destruction

Explanation:

Answer: (a) Disclosure, alteration, and destruction (DAD) are opposite to CIA

3. The primary goal of a security awareness program is:

A platform for disclosing exposure and risk analysis

To make everyone aware of potential risk and exposure

Platform for disclosing exposure and risk analysis.

A way for communicating security procedures

Explanation:

Answer: (b) The primary goal of a security awareness program is to make everyone aware of potential risk and exposure

4. Theft of Personally Identifiable Information (PII), such as credit card information is an example of which type of attack?

Integrity

Authenticity

Confidentiality

Availability

Explanation:

Answer: (c)Theft of personally identifiable information (PII), such as credit card information is an example of confidentiality attack

5. Ensuring -------- includes preventing denial-of-service attacks.

Availability

Authenticity

Confidentiality

Integrity

Explanation:

Answer: (a) Ensuring availability includes preventing denial of service attacks.

6. Which of the following information security policies are violated in most computer attacks?

Availability

Confidentiality

Integrity and control

All of the choices

Explanation:

Answer: (d) usually Computer attacks result in violation of only four different security properties: availability, confidentiality, integrity, and control

7. The Health Insurance Portability and Accountability Act (HIPAA), requires that medical providers keep which information private?

Medical

Personal

Personal and medical

Insurance

Explanation:

Answer: (c)The Health Insurance Portability and Accountability Act (HIPAA), requires that medical providers keep Personal and medical information of their patients private.

8. Fault tolerance safeguards help us to combat threats to -----------

Design backbone

Online backups

Design countermeasures

Data reliability

Explanation:

Answer: (d) Fault tolerance safeguards help us to combat threats to data reliability. In other words reliability is increased by fault tolerance.

9. What is the term used to describe a component, which in case of failure automatically responds in way that causes no or minimum harm?

Fail open

Fail safe

Fail proof

Fail resilient

Explanation:

Answer: (b) Failsafe

10. Which one of the following is a major part of Trusted Computer Base?

The software

The security subsystem

The operating system software

The reference monitor

Explanation:

Answer: (d) The reference monitor or security kernel is the core of the TCB and is the most commonly used approach to build trusted computing systems

11. Who mediates all access relationship between subjects and objects of a system?

Firewall

Reference kernel

Security kernel

Information flow model

Explanation:

Answer: (c) The Security Kernel mediates all access relationship between subjects and objects of a system

12. Which operating system allows multiple users to access a computer system at the same time?

Multi User

Multi Tasking

Multi Processing

Multi Threading

Explanation:

Answer: (a) A Multi User operating system allows multiple users to access a computer system at the same time

13. What provides network link redundancy?

Mirroring

Shadowing

Dual backbones

Duplexing

Explanation:

Answer: (c) Dual backbones provides network link redundancy.

14. When a computer uses more than one CPU in parallel to execute instructions it is known as -------------.

Multiprocessing

Multitasking

Multithreading

Parallel running

Explanation:

Answer: (a) When a computer uses more than one CPU in parallel to execute instructions it is known as Multiprocessing

15. Which of the following questions employees should desist from answering to outsiders?

What are the actions that need to be performed in case of a disaster?

Where is the organization training and awareness policy defined?

Who is involved in establishing the security policy?

Who is responsible for monitoring compliance to the organization security policy?

Explanation:

Answer: (a) The employees should desist from answering to outsiders, any questions about disaster recovery procedures . Only people working in the company and with a role inside it should know about those procedures as the information is of private nature.

16. Which attack involves an employee shaving off pennies from multiple accounts and depositing the funds into his own bank account?

Data fiddling

Data diddling

Brute force

Salami

Explanation:

Answer: (d) Salami attack involves an employee shaving off pennies from multiple accounts and depositing the funds into his own bank account.

17. One method to simplify the administration of access controls is to group it in

Subjects and Objects

Capabilities and privileges

Programs and access

Superuser and user

Explanation:

Answer: (a) One method to simplify the administration of access controls is to group it in subjects and objects

18. Cryptography does not answer the concerns of:

Availability of information

Integrity of information

Confidentiality of information

Authenticity of information

Explanation:

Answer: (a) Cryptography does not answer the concerns of availability of the information

19. Insiders are mostly responsible for kind of attack

IP spoofing

Password sniffing

Data diddling

Denial of Service (DOS)

Explanation:

Answer: (c) Insiders are mostly responsible for Data diddling(Modification of data)

20. You are using RAID 5 for fault tolerance, if one of the disks in it becomes corrupted, when can you take it out?

System is up and running

System is down and running

System is in-between and running

System is idle and running

Explanation:

Answer: (a) Since RAID 5 uses parity to provide fault tolerance through the array, once of the disks in it can become corrupted, and you usually can just take it out without turning off the system (Hot SWAP) and plug a spare disk on the bay

21. Which function specifies access rights to resources?

Identification

Authorization

Authentication

Accounting

Explanation:

Answer: (b) Authorization specifies the access rights to resources

22. Which method provides a baseline for our system to Restore?

Full backup method

Incremental backup method

Differential backup method

Tape backup method

Explanation:

Answer: (a) 'Full' backup method provides a baseline for our systems to Restore; the full backup must be done at least once regardless of the method you are using to make backups.

23. What states that a process, a user or a program must be able to access only the information and resources that are necessary to perform its authorized task?

Principle of aggregate privilege

Principle of all privilege

Principle of effective privilege

Principle of least privilege

Explanation:

Answer: (d) The principle of least privilege states that a process, a user or a program must be able to access only the information and resources that are necessary to perform its authorized task.

24. Which of the following is not included in ISC2 Code of Ethics?

Protect society, the commonwealth, and the infrastructure.

Act honorably, honestly, justly, irresponsibly, and illegally

Provide diligent and competent service to the principals

Advance and protect the profession

Explanation:

Answer: (b) This is not one of the statements of the ISC2 code of Ethics

25. Orange Book is based on which one of the following models?

Bell-LaPadula

Biba Model

Clarke Wilson

Tempest

Explanation:

Answer: (a) Orange Book is based on Bell-LaPadula. Using mathematics and set theory, the model precisely defines the notion of secure state, fundamental modes of access, and the rules for granting subjects specific modes of access to objects.

26. Why debugging programs are used?

To create random data that can be used to test programs before implementing them

To ensure that program coding flaws and bugs are detected and corrected.

To check the functionality of program

To compare source code versions before transferring to the test environment.

Explanation:

Answer: (b) Debugging programs are used to ensure that program coding flaws and bugs are detected and corrected. A bug is a coding error in a computer program. The process of finding bugs before program final users is called debugging.

27. At which layer of OSI model encryption is not possible?

Network layer

Physical layer

Session layer

Data link layer

Explanation:

Answer: (b) You cannot encrypt anything at physical layer because its physical, it is not protocol / software base Network, Data link and transport layer supports encryption.

28. Which DES modes can best be used for authentication?

Cipher Block Chaining and Electronic Code Book.

Cipher Block Chaining and Output Feedback.

Output Feedback and Electronic Code Book.

Cipher Block Chaining and Cipher Feedback.

Explanation:

Answer: (d) Cipher Block Chaining and Cipher Feedback can be best used to provide user authentication capabilities.

29. Which security model is dependent on security labels?

Discretionary access control

Label-based access control

Mandatory access control

Non-discretionary access control

Explanation:

Answer: (c) With mandatory controls, only administrators and not owners of resources may make decisions that bear on or derive from policy. This kind of access control method is based on Security labels.

30. Which firewall inspects the state and context of the incoming data packets, and helps to track the connectionless protocols?

First generation firewall systems

Second generation firewall systems

Third generation firewall systems

Fourth generation firewall systems

Explanation:

Answer: (c) Statefull inspection is a third generation firewall technology designed to be aware of, and inspect, not only the information being received, but the dynamic connection and transmission state of the information being received

31. Which RAID Level technique creates exact copy (or mirror) of a set of data on two disks?

RAID 1

RAID 4

RAID 2

RAID 3

Explanation:

Answer: (a) RAID 1 technique creates exact copy (or mirror) of a set of data on two disks

32. A server cluster looks like a

Single server from the user's point of view

Dual server from the user's point of view

Tripe server from the user's point of view

Quadrille server from the user's point of view

Explanation:

Answer: (a) From the users view, a cluster is a single server, but its only a logical one, you can have an array of 4 server in cluster all with the same IP address there is no difference for the client.

33. Why would a database be denormalized?

To ensure data integrity

To increase processing efficiency

To prevent duplication of data

To save storage space

Explanation:

Answer: (b) Denormalization is the process of attempting to optimize the performance of data storage by adding redundant data. Once the database is denormalized it increases processing efficiency.

34. Managers of which department are ideal of development of information security policy for a large organization?

Business operations

Information Technology

Purchase

Human Resource

Explanation:

Answer: (a)Managers of Business operation department are ideal since they know the in and out of the business processes inside the company

35. Why does buffer overflows?

Because buffers can only hold so much data.

Because input data is not checked for appropriate length at time of input.

Because they are an easy weakness to exploit.

Because of insufficient system memory.

Explanation:

Answer: (d) Buffer overflows are the most common type of DoS attack. Here, an attacker sends more data than the application's buffer can hold. When the amount of data exceeds the buffer size, the extra data overflows under the stack, often causing the application or the whole system to crash. In some cases, the data can be carefully crafted to include machine code that will execute when it overflows onto the stack.

36. Which type of firewall can be used to track connectionless protocols such as UDP and RPC?

Statefull inspection firewalls

Packet filtering firewalls

Application level firewalls

Circuit level firewalls

Explanation:

Answer: (a) Statefull inspection firewalls provides tracking support for connectionless protocols through the use of session state databases.

37. E-mail directory should not have this as a best practice?

Drafts of documents.

Copies of documents.

Permanent documents

Temporary documents

Explanation:

Answer: (c) Its not a good practice to have Permanent documents in your e-mail, because you don't know if your mail is always backed up, and maybe the document must be available in a corporate repository.

38. Which of the following should be used for IPsec to work in gateway-gateway or host-gateway mode?

Only tunnel mode can be used

Only transport mode can be used

Encapsulating Security Payload (ESP) authentication must be used

Both tunnel and transport mode can be used

Explanation:

Answer: (c) Encapsulating Security Payload (ESP) authentication must be used. ESP is a header that when its added to an IP datagram, protects the confidentiality, integrity and authenticity of the data

39. Which of the following phase requires the involvement of Information Security Analyst?

System requirements definition

System design

Program development

Program testing

Explanation:

Answer: (a) The System Requirements definition phase of the development life cycle is the most influenced by a Security analyst, because in this phase all the requirements, including security ones, of the system to be development are set.

40. Security Controls are implemented to?

Eliminate risk and reduce the potential for loss

Mitigate risk and eliminate the potential for loss

Mitigate risk and reduce the potential for loss

Eliminate risk and the potential for loss

Explanation:

Answer: (c) Controls are put in your environment to minimize the impact of a potential loss, with them you can also mitigate the risk.

41. One advantage of circuit level gateway compared to an application level firewall is, it is:

Easier to maintain

More difficult to maintain

More secure

Slower

Explanation:

Answer: (a) Since circuit level gateways are not as high in the OSI model for the inspection as Application level firewalls, they are easier to maintain and configure.

42. Which one is not implemented at the Internet layer of the TCP/IP protocol model?

User datagram protocol (UDP)

Internet protocol (IP)

Address resolution protocol (ARP)

Internet control message protocol (ICMP)

Explanation:

Answer: (a) UDP is not implemented at Internet layer of TCP/IP model, it is implemented at Host-to-Host layer.

43. Which of the following is true about network sniffers?

Sniffers alter the source address of a computer to disguise

Sniffers allow an attacker to monitor data passing across a network.

Sniffers blocks network connections.

Sniffers send IP fragments to a system that overlap with each other

Explanation:

Answer: (b) Sniffing is the action of capture / monitor the data passing across a network

44. How a subject gets access to an object in Multi-Level Security Policy?

The subject's sensitivity label must dominate the object's sensitivity label.

The subject's sensitivity label subordinates the object's sensitivity label.

The subject's sensitivity label is subordinated by the object's sensitivity label.

The subject's sensitivity label is dominated by the object's sensitivity label

Explanation:

Answer: (a) If a user's sensitivity label is greater than or equal to the sensitivity label of the object, he is allowed access to the object, otherwise, he is denied access

45. A contingency plan should address which of the following?

Potential risks

Residual risks

Identified risks

All of the above

Explanation:

Answer: (b) A contingency plan should address Residual Risk plan to minimize business impact when you are in a downtime situation. The identified Risks and the Potential Risks are not identified there, they are identified earlier.

46. Which of the following statements is not true about Application Control?

It limits end users of applications in such a way that only particular screens are visible.

Is non-transparent to the endpoint applications so changes are needed to the applications involved

Particular uses of the application can be recorded for audit purposes.

Only specific records can be requested choice