CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide. Gibson Darril
Чтение книги онлайн.
Читать онлайн книгу CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide - Gibson Darril страница 6
D. Sending message packets to a recipient who did not request them simply to be annoying
5. At which layer of the OSI model does a router operate?
A. Network layer
B. Layer 1
C. Transport layer
D. Layer 5
6. Which type of firewall automatically adjusts its filtering rules based on the content of the traffic of existing sessions?
A. Static packet filtering
B. Application-level gateway
C. Circuit level gateway
D. Dynamic packet filtering
7. A VPN can be established over which of the following?
A. Wireless LAN connection
B. Remote access dial-up connection
C. WAN link
D. All of the above
8. What type of malware uses social engineering to trick a victim into installing it?
A. Viruses
B. Worms
C. Trojan horse
D. Logic bomb
9. The CIA Triad comprises what elements?
A. Contiguousness, interoperable, arranged
B. Authentication, authorization, accountability
C. Capable, available, integral
D. Availability, confidentiality, integrity
10. Which of the following is not a required component in the support of accountability?
A. Auditing
B. Privacy
C. Authentication
D. Authorization
11. Which of the following is not a defense against collusion?
A. Separation of duties
B. Restricted job responsibilities
C. Group user accounts
D. Job rotation
12. A data custodian is responsible for securing resources after ________________________ has assigned the resource a security label.
A. Senior management
B. Data owner
C. Auditor
D. Security staff
13. In what phase of the Capability Maturity Model for Software (SW-CMM) are quantitative measures utilized to gain a detailed understanding of the software development process?
A. Repeatable
B. Defined
C. Managed
D. Optimizing
14. Which one of the following is a layer of the ring protection scheme that is not normally implemented in practice?
A. Layer 0
B. Layer 1
C. Layer 3
D. Layer 4
15. What is the last phase of the TCP/IP three-way handshake sequence?
A. SYN packet
B. ACK packet
C. NAK packet
D. SYN/ACK packet
16. Which one of the following vulnerabilities would best be countered by adequate parameter checking?
A. Time of check to time of use
B. Buffer overflow
C. SYN flood
D. Distributed denial of service
17. What is the value of the logical operation shown here?
X: 0 1 1 0 1 0Y: 0 0 1 1 0 1_________________X ∨ Y: ?
A. 0 1 1 1 1 1
B. 0 1 1 0 1 0
C. 0 0 1 0 0 0
D. 0 0 1 1 0 1
18. In what type of cipher are the letters of the plain-text message rearranged to form the cipher text?
A. Substitution cipher
B. Block cipher
C. Transposition cipher
D. One-time pad
19. What is the length of a message digest produced by the MD5 algorithm?
A. 64 bits
B. 128 bits
C. 256 bits
D. 384 bits
20. If Renee receives a digitally signed message from Mike, what key does she use to verify that the message truly came from Mike?
A. Renee’s public key
B. Renee’s private key
C. Mike’s public key
D. Mike’s private key
21. Which of the following is not a composition theory related to security models?
A. Cascading
B. Feedback
C. Iterative
D. Hookup
22. The collection of components in the TCB that work together to implement reference monitor functions is called the ____________________.
A. Security perimeter
B. Security kernel
C. Access matrix
D. Constrained interface
23. Which of the following statements is true?
A. The less complex a system, the more vulnerabilities it has.
B. The more complex a system, the less assurance it provides.
C. The less complex a system, the less trust