(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. Mike Chapple
Чтение книги онлайн.
Читать онлайн книгу (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide - Mike Chapple страница 34
Reader Support for This Book
How to Contact the Publisher
If you believe you've found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur.
In order to submit your possible errata, please email it to our Customer Service Team at [email protected]
with the subject line “Possible Book Errata Submission.”
Assessment Test
1 Which of the following types of access control seeks to discover evidence of unwanted, unauthorized, or illicit behavior or activity?PreventiveDeterrentDetectiveCorrective
2 Define and detail the aspects of password selection that distinguish good password choices from ultimately poor password choices.Is difficult to guess or unpredictableMeets minimum length requirementsMeets specific complexity requirementsAll of the above
3 Some adversaries use DoS attacks as their primary weapon to harm targets, whereas others may use them as weapons of last resort when all other attempts to intrude on a target fail. Which of the following is most likely to detect DoS attacks?Host-based IDSNetwork-based IDSVulnerability scannerPenetration testing
4 Unfortunately, attackers have many options of attacks to perform against their targets. Which of the following is considered a denial-of-service (DoS) attack?Pretending to be a technical manager over the phone and asking a receptionist to change their passwordWhile surfing the web, sending to a web server a malformed URL that causes the system to consume 100 percent of the CPUIntercepting network traffic by copying the packets as they pass through a specific subnetSending message packets to a recipient who did not request them, simply to be annoying
5 Hardware networking devices operate within the protocol stack just like protocols themselves. Thus, hardware networking devices can be associated with an OSI model layer related to the protocols they manage or control. At which layer of the