Escolar Documentos
Profissional Documentos
Cultura Documentos
Disclaimer
Neither this guide nor any material in this guide is sponsored, endorsed or affiliated with any of the
respective vendor. All trademarks are properties of their respective owners.
Guarantee
If you study this guide properly and still unable to pass the exam, please send us a scanned copy of
your official score at: refund@techeXams.ws. We will happily reimburse the cost of this study guide
or send you an exchange of study guide of your choice free of cost.
Feedback
If you find any possible improvement, then please do let us know. We are always interested in
improving the quality of this product. Feedback can be send at: feedback@techeXams.ws
Copyright
techXams holds the copyright of this material. techXams grants you a limited license to view and
study this material, either for personal or commercial use. Unauthorized reproduction or distribution
of this material, or any portion thereof, may result in severe civil and criminal penalties, and will be
prosecuted to the maximum extent possible under law.
1
Copyright www.techeXams.ws 2008
Question: 1.
Answer: B
Explanation:
Procedures are looked at as the lowest level in the policy chain because they are closest to the
computers and provide detailed steps for configuration and installation issues. They provide the
steps to actually implement the statements in the policies, standards, and guidelines...Security
procedures, standards, measures, practices, and policies cover a number of different subject areas. Shon Harris All-in-one CISSP Certification Guide pg 44-45
Question: 2.
Which one of the following actions should be taken FIRST after a fire has been detected?
A. Turn off power to the computers
B. Call the fire department
C. Notify management
D. Evacuate all personnel
Answer: D
Explanation:
Protection of life is of the utmost importance and should be dealt with first before looking to save
material objects. Shon Harris All-in-one CISSP Certification Guide pg 625
Question: 3.
Which one of the following is the Open Systems Interconnection (OSI) protocol for
message handling?
A. X.25
B. X.400
C. X.500
D. X.509
2
Practice Exams, Printable, Audio Trainings, Study Guides
Explanation:
An ISO and ITU standard for addressing and transporting e-mail messages. It conforms to layer 7 of
the OSI model and supports several types of transport mechanisms, including Ethernet, X.25, TCP/IP,
and dial-up lines. - http://www.webopedia.com/TERM/X/X_400.html
Question: 4.
Explanation:
Which of the following is a weakness of both statistical anomaly detection and pattern
matching?
Answer: B
Digital signature users register their public keys with a certification authority, which
distributes a certificate containing the user's public key and digital signature of the
certification authority. In create the certificate, the user's public key and the validity
period are combined with what other information before computing the digital signature?
A. Certificate issuer and the Digital Signature Algorithm identifier
B. User's private key and the identifier of the master key code
C. Name of secure channel and the identifier of the protocol type
D. Key authorization and identifier of key distribution center
3
Copyright www.techeXams.ws 2008
Explanation:
Question: 6.
The key word is 'In create the certificate.." Certificates Certificates that conform to X.509 contain the
following data: Version of X.509 to which the certificate conforms; Serial number (from the
certificate creator); Signature algorithm identifier (specifies the technique used by the certificate
authority to digitally sign the contends of the certificate); Issuer name (identification of the
certificate authority that issues the certificate) Validity perido (specifies the dates and times - a
starting date and time and an ending date and time - during which the certificate is valued);
Subject's name (contains the distinguished name, or DN, of the entity that owns the public key
contained in the certificate); Subject's public key (the meat of the certificate - the actual public key
of the certificate owner used to setup secure communications) pg 343-344 CISSP Study Guide by title
Explanation:
Answer: B
Macro Languages enable programmers to edit, delete, and copy files. Because these languages are
so easy to use, many more types of macro viruses are possible. - Shon Harris All-in-one CISSP
Certification Guide pg 785
Question: 7.
4
Copyright www.techeXams.ws 2008
Explanation:
Auditing capabilities ensure that users are accountable for their actions, verify that the security
policies are enforced, worked as a deterrent to improper actions, and are used as investigation tools.
- Shon Harris Allin- one CISSP Certification Guide pg 182
Question: 8.
Which one of the following is concerned with masking the frequency, length, and origindestination patterns of the communications between protocol entities?
Explanation:
A. Masking analysis
B. Protocol analysis
C. Traffic analysis
D. Pattern analysis
Answer: C
Traffic analysis, which is sometimes called trend analysis, is a technique employed by an intruder
that involves analyzing data characteristics (message length, message frequency, and so forth) and
the patterns of transmissions (rather than any knowledge of the actual information transmitted) to
infer information that is useful to an intruder) . -Ronald Krutz The CISSP PREP Guide (gold edition) pg
323
Question: 9.
Answer: B
5
Copyright www.techeXams.ws 2008
Explanation:
Emanation eavesdropping. Receipt and display of information, which is resident on computers or
terminals, through the interception of radio frequency (RF) signals generated by those computers or
terminals. The U.S. government established a program called TEMPEST that addressed this problem
by requiring a shielding and other emanation-reducing mechanisms to be employed on computers
processing sensitive and classified government information. . -Ronald Krutz The CISSP PREP Guide
(gold edition) pg 416
Question: 10.
Explanation:
Answer: D
All of the following are basic components of a security policy EXCEPT the
A. definition of the issue and statement of relevant terms.
B. statement of roles and responsibilities
C. statement of applicability and compliance requirements.
D. statement of performance of characteristics and requirements.
Answer: D
6
Copyright www.techeXams.ws 2008
Explanation:
Policies are considered the first and highest level of documentation, from which the lower level
elements of standards, procedures, and guidelines flow. This order, however, does not mean that
policies are more important than the lower elements. These higher-level policies, which are the
more general policies and statements, should be created first in the process for strategic reasons,
and then the more tactical elements can follow. -Ronald Krutz The CISSP PREP Guide (gold edition)
pg 13
Question: 12.
Explanation:
Answer: C
In addition to the CIA Triad, there is a plethora of other security-related concepts, principles, and
tenants that should be considered and addressed when designing a security policy and deploying a
security solution. This section discusses privacy, identification, authentication, authorization,
accountability, nonrepudiation, and auditing. Pg. 133 Tittel: CISSP Study Guide
Question: 13.
Why do vendors publish MD5 hash values when they provide software patches for their
customers to download from the Internet?
A. Recipients can verify the software's integrity after downloading.
B. Recipients can confirm the authenticity of the site from which they are downloading the
patch.
C. Recipients can request future updates to the software by using the assigned hash value.
D. Recipients need the hash value to successfully activate the new software.
Answer: A
7
Copyright www.techeXams.ws 2008
Explanation:
If the two values are different, Maureen knows that the message was altered, either intentionally or
unintentionally, and she discards the message...As stated in an earlier section, the goal of using a
one-way hash function is to provide a fingerprint of the message. MD5 is the newer version of MD4.
IT still produces a 128-bit hash, but the algorithm is a bit more complex to make it harder to break
than MD4. The MD5 added a fourth round of operations to be performed during the hash functions
and makes several of its mathematical operations carry steps or more complexity to provide a higher
level of security .
- Shon Harris All-in-one CISSP Certification Guide pg 182-185
Question: 14.
Which one of the following is NOT a requirement before a search warrant can be issued?
A. There is a probably cause that a crime has been committed.
B. There is an expectation that evidence exists of the crime.
C. There is probably cause to enter someone's home or business.
D. There is a written document detailing the anticipated evidence.
Explanation:
Answer: D
"If a computer crime is suspected, it is important not to alert the suspect. A preliminary investigation
should be conducted to determine weather a crime has been committed by examining the audit
records and system logs, interviewing witnesses, and assessing the damage incurred....Search
warrants are issued when there is a probable cause for the search and provide legal authorization to
search a location for specific evidence." -Ronald Krutz The CISSP PREP Guide (gold edition) pg 436
Question: 15.
8
Copyright www.techeXams.ws 2008
Answer: A
Explanation:
TBSEC provides guidelines to be used with evaluating a security product. The TBSEC guidelines
address basic security functionality and allow evaluators to measure and rate the functionality of a
system and how trustworthy it is. Functionality and assurance are combined and not separated, as in
criteria developed later. TCSEC guidelines can be used for evaluating vendor products or by vendors
to design necessary functionality into new products. CISSP Study Guide by Tittel pg.
413.
Question: 16.
Explanation:
Answer: A
A Integrity is dependent on confidentiality, which relies on data classification. Also Biba integrity
model relies on data classification. There are numerous countermeasures to ensure confidentiality
against possible threats. Theseinclude the use of encryption, network traffic padding, strict access
control, rigorousauthentication procedures, data classification, and extensive personnel
training.Confidentiality and integrity are dependent upon each other. Without object integrity,
confidentiality cannon be maintained. Other concepts, conditions, and aspects of confidentiality
include sensitivity, discretion, criticality, concealment, secrecy, privacy, seclusion, and isolation. Pg
145 Tittel: CISSP Study Guide. Biba Integrity Model Integrity is usually characterized by the three
following goals: 1.) The data is protected from modification by unauthorized users.2.) The data is
protected from unauthorized modification by authorized users. 3.) The data is internally and
externally consistent; the data held in a database must balance internally and correspond to the
external, real world situation. Pg. 277 Krutz: The CISSP Prep Guide: Gold Edition.
Question: 17.
9
Practice Exams, Printable, Audio Trainings, Study Guides
Answer: B
Explanation:
Accountability is another facet of access control. Individuals on a system are responsible for their
actions. This accountability property enables system activities to be traced to the proper individuals.
Accountability is supported by audit trails that record events on the system and on the network.
Audit trails can be used for intrusion detection and for the reconstruction of past events. -Ronald
Krutz The CISSP PREP Guide (gold edition) pg 65
Question: 18.
Which one of the following attacks is MOST effective against an Internet Protocol Security
(IPSEC) based virtual private network (VPN)?
A. Brute force
B. Man-in-the-middle
C. Traffic analysis
D. Replay
Explanation:
Answer: B
Active attacks find identities by being a man-in-the-middle or by replacing the responder in the
negotiation. The attacker proceeds through the key negotiation with the attackee until the attackee
has revealed its identity. In a well-designed system, the negotiation will fail after the attackee has
revealed its identity because the attacker cannot spoof the identity of the originally-intended
system. The attackee might then suspect that there was an attack because the other side failed
before it gave its identity. Therefore, an active attack cannot be persistent because it would prevent
all legitimate access to the desired IPsec system.
http://msgs.securepoint.com/cgi-bin/get/ipsec-0201/18.html
10
Copyright www.techeXams.ws 2008