CISSP

(Certified Information Systems Security Professional)

Total Questions: 1,375
Last Updated: Aug 18, 2008
Document version: 8.27.11

CISSP: Certified Information Systems Security Professional

Thanks for purchasing techXams Study Guide,

techXams CISSP study guide is a comprehensive compilation of questions and answers that have
been developed by our team of certified professionals. In order to prepare for the actual exam, all
you need is to study the content of this guide. An average of approximately 10 to 20 hours should be
spent to study this guide and you will surely pass your exam. Its our guarantee.

Disclaimer
Neither this guide nor any material in this guide is sponsored, endorsed or affiliated with any of the
respective vendor. All trademarks are properties of their respective owners.

Guarantee
If you study this guide properly and still unable to pass the exam, please send us a scanned copy of
your official score at: refund@techeXams.ws. We will happily reimburse the cost of this study guide
or send you an exchange of study guide of your choice free of cost.

Feedback
If you find any possible improvement, then please do let us know. We are always interested in
improving the quality of this product. Feedback can be send at: feedback@techeXams.ws

Copyright
techXams holds the copyright of this material. techXams grants you a limited license to view and
study this material, either for personal or commercial use. Unauthorized reproduction or distribution
of this material, or any portion thereof, may result in severe civil and criminal penalties, and will be
prosecuted to the maximum extent possible under law.

1
Copyright www.techeXams.ws 2008

Practice Exams, Printable, Audio Trainings, Study Guides

CISSP: Certified Information Systems Security Professional

Question: 1.

Ensuring the integrity of business information is the PRIMARY concern of

A. Encryption Security
B. Procedural Security.
C. Logical Security
D. On-line Security

Answer: B

Explanation:
Procedures are looked at as the lowest level in the policy chain because they are closest to the
computers and provide detailed steps for configuration and installation issues. They provide the
steps to actually implement the statements in the policies, standards, and guidelines...Security
procedures, standards, measures, practices, and policies cover a number of different subject areas. Shon Harris All-in-one CISSP Certification Guide pg 44-45
Question: 2.

Which one of the following actions should be taken FIRST after a fire has been detected?
A. Turn off power to the computers
B. Call the fire department
C. Notify management
D. Evacuate all personnel
Answer: D

Explanation:
Protection of life is of the utmost importance and should be dealt with first before looking to save
material objects. Shon Harris All-in-one CISSP Certification Guide pg 625
Question: 3.

Which one of the following is the Open Systems Interconnection (OSI) protocol for
message handling?
A. X.25
B. X.400
C. X.500
D. X.509

Copyright www.techeXams.ws 2008

2
Practice Exams, Printable, Audio Trainings, Study Guides

CISSP: Certified Information Systems Security Professional

Answer: B

Explanation:
An ISO and ITU standard for addressing and transporting e-mail messages. It conforms to layer 7 of
the OSI model and supports several types of transport mechanisms, including Ethernet, X.25, TCP/IP,
and dial-up lines. - http://www.webopedia.com/TERM/X/X_400.html
Question: 4.

A. Lack of ability to scale.

B. Lack of learning model.
C. Inability to run in real time.
D. Requirement to monitor every event.

Explanation:

CISSP Demo Exam

Which of the following is a weakness of both statistical anomaly detection and pattern
matching?

Answer: B

Disadvantages of Knowledge-based ID systems: This system is resources-intensive; the knowledge

database continually needs maintenance and updates New, unique, or original attacks often go
unnoticed. Disadvantages of Behavior-based ID systems: The system is characterized by high false
alarm rates. High positives are the most common failure of ID systems and can create data noise that
makes the system unusable. The activity and behavior of the users while in the networked system
might not be static enough to effectively implement a behavior-based ID system. -Ronald Krutz The
CISSP PREP Guide (gold edition) pg 88
Question: 5.

Digital signature users register their public keys with a certification authority, which
distributes a certificate containing the user's public key and digital signature of the
certification authority. In create the certificate, the user's public key and the validity
period are combined with what other information before computing the digital signature?
A. Certificate issuer and the Digital Signature Algorithm identifier
B. User's private key and the identifier of the master key code
C. Name of secure channel and the identifier of the protocol type
D. Key authorization and identifier of key distribution center

3
Copyright www.techeXams.ws 2008

Practice Exams, Printable, Audio Trainings, Study Guides

CISSP: Certified Information Systems Security Professional

Answer: A

Explanation:

Question: 6.

Why are macro viruses easy to write?

CISSP Demo Exam

The key word is 'In create the certificate.." Certificates Certificates that conform to X.509 contain the
following data: Version of X.509 to which the certificate conforms; Serial number (from the
certificate creator); Signature algorithm identifier (specifies the technique used by the certificate
authority to digitally sign the contends of the certificate); Issuer name (identification of the
certificate authority that issues the certificate) Validity perido (specifies the dates and times - a
starting date and time and an ending date and time - during which the certificate is valued);
Subject's name (contains the distinguished name, or DN, of the entity that owns the public key
contained in the certificate); Subject's public key (the meat of the certificate - the actual public key
of the certificate owner used to setup secure communications) pg 343-344 CISSP Study Guide by title

A. Active contents controls can make direct system calls

B. The underlying language is simple and intuitive to apply.
C. Only a few assembler instructions are needed to do damage.
D. Office templates are fully API compliant.

Explanation:

Answer: B

Macro Languages enable programmers to edit, delete, and copy files. Because these languages are
so easy to use, many more types of macro viruses are possible. - Shon Harris All-in-one CISSP
Certification Guide pg 785
Question: 7.

Tracing violations, or attempted violations of system security to the user responsible is a

function of
A. authentication
B. access management
C. integrity checking
D. accountability
Answer: D

4
Copyright www.techeXams.ws 2008

Practice Exams, Printable, Audio Trainings, Study Guides

CISSP: Certified Information Systems Security Professional

Explanation:
Auditing capabilities ensure that users are accountable for their actions, verify that the security
policies are enforced, worked as a deterrent to improper actions, and are used as investigation tools.
- Shon Harris Allin- one CISSP Certification Guide pg 182
Question: 8.

Which one of the following is concerned with masking the frequency, length, and origindestination patterns of the communications between protocol entities?

Explanation:

CISSP Demo Exam

A. Masking analysis
B. Protocol analysis
C. Traffic analysis
D. Pattern analysis

Answer: C

Traffic analysis, which is sometimes called trend analysis, is a technique employed by an intruder
that involves analyzing data characteristics (message length, message frequency, and so forth) and
the patterns of transmissions (rather than any knowledge of the actual information transmitted) to
infer information that is useful to an intruder) . -Ronald Krutz The CISSP PREP Guide (gold edition) pg
323
Question: 9.

In which situation would TEMPEST risks and technologies be of MOST interest?

A. Where high availability is vital.
B. Where the consequences of disclose are very high.
C. Where countermeasures are easy to implement
D. Where data base integrity is crucial

Answer: B

5
Copyright www.techeXams.ws 2008

Practice Exams, Printable, Audio Trainings, Study Guides

CISSP: Certified Information Systems Security Professional

Explanation:
Emanation eavesdropping. Receipt and display of information, which is resident on computers or
terminals, through the interception of radio frequency (RF) signals generated by those computers or
terminals. The U.S. government established a program called TEMPEST that addressed this problem
by requiring a shielding and other emanation-reducing mechanisms to be employed on computers
processing sensitive and classified government information. . -Ronald Krutz The CISSP PREP Guide
(gold edition) pg 416

Question: 10.

CISSP Demo Exam

In which state must a computer system operate to process input/output instructions?

A. User mode
B. Stateful inspection
C. Interprocess communication
D. Supervisor mode

Explanation:

Answer: D

A computer is in a supervisory state when it is executing these privileged instructions. (privileged

instructions are executed by the system administrator or by an individual who is authorized to use
those instructions.) . -Ronald Krutz The CISSP PREP Guide (gold edition) pg 254-255
Question: 11.

All of the following are basic components of a security policy EXCEPT the
A. definition of the issue and statement of relevant terms.
B. statement of roles and responsibilities
C. statement of applicability and compliance requirements.
D. statement of performance of characteristics and requirements.
Answer: D

6
Copyright www.techeXams.ws 2008

Practice Exams, Printable, Audio Trainings, Study Guides

CISSP: Certified Information Systems Security Professional

Explanation:
Policies are considered the first and highest level of documentation, from which the lower level
elements of standards, procedures, and guidelines flow. This order, however, does not mean that
policies are more important than the lower elements. These higher-level policies, which are the
more general policies and statements, should be created first in the process for strategic reasons,
and then the more tactical elements can follow. -Ronald Krutz The CISSP PREP Guide (gold edition)
pg 13
Question: 12.

CISSP Demo Exam

What set of principles is the basis for information systems controls?

A. Authentication, audit trails, and awareness briefings
B. Individual accountability, auditing, and separation of duties
C. Need to know, identification, and authenticity
D. Audit trails, limited tenure, and awareness briefings

Explanation:

Answer: C

In addition to the CIA Triad, there is a plethora of other security-related concepts, principles, and
tenants that should be considered and addressed when designing a security policy and deploying a
security solution. This section discusses privacy, identification, authentication, authorization,
accountability, nonrepudiation, and auditing. Pg. 133 Tittel: CISSP Study Guide
Question: 13.

Why do vendors publish MD5 hash values when they provide software patches for their
customers to download from the Internet?
A. Recipients can verify the software's integrity after downloading.
B. Recipients can confirm the authenticity of the site from which they are downloading the
patch.
C. Recipients can request future updates to the software by using the assigned hash value.
D. Recipients need the hash value to successfully activate the new software.

Answer: A

7
Copyright www.techeXams.ws 2008

Practice Exams, Printable, Audio Trainings, Study Guides

CISSP: Certified Information Systems Security Professional

Explanation:
If the two values are different, Maureen knows that the message was altered, either intentionally or
unintentionally, and she discards the message...As stated in an earlier section, the goal of using a
one-way hash function is to provide a fingerprint of the message. MD5 is the newer version of MD4.
IT still produces a 128-bit hash, but the algorithm is a bit more complex to make it harder to break
than MD4. The MD5 added a fourth round of operations to be performed during the hash functions
and makes several of its mathematical operations carry steps or more complexity to provide a higher
level of security .
- Shon Harris All-in-one CISSP Certification Guide pg 182-185
Question: 14.

CISSP Demo Exam

Which one of the following is NOT a requirement before a search warrant can be issued?
A. There is a probably cause that a crime has been committed.
B. There is an expectation that evidence exists of the crime.
C. There is probably cause to enter someone's home or business.
D. There is a written document detailing the anticipated evidence.

Explanation:

Answer: D

"If a computer crime is suspected, it is important not to alert the suspect. A preliminary investigation
should be conducted to determine weather a crime has been committed by examining the audit
records and system logs, interviewing witnesses, and assessing the damage incurred....Search
warrants are issued when there is a probable cause for the search and provide legal authorization to
search a location for specific evidence." -Ronald Krutz The CISSP PREP Guide (gold edition) pg 436

Question: 15.

The Trusted Computer Security Evaluation Criteria (TBSEC) provides

A. a basis for assessing the effectiveness of security controls built into automatic data-processing
system products
B. a system analysis and penetration technique where specifications and document for the
system are analyzed.
C. a formal static transition model of computer security policy that describes a set of access
Control rules.
D. a means of restricting access to objects based on the identity of subjects and groups to which
They belong.

8
Copyright www.techeXams.ws 2008

Practice Exams, Printable, Audio Trainings, Study Guides

CISSP: Certified Information Systems Security Professional

Answer: A

Explanation:
TBSEC provides guidelines to be used with evaluating a security product. The TBSEC guidelines
address basic security functionality and allow evaluators to measure and rate the functionality of a
system and how trustworthy it is. Functionality and assurance are combined and not separated, as in
criteria developed later. TCSEC guidelines can be used for evaluating vendor products or by vendors
to design necessary functionality into new products. CISSP Study Guide by Tittel pg.
413.

CISSP Demo Exam

Question: 16.

Which factor is critical in all systems to protect data integrity?

A. Data classification
B. Information ownership
C. Change control
D. System design

Explanation:

Answer: A

A Integrity is dependent on confidentiality, which relies on data classification. Also Biba integrity
model relies on data classification. There are numerous countermeasures to ensure confidentiality
against possible threats. Theseinclude the use of encryption, network traffic padding, strict access
control, rigorousauthentication procedures, data classification, and extensive personnel
training.Confidentiality and integrity are dependent upon each other. Without object integrity,
confidentiality cannon be maintained. Other concepts, conditions, and aspects of confidentiality
include sensitivity, discretion, criticality, concealment, secrecy, privacy, seclusion, and isolation. Pg
145 Tittel: CISSP Study Guide. Biba Integrity Model Integrity is usually characterized by the three
following goals: 1.) The data is protected from modification by unauthorized users.2.) The data is
protected from unauthorized modification by authorized users. 3.) The data is internally and
externally consistent; the data held in a database must balance internally and correspond to the
external, real world situation. Pg. 277 Krutz: The CISSP Prep Guide: Gold Edition.
Question: 17.

Audit trails based upon access and identification codes establish

A. intrustion detection thresholds
B. individual accontabbility
C. audit review critera
D. individual authentication

Copyright www.techeXams.ws 2008

9
Practice Exams, Printable, Audio Trainings, Study Guides

CISSP: Certified Information Systems Security Professional

Answer: B

Explanation:
Accountability is another facet of access control. Individuals on a system are responsible for their
actions. This accountability property enables system activities to be traced to the proper individuals.
Accountability is supported by audit trails that record events on the system and on the network.
Audit trails can be used for intrusion detection and for the reconstruction of past events. -Ronald
Krutz The CISSP PREP Guide (gold edition) pg 65
Question: 18.

CISSP Demo Exam

Which one of the following attacks is MOST effective against an Internet Protocol Security
(IPSEC) based virtual private network (VPN)?
A. Brute force
B. Man-in-the-middle
C. Traffic analysis
D. Replay

Explanation:

Answer: B

Active attacks find identities by being a man-in-the-middle or by replacing the responder in the
negotiation. The attacker proceeds through the key negotiation with the attackee until the attackee
has revealed its identity. In a well-designed system, the negotiation will fail after the attackee has
revealed its identity because the attacker cannot spoof the identity of the originally-intended
system. The attackee might then suspect that there was an attack because the other side failed
before it gave its identity. Therefore, an active attack cannot be persistent because it would prevent
all legitimate access to the desired IPsec system.
http://msgs.securepoint.com/cgi-bin/get/ipsec-0201/18.html

10
Copyright www.techeXams.ws 2008

Practice Exams, Printable, Audio Trainings, Study Guides